nowbuy.vip Open in urlscan Pro
104.18.24.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nowbuy.vip/
Submission: On April 28 via api (April 28th 2024, 11:52:27 am UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 74 HTTP transactions. The main IP is 104.18.24.121, located in and belongs to CLOUDFLARENET, US. The main domain is nowbuy.vip.
TLS certificate: Issued by GTS CA 1P5 on April 28th 2024. Valid for: 3 months.

This is the only time nowbuy.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	104.18.24.121 104.18.24.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	104.18.169.76 104.18.169.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:223... 2600:9000:223d:7c00:10:e2c1:6ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2600:9000:26e... 2600:9000:26e8:8e00:1e:4a65:6f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:272... 2600:9000:2724:1600:f:6577:d340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:275... 2600:9000:275d:6600:16:41f9:b9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:206... 2600:9000:206f:8400:2:3755:280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	47.251.41.24 47.251.41.24	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	47.89.246.123 47.89.246.123	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
2	2600:9000:266... 2600:9000:266e:8400:16:9386:7d40:93a1	16509 (AMAZON-02) (AMAZON-02)
74	15

14 104.18.24.121 (None, )

ASN13335 (CLOUDFLARENET, US)

nowbuy.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 104.18.169.76 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.staticsoe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:223d:7c00:10:e2c1:6ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

wzstatic1.streamoptim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dkov91l6wait7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:26e8:8e00:1e:4a65:6f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.salesmartly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2724:1600:f:6577:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.salesmartly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275d:6600:16:41f9:b9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

srz.salesmartly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8400:2:3755:280:93a1 (United States)

ASN16509 (AMAZON-02, US)

dxrcssgvbj18q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.251.41.24 (Santa Clara, United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

exit.streamoptim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.89.246.123 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

sl.streamhub.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:266e:8400:16:9386:7d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

msg.salesmartly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	staticsoe.com cdn.staticsoe.com — Cisco Umbrella Rank: 235358	1 MB
17	salesmartly.com assets.salesmartly.com — Cisco Umbrella Rank: 146403 api.salesmartly.com — Cisco Umbrella Rank: 141790 srz.salesmartly.com — Cisco Umbrella Rank: 149906 msg.salesmartly.com — Cisco Umbrella Rank: 110639	298 KB
14	nowbuy.vip nowbuy.vip	505 KB
5	cloudfront.net dkov91l6wait7.cloudfront.net dxrcssgvbj18q.cloudfront.net	193 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	70 KB
2	streamoptim.com wzstatic1.streamoptim.com — Cisco Umbrella Rank: 215236 exit.streamoptim.com — Cisco Umbrella Rank: 119712	23 KB
1	streamhub.tech sl.streamhub.tech — Cisco Umbrella Rank: 93703	212 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	273 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1153	19 KB
74	10

	Domain	Requested by
30	cdn.staticsoe.com	nowbuy.vip
14	nowbuy.vip	nowbuy.vip cdn.staticsoe.com
11	assets.salesmartly.com	nowbuy.vip assets.salesmartly.com
4	dkov91l6wait7.cloudfront.net	wzstatic1.streamoptim.com dkov91l6wait7.cloudfront.net
3	api.salesmartly.com	assets.salesmartly.com
2	msg.salesmartly.com	assets.salesmartly.com
2	connect.facebook.net	nowbuy.vip connect.facebook.net
1	sl.streamhub.tech	dkov91l6wait7.cloudfront.net
1	exit.streamoptim.com	dkov91l6wait7.cloudfront.net
1	fonts.googleapis.com	dkov91l6wait7.cloudfront.net
1	dxrcssgvbj18q.cloudfront.net	dkov91l6wait7.cloudfront.net
1	www.facebook.com	nowbuy.vip
1	srz.salesmartly.com	assets.salesmartly.com
1	sc-static.net	nowbuy.vip
1	wzstatic1.streamoptim.com	nowbuy.vip
74	15

This site contains links to these domains. Also see Links.

Domain
wyk005.oemsaas.shop

Subject Issuer	Validity	Valid
nowbuy.vip GTS CA 1P5	`2024-04-28` - `2024-07-27`	3 months	crt.sh
cdn.staticsoe.com Cloudflare Inc ECC CA-3	`2024-02-14` - `2024-12-31`	a year	crt.sh
*.streamoptim.com Xcc Trust DV SSL CA	`2024-01-23` - `2025-01-22`	a year	crt.sh
*.salesmartly.com Amazon RSA 2048 M02	`2023-06-20` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-05` - `2024-05-05`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.streamhub.tech RapidSSL TLS RSA CA G1	`2023-08-04` - `2024-08-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://nowbuy.vip/
Frame ID: 15516913635806CD920354A5083EA7E5
Requests: 61 HTTP requests in this frame

Frame: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.4a8deadd.css
Frame ID: B65593BAA6B54B40285F45C1A6075EE2
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Luxury Watch

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

74
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

15
Subdomains

15
IPs

3
Countries

2612 kB
Transfer

5898 kB
Size

28
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wyk005.oemsaas.shop/products/lady-datejust-28-white-gold-fluted-bezel-women-s-watch-279174-0021?preview=1
Title: READ MORE

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nowbuy.vip/ 417 KB
67 KB 521ms
471ms Document
text/html 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2839f952e3e0b8e33972b1532619728665986fb64366824254914f1cc249c057

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87b6d874fa3830c4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 28 Apr 2024 11:52:20 GMT
execution-time: 0.2623949051
server: cloudflare
vary: Accept-Encoding

GET
H2 200 collect.js Show response
cdn.staticsoe.com/uploads/0/theme/default/assets/ 27 KB
7 KB 726ms
39ms Script
application/javascript 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f2c27fd8ce921c5c8663ea491139714306effb9f081505dc5bd09b1de7ce568

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
x-oss-request-id: 6626A76B1F5247373076A308
cf-cache-status: HIT
content-md5: lq/YrpM6Zo89rya9lbyVpg==
age: 63860
x-oss-object-type: Normal
last-modified: Mon, 22 Apr 2024 09:21:07 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=691200
x-oss-storage-class: Standard
cf-ray: 87b6d87c5cd29a30-FRA
x-oss-hash-crc64ecma: 16609357670485251830
x-oss-server-time: 2
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 public.js Show response
cdn.staticsoe.com/uploads/0/theme/default/public_assets/ 472 KB
143 KB 735ms
49ms Script
application/javascript 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=71c0438239751db436225f769d15d2bd
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a788760495c7ece61909c6549604215f3bd80e22b567a160b73c40e389a5320

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
x-oss-request-id: 66262C03D31A233630426481
cf-cache-status: HIT
content-md5: O4yy0ajs8AvErbR17Mypfw==
age: 9050
x-oss-object-type: Normal
last-modified: Mon, 22 Apr 2024 09:21:07 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=691200
x-oss-storage-class: Standard
cf-ray: 87b6d87c5cd39a30-FRA
x-oss-hash-crc64ecma: 13733871732335455998
x-oss-server-time: 9
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 theme.css
cdn.staticsoe.com/uploads/0/theme/default/assets/ 108 KB
18 KB 723ms
37ms Stylesheet
text/css 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/theme.css?v=66eda0dd6672bd051feb0d39b9f9197e
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccfdc21df473396a2dd78496fd4c04b5703ab0f516959898c75cdeb668c2c97f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
x-oss-request-id: 66275B1D342C4830329EA93F
cf-cache-status: HIT
content-md5: Zu2g3WZyvQUf6w05ufkZfg==
age: 17843
x-oss-object-type: Normal
last-modified: Mon, 22 Apr 2024 09:21:07 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=691200
x-oss-storage-class: Standard
cf-ray: 87b6d87c5ccf9a30-FRA
x-oss-hash-crc64ecma: 3603105492076268374
x-oss-server-time: 1
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 account.css
cdn.staticsoe.com/uploads/0/theme/default/assets/ 29 KB
5 KB 720ms
34ms Stylesheet
text/css 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/account.css?v=6e42f66bb2c79e42cb37829c9e93d71c
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8d393b0d70a302d6621feeca6c0d0c4773574c4cb92e83c21f9da6c2692be2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
x-oss-request-id: 6626A123D5610439397F07C1
cf-cache-status: HIT
content-md5: bkL2a7LHnkLLN4KcnpPXHA==
age: 65465
x-oss-object-type: Normal
last-modified: Mon, 22 Apr 2024 09:21:07 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=691200
x-oss-storage-class: Standard
cf-ray: 87b6d87c5cd19a30-FRA
x-oss-hash-crc64ecma: 2072138067842434010
x-oss-server-time: 1
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 vendor.css
cdn.staticsoe.com/uploads/0/theme/default/assets/ 73 KB
8 KB 722ms
36ms Stylesheet
text/css 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/vendor.css?v=8bf6ee9d0cb37ac6af2ef2619c479347
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b40b0219d705f3ef33e5b2bea78e988251e4c00dfa9fa63e58c85cfa1fc8ff8d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
x-oss-request-id: 66275D73C3F2453438F7CF55
cf-cache-status: HIT
content-md5: i/bunQyzesavLvJhnEeTRw==
age: 17230
x-oss-object-type: Normal
last-modified: Mon, 22 Apr 2024 09:21:07 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=691200
x-oss-storage-class: Standard
cf-ray: 87b6d87c5ccc9a30-FRA
x-oss-hash-crc64ecma: 18289564630321224492
x-oss-server-time: 1
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 rauhg_theme.css
cdn.staticsoe.com/uploads/0/theme/rauhg/assets/ 18 KB
3 KB 721ms
35ms Stylesheet
text/css 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticsoe.com/uploads/0/theme/rauhg/assets/rauhg_theme.css?v=69f54b6ca03afa6c2534fe005be08f6c
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c201d1e85d97c9bcfcda3e016c0d6704e9e080bd3712a3c850078ccbc1b353f0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
x-oss-request-id: 65F1CBD6E2741F3835AC51B2
cf-cache-status: HIT
content-md5: afVLbKA6+mwlNP4AW+CPbA==
age: 59167
x-oss-object-type: Normal
last-modified: Wed, 21 Feb 2024 08:35:19 GMT
server: cloudflare
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=691200
x-oss-storage-class: Standard
cf-ray: 87b6d87c5cce9a30-FRA
x-oss-hash-crc64ecma: 7281734754056319422
x-oss-server-time: 1
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H3 200 index.js Show response
nowbuy.vip/app-assets/promotionbar/38727/ 142 KB
46 KB 654ms
654ms Script
application/javascript 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/app-assets/promotionbar/38727/index.js?var=1688698272
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 893330b3b998ec5da9098f7beda164879040f9304c15744bcaab47ca490e26b8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Origin: https://nowbuy.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
x-oss-request-id: 662E3875C4156C37387F62F5
cf-cache-status: MISS
content-md5: QXaGMnawGkajxbWCnLe9PQ==
content-disposition: attachment
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 02:16:57 GMT
server: cloudflare
access-control-max-age: 300
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, PUT, HEAD
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=691200
x-oss-force-download: true
x-oss-ec: 0048-00000113
x-oss-storage-class: Standard
cf-ray: 87b6d87ccd838ffe-FRA
x-oss-hash-crc64ecma: 14102999633718412349
x-oss-server-time: 2
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 email-decode.min.js Show response
nowbuy.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
851 B 22ms
21ms Script
application/javascript 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nowbuy.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: nowbuy.vip
URL: https://nowbuy.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
server: cloudflare
etag: W/"6622d9ef-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 87b6d8781e7e30c4-FRA
expires: Tue, 30 Apr 2024 11:52:20 GMT

GET
H2 200 banner_loading.png
cdn.staticsoe.com/uploads/0/theme/default/assets/ 23 KB
23 KB 23ms
22ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/banner_loading.png?v=7fe39bdcdcabdc30d14d1f99c308db2b
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a290c6c3053dc46eb4c6632cebcea32eea7da4274d3931d4c703f2ba6c916af7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
x-oss-request-id: 65F1D7AA7EA57838301CA12C
cf-cache-status: HIT
content-md5: f+Ob3Nyr3DDRTR+ZwwjbKw==
age: 67784
content-length: 23352
x-oss-object-type: Normal
last-modified: Wed, 13 Mar 2024 07:38:08 GMT
server: cloudflare
etag: "7FE39BDCDCABDC30D14D1F99C308DB2B"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d87c9cf79a30-FRA
x-oss-hash-crc64ecma: 7125506954030682244
x-oss-server-time: 1
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 empty_loading.png
cdn.staticsoe.com/uploads/0/theme/default/assets/ 7 KB
7 KB 39ms
36ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/empty_loading.png?v=51ba92483a4282450a82bd1e58a7b541
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 900803e3916a6a75d3c2e39f033ec970387de83a5b91385030e620fe7623d6ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
x-oss-request-id: 65F1C730CB42C43131C45BA1
cf-cache-status: HIT
content-md5: UbqSSDpCgkUKgr0eWKe1QQ==
age: 72533
content-length: 6857
x-oss-object-type: Normal
last-modified: Wed, 13 Mar 2024 07:38:08 GMT
server: cloudflare
etag: "51BA92483A4282450A82BD1E58A7B541"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d87ced489a30-FRA
x-oss-hash-crc64ecma: 12169997832694763196
x-oss-server-time: 2
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 empty.png
cdn.staticsoe.com/uploads/0/theme/default/assets/ 32 KB
32 KB 31ms
28ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/empty.png?v=8c5a3ab01981c42df5e31daee2e8b7b0
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3de53bb61298cfd17f183f97dacd2c672b34665cbbe778070232ced85386e1c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
x-oss-request-id: 65F2002F1F5247313280B312
cf-cache-status: HIT
content-md5: jFo6sBmBxC314x2u4ui3sA==
age: 44860
content-length: 32646
x-oss-object-type: Normal
last-modified: Wed, 13 Mar 2024 07:38:08 GMT
server: cloudflare
etag: "8C5A3AB01981C42DF5E31DAEE2E8B7B0"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d87ced4a9a30-FRA
x-oss-hash-crc64ecma: 9495326584285114797
x-oss-server-time: 2
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 de.png
cdn.staticsoe.com/statics/country/flag/ 340 B
525 B 28ms
25ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/statics/country/flag/de.png
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47623a9c24c0295022ecd3008db938481820cd4b0e888d8505d3941c2c4a93c3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
x-oss-request-id: 65F1EA61D7933C39393C288B
cf-cache-status: HIT
content-md5: me2QV1+ChEK5ZYUcFbg/Fw==
age: 60053
content-length: 340
x-oss-object-type: Normal
last-modified: Mon, 14 Feb 2022 07:59:56 GMT
server: cloudflare
etag: "99ED90575F828442B965851C15B83F17"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d87ced4b9a30-FRA
x-oss-hash-crc64ecma: 315894103756190534
x-oss-server-time: 0
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 us.png
cdn.staticsoe.com/statics/country/flag/ 3 KB
3 KB 28ms
26ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/statics/country/flag/us.png
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e59777cfa4ff01bd0745c8593f02df5191dde91959072b11b4977ad43b47a1fe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
x-oss-request-id: 65F1EA9ACB42C43439D8415A
cf-cache-status: HIT
content-md5: hxU67lDs15szPZaLai96Mg==
age: 60387
content-length: 2975
x-oss-object-type: Normal
last-modified: Mon, 14 Feb 2022 07:59:41 GMT
server: cloudflare
etag: "87153AEE50ECD79B333D968B6A2F7A32"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d87ced4c9a30-FRA
x-oss-hash-crc64ecma: 415753420148650867
x-oss-server-time: 5
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 gb.png
cdn.staticsoe.com/statics/country/flag/ 3 KB
4 KB 31ms
29ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/statics/country/flag/gb.png
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9e3ca3e921e5ce79c10c47df1cda247fb96eb70405ba7806dd07659daffe541

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
x-oss-request-id: 65F1EABB91795F373866B198
cf-cache-status: HIT
content-md5: L+9rwEgTSQAuLfgXVW2bKQ==
age: 58066
content-length: 3455
x-oss-object-type: Normal
last-modified: Mon, 14 Feb 2022 07:59:54 GMT
server: cloudflare
etag: "2FEF6BC0481349002E2DF817556D9B29"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d87ced4e9a30-FRA
x-oss-hash-crc64ecma: 15787166204615627603
x-oss-server-time: 3
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 rauhg_app.js Show response
cdn.staticsoe.com/uploads/0/theme/rauhg/assets/ 777 B
471 B 26ms
26ms Script
application/javascript 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticsoe.com/uploads/0/theme/rauhg/assets/rauhg_app.js?v=df382708ea0569132e52175f1cac962e
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87dd8e08e9907d39399028e5184d048510e1671498482081b0739941a11657a0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
x-oss-request-id: 660E62279979C73139E2A0FB
cf-cache-status: HIT
content-md5: 3zgnCOoFaRMuUhdfHKyWLg==
age: 59167
x-oss-object-type: Normal
last-modified: Wed, 21 Feb 2024 08:35:19 GMT
server: cloudflare
etag: W/"DF382708EA0569132E52175F1CAC962E"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=691200
x-oss-storage-class: Standard
cf-ray: 87b6d87c9cfa9a30-FRA
x-oss-hash-crc64ecma: 9098535613824991245
x-oss-server-time: 15
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 stream-oemsaas.js Show response
wzstatic1.streamoptim.com/ 70 KB
23 KB 144ms
8ms Script
application/javascript 2600:9000:223d:7c00:10:e2c1:6ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wzstatic1.streamoptim.com/stream-oemsaas.js?shop=wyk005.oemsaas.shop
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:7c00:10:e2c1:6ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8a2df36f3f8af6f55fd2dbc15f734a29084172d9e5c14154037ce66c49b537c0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 02:46:44 GMT
content-encoding: gzip
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
last-modified: Thu, 10 Aug 2023 06:28:21 GMT
x-amz-cf-pop: FRA56-P3
age: 32775
etag: "64d48385-11701"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: jTGb5YgIJM-X6y1GAD-Nx0HhBgxTWw0eCvVIYTcvsUaGPlKxi7PfDw==
service-worker-allowed: /

GET
H3 200 index.js Show response
nowbuy.vip/app-assets/countdown/38727/ 122 KB
40 KB 215ms
214ms Script
application/javascript 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/app-assets/countdown/38727/index.js?var=1674973220
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77514365c7060af8f09c36246d30dfa5549f57815d437bb7ec17d292dbdce09

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Origin: https://nowbuy.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
x-oss-request-id: 662E3875A60AFE33364D717B
cf-cache-status: MISS
content-md5: gElYPLGdgpDRfDc609fNmg==
content-disposition: attachment
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 02:16:52 GMT
server: cloudflare
access-control-max-age: 300
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, PUT, HEAD
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=691200
x-oss-force-download: true
x-oss-ec: 0048-00000113
x-oss-storage-class: Standard
cf-ray: 87b6d87ced9e8ffe-FRA
x-oss-hash-crc64ecma: 10024336030765187925
x-oss-server-time: 2
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H3 200 index.js Show response
nowbuy.vip/app-assets/googletranslate/38727/ 84 KB
31 KB 206ms
205ms Script
application/javascript 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/app-assets/googletranslate/38727/index.js?var=1675417301
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0883bf2d1ddb57c03be4daf051e16a10422fa2eadcda89c337945ace4021a4a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Origin: https://nowbuy.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
x-oss-request-id: 662E3875EEAC53393630C7AF
cf-cache-status: MISS
content-md5: VnXAF2jAXFNHQGs9KgL2BA==
content-disposition: attachment
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 02:16:55 GMT
server: cloudflare
access-control-max-age: 300
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, PUT, HEAD
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=691200
x-oss-force-download: true
x-oss-ec: 0048-00000113
x-oss-storage-class: Standard
cf-ray: 87b6d87ceda08ffe-FRA
x-oss-hash-crc64ecma: 7811993235509938208
x-oss-server-time: 2
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H3 200 index.js Show response
nowbuy.vip/app-assets/trusttool/38727/ 803 KB
263 KB 1416ms
1414ms Script
application/javascript 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/app-assets/trusttool/38727/index.js?var=1709620563
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f91a02e3500e30b53718616f84d135caf67104454e9b159500d6c8d76d9ef8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Origin: https://nowbuy.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:22 GMT
content-encoding: br
x-oss-request-id: 662E387675A8BB323946926A
cf-cache-status: MISS
content-md5: 8kic+0gbVhcrKnnOX2fKEA==
content-disposition: attachment
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 02:16:59 GMT
server: cloudflare
access-control-max-age: 300
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, PUT, HEAD
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=691200
x-oss-force-download: true
x-oss-ec: 0048-00000113
x-oss-storage-class: Standard
cf-ray: 87b6d87ceda28ffe-FRA
x-oss-hash-crc64ecma: 12648497442217042962
x-oss-server-time: 1
expires: Mon, 06 May 2024 11:52:22 GMT

GET
H2 200 project_48973_51270_1711783486.js Show response
assets.salesmartly.com/js/ 671 B
1 KB 169ms
11ms Script
application/javascript 2600:9000:26e8:8e00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/js/project_48973_51270_1711783486.js
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8e00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: f8cc58d4035610a5113bb8029ac24f4fd952fd3e8af248781d8b5faa71bd5280

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 06:25:42 GMT
via: 1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
x-oss-request-id: 662DEBE65ADBFC33340C7A3B
content-md5: ZDERitZEnD3J4v4NvBbCSQ==
x-amz-cf-pop: FRA56-P10
age: 19599
x-cache: Hit from cloudfront
content-length: 671
x-oss-object-type: Normal
last-modified: Sat, 30 Mar 2024 07:24:46 GMT
server: AliyunOSS
etag: "6431118AD6449C3DC9E2FE0DBC16C249"
content-type: application/javascript
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 16641297354049818441
x-amz-cf-id: J96gLMZU_Wxf4xZdhXuERupa6YP_mrZBuYYVX-t9NpVPRoV_5yJ1eA==
x-oss-server-time: 25

GET
H3 200 index.js Show response
nowbuy.vip/app-assets/popups/38727/ 213 KB
54 KB 507ms
506ms Script
application/javascript 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/app-assets/popups/38727/index.js?var=1714111939
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f987ac42681ecc4d7a9efd70d4ac9aea82d39584763c3b8c0f409c00bd4ce32

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Origin: https://nowbuy.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
x-oss-request-id: 662E38753CF52F39355C96C7
cf-cache-status: MISS
content-md5: flPOVbtbs9v9/iLpaKD/Bg==
content-disposition: attachment
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 02:16:56 GMT
server: cloudflare
access-control-max-age: 300
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, PUT, HEAD
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=691200
x-oss-force-download: true
x-oss-ec: 0048-00000113
x-oss-storage-class: Standard
cf-ray: 87b6d87ceda78ffe-FRA
x-oss-hash-crc64ecma: 9597630888869753725
x-oss-server-time: 2
expires: Mon, 06 May 2024 11:52:21 GMT

POST
H3 200 collect Show response
nowbuy.vip/homeapi/ 9 B
174 B 185ms
185ms Fetch
text/html 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/homeapi/collect
Requested by: Host: cdn.staticsoe.com
URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 587b05cd8d59f9820d2cf168b07d46b1519d12ee7a2f7062a2490da0a99ccb50

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

trace_id: 9C7F8553-37AF-F6D2-9C03-3C3250FDC7E1
date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=utf-8
cf-ray: 87b6d87cad638ffe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 142ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: nowbuy.vip
URL: https://nowbuy.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Apr 2024 11:52:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 0t1CQm5nAzVa10/F7o6CMRMpFiYz8SFm6HhG4w28z9/iuxX1Vdz90s4k3sipHn8NfQ7nwR3BRSOTQR+6B+X2gg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 facebook Show response
nowbuy.vip/homeapi/ 86 B
259 B 177ms
177ms Fetch
application/json 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/homeapi/facebook
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63e35e9bc3ad346c3a626f7f1a981f20f4264b8a341702fdc959b68c155a5f0b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
trace-id: E5B3C295-FBF4-AC4D-FD1F-B34D7EB91CF2
cf-ray: 87b6d87cad648ffe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 scevent.min.js Show response
sc-static.net/ 45 KB
19 KB 167ms
32ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: dac99c71e943d58b4fac29e7bed45da2fc55ceec4d6627ecce863dec95a520aa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
content-encoding: gzip
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 19396
x-amz-cf-id: aP-Vi5D2ExZRKF2Ypy8Gf5aO1i00aDbUyF5VdkenDeUMCTAXX2BdNg==

GET
H2 200 banner_loading.png
cdn.staticsoe.com/uploads/0/theme/default/assets/ 23 KB
0 0ms
0ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/banner_loading.png?v=7fe39bdcdcabdc30d14d1f99c308db2b
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a290c6c3053dc46eb4c6632cebcea32eea7da4274d3931d4c703f2ba6c916af7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
x-oss-request-id: 65F1D7AA7EA57838301CA12C
cf-cache-status: HIT
content-md5: f+Ob3Nyr3DDRTR+ZwwjbKw==
age: 67784
content-length: 23352
x-oss-object-type: Normal
last-modified: Wed, 13 Mar 2024 07:38:08 GMT
server: cloudflare
etag: "7FE39BDCDCABDC30D14D1F99C308DB2B"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d87c9cf79a30-FRA
x-oss-hash-crc64ecma: 7125506954030682244
x-oss-server-time: 1
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 empty_loading.png
cdn.staticsoe.com/uploads/0/theme/default/assets/ 7 KB
0 34ms
34ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/empty_loading.png?v=51ba92483a4282450a82bd1e58a7b541
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 900803e3916a6a75d3c2e39f033ec970387de83a5b91385030e620fe7623d6ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
x-oss-request-id: 65F1C730CB42C43131C45BA1
cf-cache-status: HIT
content-md5: UbqSSDpCgkUKgr0eWKe1QQ==
age: 72533
content-length: 6857
x-oss-object-type: Normal
last-modified: Wed, 13 Mar 2024 07:38:08 GMT
server: cloudflare
etag: "51BA92483A4282450A82BD1E58A7B541"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d87ced489a30-FRA
x-oss-hash-crc64ecma: 12169997832694763196
x-oss-server-time: 2
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 empty.png
cdn.staticsoe.com/uploads/0/theme/default/assets/ 32 KB
0 27ms
27ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/empty.png?v=8c5a3ab01981c42df5e31daee2e8b7b0
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3de53bb61298cfd17f183f97dacd2c672b34665cbbe778070232ced85386e1c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
x-oss-request-id: 65F2002F1F5247313280B312
cf-cache-status: HIT
content-md5: jFo6sBmBxC314x2u4ui3sA==
age: 44860
content-length: 32646
x-oss-object-type: Normal
last-modified: Wed, 13 Mar 2024 07:38:08 GMT
server: cloudflare
etag: "8C5A3AB01981C42DF5E31DAEE2E8B7B0"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d87ced4a9a30-FRA
x-oss-hash-crc64ecma: 9495326584285114797
x-oss-server-time: 2
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 de.png
cdn.staticsoe.com/statics/country/flag/ 340 B
0 16ms
16ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/statics/country/flag/de.png
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47623a9c24c0295022ecd3008db938481820cd4b0e888d8505d3941c2c4a93c3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
x-oss-request-id: 65F1EA61D7933C39393C288B
cf-cache-status: HIT
content-md5: me2QV1+ChEK5ZYUcFbg/Fw==
age: 60053
content-length: 340
x-oss-object-type: Normal
last-modified: Mon, 14 Feb 2022 07:59:56 GMT
server: cloudflare
etag: "99ED90575F828442B965851C15B83F17"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d87ced4b9a30-FRA
x-oss-hash-crc64ecma: 315894103756190534
x-oss-server-time: 0
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 us.png
cdn.staticsoe.com/statics/country/flag/ 3 KB
0 17ms
17ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/statics/country/flag/us.png
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e59777cfa4ff01bd0745c8593f02df5191dde91959072b11b4977ad43b47a1fe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
x-oss-request-id: 65F1EA9ACB42C43439D8415A
cf-cache-status: HIT
content-md5: hxU67lDs15szPZaLai96Mg==
age: 60387
content-length: 2975
x-oss-object-type: Normal
last-modified: Mon, 14 Feb 2022 07:59:41 GMT
server: cloudflare
etag: "87153AEE50ECD79B333D968B6A2F7A32"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d87ced4c9a30-FRA
x-oss-hash-crc64ecma: 415753420148650867
x-oss-server-time: 5
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H2 200 install.js Show response
assets.salesmartly.com/chat/widget/code/ 18 KB
7 KB 7ms
7ms Script
application/javascript 2600:9000:26e8:8e00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/install.js
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/js/project_48973_51270_1711783486.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8e00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: a26d2e4c7a626e5ae8f51ba893a100e0d8377c51061f6bc82aa2fb3e3e2fa2d2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:50:44 GMT
content-encoding: gzip
via: 1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
x-oss-request-id: 662E20A3108AF53037C9E4D6
content-md5: eq3rsLc5e++LpKZYW60Y7A==
x-amz-cf-pop: FRA56-P10
age: 98
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 06:16:59 GMT
server: AliyunOSS
etag: "7AADEBB0B7397BEF8BA4A6585BAD18EC"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 900267807820287146
x-amz-cf-id: budg6WcRi2Z_PvlO-jXAGrsVM9agNOxOsmKsIbl2d_4hXSfHQnvn0Q==
x-oss-server-time: 4

GET
H2 200 chunk-common.4a8deadd.css
assets.salesmartly.com/chat/widget/code/css/ Frame B655 3 KB
2 KB 12ms
8ms Stylesheet
text/css 2600:9000:26e8:8e00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.4a8deadd.css
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8e00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 287d0fff479c78312e352fb87181ad387ffd1e9854db9df31c1c1dd79644bc81

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 06:20:43 GMT
content-encoding: gzip
via: 1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
x-oss-request-id: 662DEABB22435B363560994F
content-md5: bgqyeofbfIR/iuO40kb6Mw==
x-amz-cf-pop: FRA56-P10
age: 19898
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 06:16:59 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 7907146063831177720
x-amz-cf-id: qUufHRnGluVhtJDRI-MtL3b6OS9AlbRbSrVRNYXaE97Z4Bc2IF73iQ==
x-oss-server-time: 18

GET
H2 200 plugin.83332c78.css
assets.salesmartly.com/chat/widget/code/css/ Frame B655 59 KB
12 KB 13ms
9ms Stylesheet
text/css 2600:9000:26e8:8e00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/css/plugin.83332c78.css
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8e00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d6dbd8ae0aca9ed7f0d630ad2b1c9fa176397c10737518113261a779328f9315

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 06:20:43 GMT
content-encoding: gzip
via: 1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
x-oss-request-id: 662DEABB5ADBFC3837217D32
content-md5: /HuxwImBMlLm4eaefeAw7A==
x-amz-cf-pop: FRA56-P10
age: 19898
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 06:16:59 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 364383543879060822
x-amz-cf-id: -ZjYUqDPwdfbp1rDs1XXVQ3hvheFDrDodm6nxr28jZnPipaegUfrXQ==
x-oss-server-time: 9

GET
H2 200 chunk-common.693723f4.js Show response
assets.salesmartly.com/chat/widget/code/js/ Frame B655 18 KB
7 KB 14ms
10ms Script
application/javascript 2600:9000:26e8:8e00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/js/chunk-common.693723f4.js
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8e00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 54e346c13852ce82961745a6fe3f4fcc1beb4d52f545d1e119e76a5a4b9176f4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 06:20:43 GMT
content-encoding: gzip
via: 1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
x-oss-request-id: 662DEABB22435B303199964F
content-md5: yjTl9P34ZbWP9XRt95G5UQ==
x-amz-cf-pop: FRA56-P10
age: 19898
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 06:16:59 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 4169634081889841375
x-amz-cf-id: dmbdBTCt4M5KszGgKFPg5cOe5Dhy4C10VNn1BbQiKZvd10_VYKGZOg==
x-oss-server-time: 26

GET
H2 200 chunk-vendors.0877c208.js Show response
assets.salesmartly.com/chat/widget/code/js/ Frame B655 179 KB
62 KB 16ms
12ms Script
application/javascript 2600:9000:26e8:8e00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/js/chunk-vendors.0877c208.js
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8e00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: de5f4949d34c123186b26e7b16ac7a76408e677e00380b2366b3f6553061594e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 06:20:43 GMT
content-encoding: gzip
via: 1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
x-oss-request-id: 662DEABB81BDAB35358EBDA5
content-md5: ST8+i9YFm7sXjYsqRD8X5g==
x-amz-cf-pop: FRA56-P10
age: 19898
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 06:16:59 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 687972137012933462
x-amz-cf-id: wJckDp2dDyHfhTLrzp-gLOyyX95AqgL-PBUgfTnJBA8xmbqws6NKmw==
x-oss-server-time: 18

GET
H2 200 vendor1_fd8e7641.js Show response
assets.salesmartly.com/chat/widget/code/js/ Frame B655 220 KB
77 KB 24ms
20ms Script
application/javascript 2600:9000:26e8:8e00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8e00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d13fa59865cd9ce916e46cae3593eeb17c011b5dd2880ca6a65846c2d4e5a9e2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 06:20:43 GMT
content-encoding: gzip
via: 1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
x-oss-request-id: 662DEABBED08FF36399E37BB
content-md5: YOHCRGf6GIUU2shKUsykFw==
x-amz-cf-pop: FRA56-P10
age: 19898
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 06:16:59 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 9671956606219813729
x-amz-cf-id: 79F8uTAdPKTx8Wk0Lb_DVWGsyjHBOZmKWggJWkCe-4jgga0YkApnvg==
x-oss-server-time: 26

GET
H2 206 ling.mp3
assets.salesmartly.com/sounds/ 46 KB
47 KB 34ms
33ms Media
audio/mpeg 2600:9000:26e8:8e00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/sounds/ling.mp3
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8e00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://nowbuy.vip/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 06:20:44 GMT
via: 1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
x-oss-request-id: 662DEABC4562B7393163E75F
content-md5: EGX+l2/56Y1pdy/g8Ne4CA==
x-amz-cf-pop: FRA56-P10
age: 19897
x-cache: Hit from cloudfront
Content-Range: bytes 0-47222/47223
Content-Length: 47223
x-oss-object-type: Normal
last-modified: Thu, 11 Jan 2024 09:22:49 GMT
server: AliyunOSS
etag: "1065FE976FF9E98D69772FE0F0D7B808"
content-type: audio/mpeg
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 11462808412005883106
x-amz-cf-id: EYD56DqMPggkMJzB5cPdWWP0CKkFukAr6HE_V8_Hnw63gfAA1veF6Q==
x-oss-server-time: 4

GET
H2 200 843433070092744 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 119ms
112ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/843433070092744?v=2.9.154&r=stable&domain=nowbuy.vip&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81861a30e8b0a191da5de2642b0cf3c73fa45d90452a29c0f972c3676f536122

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Apr 2024 11:52:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=64, mss=1326, tbw=63236, tp=-1, tpl=-1, uplat=103, ullat=0
pragma: public
x-fb-debug: sM3GJHSEnd1/MEzUcgEFNpCViGmOp4/gP9vtyhU5J7Nkmi8ShME0mHaOFvpQN1NF+HHYAMqD84aXnN/tzZt0DA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 plugin.cd520863.js Show response
assets.salesmartly.com/chat/widget/code/js/ Frame B655 239 KB
70 KB 10ms
10ms Script
application/javascript 2600:9000:26e8:8e00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/js/plugin.cd520863.js
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8e00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 41d9699cbf56e0a060cb0236a059db0c20b776b8df8aef1fa72bd9ab20ada45f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 06:20:43 GMT
content-encoding: gzip
via: 1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
x-oss-request-id: 662DEABBED08FF35322136BB
content-md5: /ml0con+faZIscWfGObivA==
x-amz-cf-pop: FRA56-P10
age: 19898
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 06:16:59 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 6805913222633761803
x-amz-cf-id: mkJgNlf93h8996-yMul9MqPB4cR4Lut_ozYMZJ3_SNl6xgn-UGRASw==
x-oss-server-time: 16

GET
H2 200 import-lang-de.9e26d678.js Show response
assets.salesmartly.com/chat/widget/code/js/ Frame B655 3 KB
2 KB 8ms
7ms Script
application/javascript 2600:9000:26e8:8e00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/js/import-lang-de.9e26d678.js
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/plugin.cd520863.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8e00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 09bf790e08a91bf067a13a33a601cbfcee3889027302e672a8b5f1e8fdfeafc7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 06:20:47 GMT
content-encoding: gzip
via: 1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
x-oss-request-id: 662DEABF72154E3635143016
content-md5: THV0O5pkjc1wgsupN8sT3g==
x-amz-cf-pop: FRA56-P10
age: 19894
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 06:16:59 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 10053072355185627740
x-amz-cf-id: D4jErONvDfZi_FfhyMECWc802YA461hN8kEu2Z0PHFIQ34zgfd_clg==
x-oss-server-time: 35

GET
H2 200 get-plugin-info Show response
api.salesmartly.com/sys/company/plugin/ Frame B655 2 KB
2 KB 250ms
207ms XHR
application/json 2600:9000:2724:1600:f:6577:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.salesmartly.com/sys/company/plugin/get-plugin-info?plugin_sign=5076ef5e1a752396309c722a4cc58c4b&plugin_id=f175lnp&over_time=&env=chat&_=1714305141556&_lt=&_u=
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:1600:f:6577:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / PHP/7.2.34
Resource Hash: 105cb46c3eadd700828fb841c1473dcd0371baf7449f0f6d6c1248850fe939ab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
via: 1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
x-powered-by: PHP/7.2.34
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://nowbuy.vip
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
x-amz-cf-id: Oe9oipZy3CTb4GSP77kioDs49vqDdeOt5JDVl23aibdKTeLRpz7U8Q==

POST
H2 200 log Show response
srz.salesmartly.com/client/log/ Frame B655 47 B
513 B 321ms
265ms XHR
application/json 2600:9000:275d:6600:16:41f9:b9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srz.salesmartly.com/client/log/log?plugin_sign=5ffc5ae45e611a1066e8b90d7584bdb3&plugin_id=f175lnp&over_time=&env=chat&_=1714305141569&_lt=&_u=
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6600:16:41f9:b9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / PHP/7.2.34
Resource Hash: 052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
via: 1.1 d025091c574ce1bcf1fefea59ac34f2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
x-powered-by: PHP/7.2.34
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://nowbuy.vip
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
x-amz-cf-id: _x2pxnhU3B7cgJ_Hcibw1RuI91AyE_kdEbXmJzi-XZSGRAwL6Eakfw==

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 25ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=843433070092744&ev=PageView&dl=https%3A%2F%2Fnowbuy.vip%2F&rl=&if=false&ts=1714305141586&cd[event_category]=index&sw=1600&sh=1200&ud[external_id]=bee7d94d86be4f0626ea7b209b0d4993&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714305141586.1729473272&ler=empty&cdl=API_unavailable&it=1714305141456&coo=false&eid=1714305141218.7448712.281139&tm=1&rqm=GET

Requested by

Host: nowbuy.vip
URL: https://nowbuy.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2761, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Apr 2024 11:52:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 iconfont.faf88971.woff2
assets.salesmartly.com/chat/widget/code/fonts/ Frame B655 7 KB
8 KB 50ms
0ms Font
font/woff2 2600:9000:26e8:8e00:1e:4a65:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salesmartly.com/chat/widget/code/fonts/iconfont.faf88971.woff2
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.4a8deadd.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:8e00:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 85b9453f4b51cb2db7bdc57ef65e9552d9939617bf25c80770859cbb218afb62

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.4a8deadd.css
Origin: https://nowbuy.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 06:20:44 GMT
via: 1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
x-oss-request-id: 662DEABC22435B3031E99D4F
content-md5: +viJcZMa23MsBOJcPBNMEg==
x-amz-cf-pop: FRA56-P10
age: 19897
x-cache: Hit from cloudfront
content-length: 7304
x-oss-object-type: Normal
last-modified: Sun, 28 Apr 2024 06:16:59 GMT
server: AliyunOSS
etag: "FAF88971931ADB732C04E25C3C134C12"
access-control-max-age: 600
access-control-allow-methods: GET, PUT, POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=15552000
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 5712133737948423078
x-amz-cf-id: 4Y3B-p-B34wXAbhQxS8g9BdIkgXRCExQ8i5pH0jmnKfWHG_e1QQh2Q==
x-oss-server-time: 5

POST
H2 200 create-user Show response
api.salesmartly.com/chat/msg-user/ Frame B655 157 B
621 B 260ms
243ms XHR
application/json 2600:9000:2724:1600:f:6577:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.salesmartly.com/chat/msg-user/create-user?plugin_sign=2f6e220c1499433c89d60617f2b0e0e1&plugin_id=f175lnp&over_time=&env=chat&_=1714305141866&_lt=&_u=
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:1600:f:6577:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / PHP/7.2.34
Resource Hash: 827926033e044f67910bde16b42b47d783d731bc0637eb515452ae91237d983d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:22 GMT
via: 1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
x-powered-by: PHP/7.2.34
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://nowbuy.vip
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
x-amz-cf-id: 2gMs9GhxOnjf2cGhcuWpLnElhAvPrix64FqoanicilZgAGFJD6YKVQ==

GET
H2 200 log.js Show response
dkov91l6wait7.cloudfront.net/ 23 KB
9 KB 82ms
7ms Script
application/javascript 2600:9000:223d:7c00:10:e2c1:6ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkov91l6wait7.cloudfront.net/log.js
Requested by: Host: wzstatic1.streamoptim.com
URL: https://wzstatic1.streamoptim.com/stream-oemsaas.js?shop=wyk005.oemsaas.shop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:7c00:10:e2c1:6ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 30d5580b9d1c7e33f9ce37c9f3ea26d62bcfa06f3e8617b957744ad83282b0dc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 02:40:06 GMT
content-encoding: gzip
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
last-modified: Wed, 20 Sep 2023 01:22:49 GMT
x-amz-cf-pop: FRA56-P3
age: 33135
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: VMYyYqprHt3CmKY0Gc8FkypAIYBHEQ4co6cQw_dLFsc6vktLSJmtqQ==
service-worker-allowed: /

GET
H2 200 stream-subscribe.js Show response
dkov91l6wait7.cloudfront.net/ 377 KB
88 KB 90ms
15ms Script
application/javascript 2600:9000:223d:7c00:10:e2c1:6ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkov91l6wait7.cloudfront.net/stream-subscribe.js
Requested by: Host: wzstatic1.streamoptim.com
URL: https://wzstatic1.streamoptim.com/stream-oemsaas.js?shop=wyk005.oemsaas.shop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:7c00:10:e2c1:6ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ca96f9ed6bfc2d3d639194067b163cf0a2469af9810546e491d2f2468f1ab623

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 02:40:07 GMT
content-encoding: gzip
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
last-modified: Fri, 26 Apr 2024 02:04:20 GMT
x-amz-cf-pop: FRA56-P3
age: 33134
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Jteiplw0XhRp-O049IcgyfYldYWOH3xS3-mZN5T0fhugCIU9oRl20w==
service-worker-allowed: /

GET
H2 200 fonts-style.css
dxrcssgvbj18q.cloudfront.net/stream/style/ 86 KB
38 KB 59ms
8ms Stylesheet
text/css 2600:9000:206f:8400:2:3755:280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dxrcssgvbj18q.cloudfront.net/stream/style/fonts-style.css
Requested by: Host: dkov91l6wait7.cloudfront.net
URL: https://dkov91l6wait7.cloudfront.net/stream-subscribe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8400:2:3755:280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 015f884821f06b02bed600100cb93f5435a9fddd0014472082eb191134404f90

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 06:18:07 GMT
content-encoding: gzip
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
x-oss-request-id: 662B471CC3F2453738AC993F
content-md5: 9h/+Bs66X1XZqOeOfipmdQ==
x-amz-cf-pop: FRA56-C1
age: 20055
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Thu, 24 Jun 2021 03:21:47 GMT
server: AliyunOSS
etag: "F61FFE06CEBA5F55D9A8E78E7E2A6675"
vary: Accept-Encoding
content-type: text/css
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 4707530008504402095
x-amz-cf-id: j9L5jquU5z4qdIL1iQgbb7cnNO_pUWLayL7urluMkxxI3f22WBaCAQ==
x-oss-server-time: 25

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
3 KB 140ms
55ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arial&family=Raleway&family=Castoro&family=Didact+Gothic&family=Roboto&family=Roboto+Condensed&family=PT+Sans+Narrow&family=Libre+Franklin&family=Futura&family=Lora&family=Open+Sans&family=EB+Garamond&family=Montserrat:wght@400;500;700;900&display=swap

Requested by

Host: dkov91l6wait7.cloudfront.net
URL: https://dkov91l6wait7.cloudfront.net/stream-subscribe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c00c8597743fe2aa8d00a40dc04c3330992301bc48079a0b670536bffdb4639b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 Apr 2024 11:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 Apr 2024 11:47:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Apr 2024 11:52:22 GMT

GET
H2 200 intlTelInput.css
dkov91l6wait7.cloudfront.net/intl-tel-input/ 22 KB
3 KB 15ms
15ms Stylesheet
text/css 2600:9000:223d:7c00:10:e2c1:6ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkov91l6wait7.cloudfront.net/intl-tel-input/intlTelInput.css
Requested by: Host: dkov91l6wait7.cloudfront.net
URL: https://dkov91l6wait7.cloudfront.net/stream-subscribe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:7c00:10:e2c1:6ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 870f8bf1b7383aa95fa51b6e9fcd6e1a9e8a8085ed57456a1bb822b13b9bfbb5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 02:40:05 GMT
content-encoding: gzip
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 08:39:39 GMT
x-amz-cf-pop: FRA56-P3
age: 33137
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: a6XpLQ59vHeGWx83rxTDniSo0fsQEKGKkj0_Kk_-rMXbyXi5AknosQ==
service-worker-allowed: /

GET
H2 200 utils.js Show response
dkov91l6wait7.cloudfront.net/intl-tel-input/ 245 KB
56 KB 17ms
16ms Script
application/javascript 2600:9000:223d:7c00:10:e2c1:6ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dkov91l6wait7.cloudfront.net/intl-tel-input/utils.js
Requested by: Host: dkov91l6wait7.cloudfront.net
URL: https://dkov91l6wait7.cloudfront.net/stream-subscribe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:7c00:10:e2c1:6ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2c70f3d32d8ed2924ff688ad77a9b8f65663a433b5b0e5f4ba38879956961652

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 02:52:25 GMT
content-encoding: gzip
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 08:32:36 GMT
x-amz-cf-pop: FRA56-P3
age: 32397
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Mzgu6lYbQLgPcb7PP16-MkojCLEmjlS2kEdjCo8wOI0L-NKcdBzicQ==
service-worker-allowed: /

GET
H2 200 shop-config Show response
exit.streamoptim.com/notify/ 42 B
235 B 552ms
194ms XHR
application/json 47.251.41.24
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://exit.streamoptim.com/notify/shop-config?shop=wyk005.oemsaas.shop&domain=nowbuy.vip&ukey=7al01jk2x562&language=de-DE
Requested by: Host: dkov91l6wait7.cloudfront.net
URL: https://dkov91l6wait7.cloudfront.net/stream-subscribe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.251.41.24 Santa Clara, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: / PHP/7.3.3
Resource Hash: 173be8d93e0be139ac090dc9a1923a0e76b71eaaec14d34f224209a24ecf90c6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://nowbuy.vip
date: Sun, 28 Apr 2024 11:52:22 GMT
access-control-expose-headers: X-Redirect
access-control-allow-credentials: true
x-powered-by: PHP/7.3.3
content-type: application/json; charset=UTF-8

POST
H2 200 report
sl.streamhub.tech/log/ 0
212 B 1114ms
185ms Ping
text/html 47.89.246.123
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://sl.streamhub.tech/log/report?p=%7B%22uuid%22%3A%22%22%2C%22ukey%22%3A%227al01jk2x562%22%2C%22rand%22%3A1714305142035%2C%22browser_time%22%3A%222024-04-28%2013%3A52%3A22%22%2C%22timezone%22%3A2%2C%22language%22%3A%22de%22%2C%22stream_msg_num%22%3A%22%22%2C%22stream_msg_landing%22%3A%22%22%2C%22is_sub%22%3A%22%22%2C%22from_stream_lp%22%3Afalse%2C%22event%22%3A%22visit%22%2C%22option%22%3A%7B%22url%22%3A%22https%3A%2F%2Fnowbuy.vip%2F%22%2C%22visit_type%22%3A%22page-landing%22%7D%7D
Requested by: Host: dkov91l6wait7.cloudfront.net
URL: https://dkov91l6wait7.cloudfront.net/log.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.89.246.123 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: / PHP/7.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://nowbuy.vip
date: Sun, 28 Apr 2024 11:52:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
x-powered-by: PHP/7.3.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 200 trigger Show response
msg.salesmartly.com/chat/chat-auto/user/ Frame B655 49 B
482 B 264ms
214ms XHR
application/json 2600:9000:266e:8400:16:9386:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msg.salesmartly.com/chat/chat-auto/user/trigger?login_token=fe1cea9f811855504ef60042c60c7884&chat_user_id=00d6fc148ff9a5b128bd0e155cd85a65&plugin_sign=6a09294cfad91aadb48bdfcbed47b1f4&plugin_id=f175lnp&over_time=&env=chat&_=1714305142146&_lt=fe1cea9f811855504ef60042c60c7884&_u=
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:8400:16:9386:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d817b79090a73b71e09ad6e2daa2c137408a7cfb7916aef50da18a1b1b0229f0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:22 GMT
content-encoding: gzip
via: 1.1 64c8688da1fd73389eb91af90ae83792.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://nowbuy.vip
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept
content-length: 67
x-amz-cf-id: xGxrkQrRjoc04sHiuYZN6cATZit3hcZPDqQEMvnOJNc6CM8i6wIqlw==

GET
H2 200 unread-msg-list Show response
msg.salesmartly.com/chat/chat-msg/ Frame B655 66 B
497 B 351ms
302ms XHR
application/json 2600:9000:266e:8400:16:9386:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msg.salesmartly.com/chat/chat-msg/unread-msg-list?login_token=fe1cea9f811855504ef60042c60c7884&chat_user_id=00d6fc148ff9a5b128bd0e155cd85a65&plugin_id=f175lnp&over_time=&env=chat&_=1714305142148&_lt=fe1cea9f811855504ef60042c60c7884&_u=
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:8400:16:9386:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6e59b9f826a2a9b503fb05fd33448a0583d30552aed790dfea6cb19e74bb409c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:22 GMT
content-encoding: gzip
via: 1.1 64c8688da1fd73389eb91af90ae83792.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://nowbuy.vip
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization,Origin,Cpl,Client-Type,X-Requested-With,Accept
content-length: 82
x-amz-cf-id: 8PX6SO7PGBtKAjftbO_UiW-lBQkz8GEMNosrCDXP_JsTfwyqQtQcCw==

POST
H2 200 log Show response
api.salesmartly.com/client/station/ Frame B655 87 B
681 B 209ms
209ms XHR
application/json 2600:9000:2724:1600:f:6577:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.salesmartly.com/client/station/log?plugin_sign=5ac63ec445fb5b98346c7bdebfa0406c&plugin_id=f175lnp&over_time=&env=chat&_=1714305142651&_lt=fe1cea9f811855504ef60042c60c7884&_u=
Requested by: Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:1600:f:6577:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / PHP/7.2.34
Resource Hash: 6235d364887ddc5be3b7ad3535ae3cbd8ad3b28b37d80358634767b53d2c46d7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
Referer
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:22 GMT
via: 1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
x-powered-by: PHP/7.2.34
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://nowbuy.vip
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
x-amz-cf-id: v0ch0hmkzICFosFhtnHNex82KbSlXZBycRq8IIxMPSMFfz4S9JZqjQ==

GET
H3 200 config Show response
nowbuy.vip/app-api/trusttool/38727/ 88 B
325 B 204ms
204ms XHR
application/json 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/app-api/trusttool/38727/config?&route=index/index
Requested by: Host: cdn.staticsoe.com
URL: https://cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=71c0438239751db436225f769d15d2bd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36e8064158c2cf9d1b7a67607786463d3eefb5b6202f9f4ced5b8ca8b67b2d07

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://nowbuy.vip/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: D26325BC-BEF9-E311-BFFB-DB4AEC2DE500
date: Sun, 28 Apr 2024 11:52:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 87b6d886cf178ffe-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400
access-control-request-headers: *

GET
H2 200 banner_loading.png
cdn.staticsoe.com/uploads/0/theme/default/assets/ 23 KB
0 3ms
3ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/banner_loading.png?v=7fe39bdcdcabdc30d14d1f99c308db2b
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a290c6c3053dc46eb4c6632cebcea32eea7da4274d3931d4c703f2ba6c916af7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:21 GMT
x-oss-request-id: 65F1D7AA7EA57838301CA12C
cf-cache-status: HIT
content-md5: f+Ob3Nyr3DDRTR+ZwwjbKw==
age: 67784
content-length: 23352
x-oss-object-type: Normal
last-modified: Wed, 13 Mar 2024 07:38:08 GMT
server: cloudflare
etag: "7FE39BDCDCABDC30D14D1F99C308DB2B"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d87c9cf79a30-FRA
x-oss-hash-crc64ecma: 7125506954030682244
x-oss-server-time: 1
expires: Mon, 06 May 2024 11:52:21 GMT

GET
H3 200 config Show response
nowbuy.vip/app-api/googletranslate/38727/front/ 88 B
323 B 195ms
195ms XHR
application/json 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/app-api/googletranslate/38727/front/config
Requested by: Host: cdn.staticsoe.com
URL: https://cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=71c0438239751db436225f769d15d2bd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 365ec6fe11a719bec429ce9900bebf57d3720a16df452ee8fd6058f37182008f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://nowbuy.vip/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: DC044675-2565-11DA-8812-AE0A5146F460
date: Sun, 28 Apr 2024 11:52:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 87b6d8870f538ffe-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400
access-control-request-headers: *

GET
H3 200 config Show response
nowbuy.vip/app-api/popups/38727/front/ 2 KB
1 KB 200ms
199ms XHR
application/json 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/app-api/popups/38727/front/config
Requested by: Host: cdn.staticsoe.com
URL: https://cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=71c0438239751db436225f769d15d2bd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f118fd4480231baedfe5e03e9a385d3a53c368026c17d1fff1d1efc7684749d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://nowbuy.vip/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: F1D21F86-37CA-AEC3-20C5-B43C83C7096E
date: Sun, 28 Apr 2024 11:52:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 87b6d8870f558ffe-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400
access-control-request-headers: *

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://nowbuy.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 902b57b71b0f94b1cd66724d3beb8fd8.jpg
cdn.staticsoe.com/uploads/38727/cart/resources/20230908/ 160 KB
160 KB 816ms
814ms Image
image/jpeg 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/38727/cart/resources/20230908/902b57b71b0f94b1cd66724d3beb8fd8.jpg?x-oss-process=image/resize,m_lfit,w_1800
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9daa2423bfd28e7a1a7e8004d4a182d86667c6d14ad29846af1d2129514d160b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:23 GMT
x-oss-request-id: 662E3877C3F24534328EECEB
cf-cache-status: MISS
content-length: 163448
x-oss-object-type: Normal
last-modified: Fri, 08 Sep 2023 06:19:03 GMT
server: cloudflare
etag: "58B192E4EA3978C8D840E6743BA29FC8"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d887581f9a30-FRA
x-oss-hash-crc64ecma: 10857308860859069950
x-oss-server-time: 486
expires: Mon, 06 May 2024 11:52:23 GMT

GET
H2 200 bfdb34dcebefee18e24038bf1043af1a.jpg
cdn.staticsoe.com/uploads/38727/cart/resources/20230907/ 554 KB
555 KB 214ms
213ms Image
image/jpeg 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/38727/cart/resources/20230907/bfdb34dcebefee18e24038bf1043af1a.jpg?x-oss-process=image/resize,m_lfit,w_1800
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2744ebd9d5f6edec0bd77d625c1d847c78c6c05db696422fac7c26274f329415

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:23 GMT
x-oss-request-id: 662BCC44CB42C43035DDD398
cf-cache-status: REVALIDATED
content-length: 567485
x-oss-object-type: Normal
cf-bgj: h2pri
last-modified: Fri, 08 Sep 2023 04:10:56 GMT
server: cloudflare
etag: "DFCF7231495F0BDFA5E69175526D56E7"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d88758219a30-FRA
x-oss-hash-crc64ecma: 12355903961694586468
x-oss-server-time: 162
expires: Mon, 06 May 2024 11:52:23 GMT

GET
H2 200 bbb8366dd2173542be6db3118e901977.jpg
cdn.staticsoe.com/uploads/38727/cart/resources/20230911/ 30 KB
30 KB 217ms
216ms Image
image/jpeg 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/38727/cart/resources/20230911/bbb8366dd2173542be6db3118e901977.jpg?x-oss-process=image/resize,m_lfit,w_417
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86df84b75a1a6ede2dc059a423cc7ed258671de70a04d0125b3274c94aae41c7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:23 GMT
x-oss-request-id: 662BCC44B6DE1D37391CF775
cf-cache-status: REVALIDATED
content-length: 30288
x-oss-object-type: Normal
cf-bgj: h2pri
last-modified: Mon, 11 Sep 2023 08:56:46 GMT
server: cloudflare
etag: "47305D75F415910C85E8AC5E4266890F"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d88758229a30-FRA
x-oss-hash-crc64ecma: 14594145789867494683
x-oss-server-time: 53
expires: Mon, 06 May 2024 11:52:23 GMT

GET
H2 200 09ef2bfec154bec14c9881e604aee56c.jpg
cdn.staticsoe.com/uploads/38727/cart/resources/20230504/ 17 KB
17 KB 666ms
665ms Image
image/jpeg 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/38727/cart/resources/20230504/09ef2bfec154bec14c9881e604aee56c.jpg?x-oss-process=image/resize,m_lfit,w_417
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb85b2b22d8a71d3c80ba79ab130ead431887257ae2e81ea18bf826652e054b2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:23 GMT
x-oss-request-id: 662BCC44342C48363786794B
cf-cache-status: REVALIDATED
content-length: 17253
x-oss-object-type: Normal
cf-bgj: h2pri
last-modified: Thu, 04 May 2023 08:05:15 GMT
server: cloudflare
etag: "18F76F0C2C8AD115CDD9FEBB97686BE0"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d88758239a30-FRA
x-oss-hash-crc64ecma: 5403527540518995889
x-oss-server-time: 63
expires: Mon, 06 May 2024 11:52:23 GMT

GET
H2 200 3acc920ddb5c4e6afcbd2da5aafe3dcf.webp
cdn.staticsoe.com/uploads/38727/cart/resources/20230705/ 60 KB
61 KB 31ms
31ms Image
image/webp 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/38727/cart/resources/20230705/3acc920ddb5c4e6afcbd2da5aafe3dcf.webp
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aad132709c6d54120e7ab4bcef355495c3acef84b770477cbc9f2323409e3e9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:22 GMT
x-oss-request-id: 66221C71D561043933EAC060
cf-cache-status: HIT
content-md5: yeWIYoaKWK9JkLt6aX0IrQ==
age: 59167
content-length: 61800
x-oss-object-type: Normal
last-modified: Wed, 05 Jul 2023 08:39:56 GMT
server: cloudflare
etag: "C9E58862868A58AF4990BB7A697D08AD"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d88758249a30-FRA
x-oss-hash-crc64ecma: 11910301151743435400
x-oss-server-time: 4
expires: Mon, 06 May 2024 11:52:22 GMT

GET
H2 200 2724886bbd1f1168c4f13a1c567d2e60.jpg
cdn.staticsoe.com/uploads/38727/cart/resources/20230713/ 34 KB
34 KB 358ms
357ms Image
image/jpeg 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/38727/cart/resources/20230713/2724886bbd1f1168c4f13a1c567d2e60.jpg?x-oss-process=image/resize,m_lfit,w_417
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 594420d2457cd281d8956e7ba90265defb1c04ba48931bb215a1ffd6b934790e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:23 GMT
x-oss-request-id: 662BCC449EAA1A3532A9535F
cf-cache-status: REVALIDATED
content-length: 34931
x-oss-object-type: Normal
cf-bgj: h2pri
last-modified: Thu, 13 Jul 2023 14:37:50 GMT
server: cloudflare
etag: "EAE428B6E391D52FE45E85D337E0C7DC"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d88758269a30-FRA
x-oss-hash-crc64ecma: 6197948267606892997
x-oss-server-time: 32
expires: Mon, 06 May 2024 11:52:23 GMT

GET
H2 200 4c2a4b1380c9cd7d08e2590a626026a7.jpg
cdn.staticsoe.com/uploads/38727/cart/resources/20230328/ 37 KB
37 KB 344ms
343ms Image
image/jpeg 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/38727/cart/resources/20230328/4c2a4b1380c9cd7d08e2590a626026a7.jpg?x-oss-process=image/resize,m_lfit,w_417
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a5e5ab4b98b32f721a186941fd0cc52161ab510eb2decc3edb07d9b78614b0d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:23 GMT
x-oss-request-id: 662BCC448BAF673230241F77
cf-cache-status: REVALIDATED
content-length: 37449
x-oss-object-type: Normal
last-modified: Wed, 29 Mar 2023 01:32:01 GMT
server: cloudflare
etag: "1E990511B1F50509D1479F0704A4395D"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d88758289a30-FRA
x-oss-hash-crc64ecma: 16297754809340695862
x-oss-server-time: 42
expires: Mon, 06 May 2024 11:52:23 GMT

GET
H3 200 3029 Show response
nowbuy.vip/app-api/popups/38727/front/count/ 139 B
355 B 200ms
200ms XHR
application/json 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/app-api/popups/38727/front/count/3029?&type=exposure_times
Requested by: Host: cdn.staticsoe.com
URL: https://cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=71c0438239751db436225f769d15d2bd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39208544a5e97a21540c4ca2835fd01ba8688abcb884a7b2cdb7f6222685ae86

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://nowbuy.vip/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: E73994D7-E1EC-077F-9B77-4F904C84EBE1
date: Sun, 28 Apr 2024 11:52:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 87b6d88858898ffe-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400
access-control-request-headers: *

GET
H2 200 info_bg.png
cdn.staticsoe.com/statics/apps/popups/ 72 KB
73 KB 84ms
84ms Image
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/statics/apps/popups/info_bg.png
Requested by: Host: nowbuy.vip
URL: https://nowbuy.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81f6860a5242b27e69f685a06d908f2fbe2613e090caeef4710f38f7e5fcf69f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:23 GMT
x-oss-request-id: 662C5623D31A23313871C4AE
cf-cache-status: HIT
content-md5: l+2rQHqBcyEajTKWWDnQdQ==
age: 35320
content-length: 74037
x-oss-object-type: Normal
last-modified: Fri, 28 Oct 2022 02:46:03 GMT
server: cloudflare
etag: "97EDAB407A8173211A8D32965839D075"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d88879129a30-FRA
x-oss-hash-crc64ecma: 3706741854734786120
x-oss-server-time: 31
expires: Mon, 06 May 2024 11:52:23 GMT

GET
H2 200 58627_532bf6eb232cfcb99eeb40ec92fdaa72.png
cdn.staticsoe.com/uploads/58627/cart/resources/20230926/ 14 KB
15 KB 58ms
58ms Other
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticsoe.com/uploads/58627/cart/resources/20230926/58627_532bf6eb232cfcb99eeb40ec92fdaa72.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b77bf96611245bcfd046170adee5668998d7fb62b846b81214ed49d0015cf290

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:23 GMT
x-oss-request-id: 66014092066E21373236D07A
cf-cache-status: HIT
content-md5: WjKY4SrhyqNRG2vpyRDthA==
age: 59905
content-length: 14708
x-oss-object-type: Normal
last-modified: Tue, 26 Sep 2023 11:35:16 GMT
server: cloudflare
etag: "5A3298E12AE1CAA3511B6BE9C910ED84"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d88d2e049a30-FRA
x-oss-hash-crc64ecma: 12668658162930645334
x-oss-server-time: 78
expires: Mon, 06 May 2024 11:52:23 GMT

GET
H2 200 58627_532bf6eb232cfcb99eeb40ec92fdaa72.png
cdn.staticsoe.com/uploads/58627/cart/resources/20230926/ 14 KB
0 0ms
0ms Other
image/png 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticsoe.com/uploads/58627/cart/resources/20230926/58627_532bf6eb232cfcb99eeb40ec92fdaa72.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b77bf96611245bcfd046170adee5668998d7fb62b846b81214ed49d0015cf290

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:23 GMT
x-oss-request-id: 66014092066E21373236D07A
cf-cache-status: HIT
content-md5: WjKY4SrhyqNRG2vpyRDthA==
age: 59905
content-length: 14708
x-oss-object-type: Normal
last-modified: Tue, 26 Sep 2023 11:35:16 GMT
server: cloudflare
etag: "5A3298E12AE1CAA3511B6BE9C910ED84"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d88d2e049a30-FRA
x-oss-hash-crc64ecma: 12668658162930645334
x-oss-server-time: 78
expires: Mon, 06 May 2024 11:52:23 GMT

POST
H3 200 collect Show response
nowbuy.vip/homeapi/ 9 B
174 B 197ms
197ms Fetch
text/html 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowbuy.vip/homeapi/collect
Requested by: Host: cdn.staticsoe.com
URL: https://cdn.staticsoe.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.24.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 587b05cd8d59f9820d2cf168b07d46b1519d12ee7a2f7062a2490da0a99ccb50

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

trace_id: F4810FE2-D84E-6B54-C5A8-11709FD933C7
date: Sun, 28 Apr 2024 11:52:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=utf-8
cf-ray: 87b6d88dedb08ffe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 e98d8fa96b269c247bcf4371d9d92e78.jpg
cdn.staticsoe.com/uploads/38727/cart/resources/20230907/ 265 KB
265 KB 383ms
380ms Image
image/jpeg 104.18.169.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staticsoe.com/uploads/38727/cart/resources/20230907/e98d8fa96b269c247bcf4371d9d92e78.jpg?x-oss-process=image/resize,m_lfit,w_1800
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.169.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d052aed6d1090b7fee253c21eeac5e3a66a449b884148de1ade4a669d74cc0b2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowbuy.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:52:26 GMT
x-oss-request-id: 662E387A9191FB36353206E4
cf-cache-status: MISS
content-length: 271125
x-oss-object-type: Normal
last-modified: Fri, 08 Sep 2023 05:40:57 GMT
server: cloudflare
etag: "312DC97B17A918B8E72A1DFBF158D645"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=691200
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 87b6d89a5d089a30-FRA
x-oss-hash-crc64ecma: 18267648255277949255
x-oss-server-time: 182
expires: Mon, 06 May 2024 11:52:26 GMT

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 20:13:11	Name: X-AB Value: 24b5be485c2747719f2dadcc8288a94b
nowbuy.vip/	1970-01-20 22:21:21	Name: _fbs_fbp Value: fb.1.1714305140133.5695225401
nowbuy.vip/	1970-01-21 05:47:45	Name: oemsaas_global_visit_id Value: F4070A8B-6225-9F80-92B8-CC6AC5077287
nowbuy.vip/	1970-01-21 05:47:45	Name: oemsaas_checkout_visit_id Value: 5CCD2A3F-45B0-5638-861B-8E226C0BA4BD
nowbuy.vip/	1970-01-20 20:13:11	Name: oemsaas_global_visit_session Value: F5D81BE2-0370-50C9-B203-BA8A32737314
nowbuy.vip/	1970-01-20 20:54:57	Name: utm_source Value: direct
nowbuy.vip/	1970-01-20 20:54:57	Name: utm_medium Value: default
nowbuy.vip/	1969-12-31 23:59:59	Name: order_utm_history Value: %5B%7B%22utm_source%22%3A%22direct%22%2C%22utm_medium%22%3A%22default%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_content%22%3A%22%22%2C%22source_device%22%3A%22computer%22%2C%22create_time%22%3A1714305140%2C%22expire_time%22%3A1716897140%7D%5D
nowbuy.vip/	1970-01-21 04:57:21	Name: landing_page Value: aHR0cHM6Ly9ub3didXkudmlwLw%3D%3D
nowbuy.vip/	1970-01-20 20:11:46	Name: oemsaas_keep_alive Value: 183A95A5-567C-5337-2E50-70CB5F1BCAD3
nowbuy.vip/	1970-01-20 20:54:57	Name: first_http_referer Value: null
nowbuy.vip/	1969-12-31 23:59:59	Name: currency_code Value: EUR
nowbuy.vip/	1969-12-31 23:59:59	Name: PHPSESSID Value: 86be2c976f020c01d9b5532318b75b8f
.nowbuy.vip/	1970-01-20 20:11:46	Name: __cf_bm Value: lymrW3we.A_EjKV0NwA6NKG6V8Y00bDLCDOzYFWDzxw-1714305140-1.0.1.1-oIQXA0nURRn_lySKndKXh.VYIS3s_L5HwXY7G_ub7wPQbI9zHeFETeP55p7tzZmzOyDx7ACDwQTQrtBLPl4Vyw
nowbuy.vip/	1970-01-20 20:13:11	Name: oemcart_client_user_agent Value: Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F124.0.0.0%2520Safari%252F537.36
nowbuy.vip/	1970-01-20 20:13:11	Name: oemcart_client_pre_url Value:
nowbuy.vip/	1970-01-20 20:13:11	Name: oemcart_client_timezone Value: Etc%252FGMT-2
nowbuy.vip/	1970-01-20 20:13:11	Name: oemcart_client_screen_size Value: 1600X1200
nowbuy.vip/	1970-01-20 20:13:11	Name: oemcart_client_broswer_language Value: de-DE
nowbuy.vip/	1970-01-20 20:13:11	Name: oemcart_client_viewport_size Value: 1600X1200
nowbuy.vip/	1970-01-20 20:13:11	Name: oemcart_client_broswer_date_time Value: 2024-04-28%2013%3A52%3A21
.nowbuy.vip/	1970-01-21 05:41:31	Name: _scid Value: f106cad8-b9e6-4256-9c94-4993efeff77b
.nowbuy.vip/	1970-01-21 05:41:31	Name: _scid_r Value: f106cad8-b9e6-4256-9c94-4993efeff77b
.nowbuy.vip/	1970-01-20 22:21:21	Name: _fbp Value: fb.1.1714305141586.1729473272
.nowbuy.vip/	1970-01-21 05:47:45	Name: __ukey Value: 7al01jk2x562
.salesmartly.com/	1970-01-21 04:57:21	Name: ss_uid Value: 162f7e0765e29def009b99f62ca0c07e
nowbuy.vip/	1970-01-21 04:57:21	Name: _ss_s_uid Value: 162f7e0765e29def009b99f62ca0c07e
nowbuy.vip/	1970-01-20 20:54:57	Name: app_popups_time_type_info_3029 Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=71c0438239751db436225f769d15d2bd(Line 196) Message: Listener added for a 'DOMNodeInserted' mutation event. This event type is deprecated, and will be removed from this browser very soon. Usage of this event listener will cause performance issues today, and represents a large risk of future site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.
other	warning	URL: https://nowbuy.vip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/843433070092744?v=2.9.154&r=stable&domain=nowbuy.vip&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://nowbuy.vip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.salesmartly.com
assets.salesmartly.com
cdn.staticsoe.com
connect.facebook.net
dkov91l6wait7.cloudfront.net
dxrcssgvbj18q.cloudfront.net
exit.streamoptim.com
fonts.googleapis.com
msg.salesmartly.com
nowbuy.vip
sc-static.net
sl.streamhub.tech
srz.salesmartly.com
www.facebook.com
wzstatic1.streamoptim.com
104.18.169.76
104.18.24.121
143.204.207.250
2600:9000:206f:8400:2:3755:280:93a1
2600:9000:223d:7c00:10:e2c1:6ec0:93a1
2600:9000:266e:8400:16:9386:7d40:93a1
2600:9000:26e8:8e00:1e:4a65:6f00:93a1
2600:9000:2724:1600:f:6577:d340:93a1
2600:9000:275d:6600:16:41f9:b9c0:93a1
2a00:1450:4001:801::200a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
47.251.41.24
47.89.246.123
015f884821f06b02bed600100cb93f5435a9fddd0014472082eb191134404f90
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5
09bf790e08a91bf067a13a33a601cbfcee3889027302e672a8b5f1e8fdfeafc7
105cb46c3eadd700828fb841c1473dcd0371baf7449f0f6d6c1248850fe939ab
173be8d93e0be139ac090dc9a1923a0e76b71eaaec14d34f224209a24ecf90c6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2744ebd9d5f6edec0bd77d625c1d847c78c6c05db696422fac7c26274f329415
2839f952e3e0b8e33972b1532619728665986fb64366824254914f1cc249c057
287d0fff479c78312e352fb87181ad387ffd1e9854db9df31c1c1dd79644bc81
2c70f3d32d8ed2924ff688ad77a9b8f65663a433b5b0e5f4ba38879956961652
30d5580b9d1c7e33f9ce37c9f3ea26d62bcfa06f3e8617b957744ad83282b0dc
35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983
365ec6fe11a719bec429ce9900bebf57d3720a16df452ee8fd6058f37182008f
36e8064158c2cf9d1b7a67607786463d3eefb5b6202f9f4ced5b8ca8b67b2d07
39208544a5e97a21540c4ca2835fd01ba8688abcb884a7b2cdb7f6222685ae86
3a788760495c7ece61909c6549604215f3bd80e22b567a160b73c40e389a5320
3aad132709c6d54120e7ab4bcef355495c3acef84b770477cbc9f2323409e3e9
3f987ac42681ecc4d7a9efd70d4ac9aea82d39584763c3b8c0f409c00bd4ce32
41d9699cbf56e0a060cb0236a059db0c20b776b8df8aef1fa72bd9ab20ada45f
47623a9c24c0295022ecd3008db938481820cd4b0e888d8505d3941c2c4a93c3
4a5e5ab4b98b32f721a186941fd0cc52161ab510eb2decc3edb07d9b78614b0d
54e346c13852ce82961745a6fe3f4fcc1beb4d52f545d1e119e76a5a4b9176f4
587b05cd8d59f9820d2cf168b07d46b1519d12ee7a2f7062a2490da0a99ccb50
594420d2457cd281d8956e7ba90265defb1c04ba48931bb215a1ffd6b934790e
5f2c27fd8ce921c5c8663ea491139714306effb9f081505dc5bd09b1de7ce568
6235d364887ddc5be3b7ad3535ae3cbd8ad3b28b37d80358634767b53d2c46d7
63e35e9bc3ad346c3a626f7f1a981f20f4264b8a341702fdc959b68c155a5f0b
6e59b9f826a2a9b503fb05fd33448a0583d30552aed790dfea6cb19e74bb409c
75f91a02e3500e30b53718616f84d135caf67104454e9b159500d6c8d76d9ef8
81861a30e8b0a191da5de2642b0cf3c73fa45d90452a29c0f972c3676f536122
81f6860a5242b27e69f685a06d908f2fbe2613e090caeef4710f38f7e5fcf69f
827926033e044f67910bde16b42b47d783d731bc0637eb515452ae91237d983d
85b9453f4b51cb2db7bdc57ef65e9552d9939617bf25c80770859cbb218afb62
86df84b75a1a6ede2dc059a423cc7ed258671de70a04d0125b3274c94aae41c7
870f8bf1b7383aa95fa51b6e9fcd6e1a9e8a8085ed57456a1bb822b13b9bfbb5
87dd8e08e9907d39399028e5184d048510e1671498482081b0739941a11657a0
893330b3b998ec5da9098f7beda164879040f9304c15744bcaab47ca490e26b8
8a2df36f3f8af6f55fd2dbc15f734a29084172d9e5c14154037ce66c49b537c0
900803e3916a6a75d3c2e39f033ec970387de83a5b91385030e620fe7623d6ff
9daa2423bfd28e7a1a7e8004d4a182d86667c6d14ad29846af1d2129514d160b
9f118fd4480231baedfe5e03e9a385d3a53c368026c17d1fff1d1efc7684749d
a26d2e4c7a626e5ae8f51ba893a100e0d8377c51061f6bc82aa2fb3e3e2fa2d2
a290c6c3053dc46eb4c6632cebcea32eea7da4274d3931d4c703f2ba6c916af7
b40b0219d705f3ef33e5b2bea78e988251e4c00dfa9fa63e58c85cfa1fc8ff8d
b77bf96611245bcfd046170adee5668998d7fb62b846b81214ed49d0015cf290
c00c8597743fe2aa8d00a40dc04c3330992301bc48079a0b670536bffdb4639b
c0883bf2d1ddb57c03be4daf051e16a10422fa2eadcda89c337945ace4021a4a
c201d1e85d97c9bcfcda3e016c0d6704e9e080bd3712a3c850078ccbc1b353f0
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca96f9ed6bfc2d3d639194067b163cf0a2469af9810546e491d2f2468f1ab623
ccfdc21df473396a2dd78496fd4c04b5703ab0f516959898c75cdeb668c2c97f
d052aed6d1090b7fee253c21eeac5e3a66a449b884148de1ade4a669d74cc0b2
d13fa59865cd9ce916e46cae3593eeb17c011b5dd2880ca6a65846c2d4e5a9e2
d6dbd8ae0aca9ed7f0d630ad2b1c9fa176397c10737518113261a779328f9315
d77514365c7060af8f09c36246d30dfa5549f57815d437bb7ec17d292dbdce09
d817b79090a73b71e09ad6e2daa2c137408a7cfb7916aef50da18a1b1b0229f0
dac99c71e943d58b4fac29e7bed45da2fc55ceec4d6627ecce863dec95a520aa
de5f4949d34c123186b26e7b16ac7a76408e677e00380b2366b3f6553061594e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59777cfa4ff01bd0745c8593f02df5191dde91959072b11b4977ad43b47a1fe
f3de53bb61298cfd17f183f97dacd2c672b34665cbbe778070232ced85386e1c
f8cc58d4035610a5113bb8029ac24f4fd952fd3e8af248781d8b5faa71bd5280
f9e3ca3e921e5ce79c10c47df1cda247fb96eb70405ba7806dd07659daffe541
fb85b2b22d8a71d3c80ba79ab130ead431887257ae2e81ea18bf826652e054b2
fd8d393b0d70a302d6621feeca6c0d0c4773574c4cb92e83c21f9da6c2692be2

nowbuy.vip Open in urlscan Pro 104.18.24.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

100 %HTTPS

64 %IPv6

10 Domains

15 Subdomains

15 IPs

3 Countries

2612 kBTransfer

5898 kBSize

28 Cookies

1 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nowbuy.vip Open in urlscan Pro
104.18.24.121 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

15
Subdomains

15
IPs

3
Countries

2612 kB
Transfer

5898 kB
Size

28
Cookies

74 HTTP transactions
1 data transactions