Submitted URL: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=#s6#
Effective URL: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Submission: On September 29 via manual from US — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3033::6815:5072, located in United States and belongs to CLOUDFLARENET, US. The main domain is ultimatenusavings.com.
TLS certificate: Issued by WE1 on September 27th 2024. Valid for: 3 months.
This is the only time ultimatenusavings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 2606:4700:303... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
25 2
Apex Domain
Subdomains
Transfer
20 ultimatenusavings.com
ultimatenusavings.com
179 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
5 KB
25 2
Domain Requested by
20 ultimatenusavings.com ultimatenusavings.com
5 fonts.googleapis.com ultimatenusavings.com
25 2

This site contains no links.

Subject Issuer Validity Valid
ultimatenusavings.com
WE1
2024-09-27 -
2024-12-26
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Frame ID: 1B4A1B4AA94FC7DE930036D2F64556EF
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

Nexoria Flora

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

184 kB
Transfer

931 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ultimatenusavings.com/11/
33 KB
9 KB
Document
General
Full URL
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2026635e9e0b7691a660cd59b9b21bb8f4503d9ca73a984cac0b880718b33937

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8caa294a8912d39d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 29 Sep 2024 07:11:49 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l8nXe%2FnirQbOcRumf32qDG3D2DvsukZtBMgyWNsX9xD%2FkZT%2FF9qhOkAquk%2FGO4tVL4jJ3Y9TSqHJmAekC8sc22NoBluLhM%2B9MhX%2BMyk1eaZpUoZ4fJ0cAUnUXUaEG39IiwCf%2BBrhvni9VrKCLYYaBHlkPc0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
speculation
ultimatenusavings.com/cdn-cgi/
128 B
562 B
Other
General
Full URL
https://ultimatenusavings.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ultimatenusavings.com
Referer
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BLG6PNFVEZJH43i1HxrAZLT5AD2WHDYCFv3W1V990mRu26ll2owXNZS6LyFhUhHZfnkL7oP7pZKyuZaUeScNPApeRk5wJjE8tHohK3JKxtm%2BUGff11eyn65eNLXj6ye5%2BxZ95Ke0ZAdlIgxc%2FWpmQPKhoq4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294c2c00d39d-FRA
access-control-allow-origin
https://ultimatenusavings.com
content-length
128
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
/
ultimatenusavings.com/11/pixel/
0
509 B
Script
General
Full URL
https://ultimatenusavings.com/11/pixel/?page=leadPage
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3vvnCi%2FZ1E3Ycu0k%2BOQN8NqmNhgBOg8CZQu7C8WgoLYJ369PkvVzEsNKcDG07ihA9ZU6Z1r4veaNTV%2BIbIYFvBuAFTP%2Fq%2FqOSlRedaTEmiyiY3g0lj6JFdoFzbPHhMDsAtfs1WDF5TGDy6aH1SVpXvUUC8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294c2c0dd39d-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
modal.css
ultimatenusavings.com/assets/vanilla-modal/
7 KB
2 KB
Stylesheet
General
Full URL
https://ultimatenusavings.com/assets/vanilla-modal/modal.css?13
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23b131b6bd26bd0633aab3991f3f7759eb4c29b445b7481b9c5a6542771f4cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"61244747-1af8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbspnAIsi0gfPfUm1JWiEmaAMjAXqtEDNeSY5Jlit1NibfhQakdHIsARbHaxcgQrYzgEYpgoQJpD8931iebDw1p99g%2B3mX0PH%2FWbmlCCLFUIStrRSbylmTdwD7FDxLe5IVNzuJ%2FVqvCyaL6dBii0AEEvVIg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294c2c0ed39d-FRA
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css
last-modified
Tue, 24 Aug 2021 01:11:35 GMT
vary
Accept-Encoding
server
cloudflare
loader.css
ultimatenusavings.com/custom/sweep-blank-v2-c1/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eccf77e843576490c8fd9230cce9e4d9d6db65ac7803771efab2a654e2339d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"668c1b6e-aef"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2By5%2BsFrVcaodxwDwUsD7%2BUMIC5Y2CQXzoXXxhNUy3DRzDfmfo7Jny0vYa3CC7IGCmv9sZX%2FimzazJLJ1iKKJdPiDFKPJR3G1ws1%2FbGYpvtH%2FWQKu2wUh9Lc25eUA%2FD5EvJbr5VyWIMmpkdmDAUeIgIivfc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294c2c10d39d-FRA
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css
last-modified
Mon, 08 Jul 2024 17:01:34 GMT
vary
Accept-Encoding
server
cloudflare
form.min.css
ultimatenusavings.com/custom/sweep-blank-v2-c1/css/
608 KB
50 KB
Stylesheet
General
Full URL
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/form.min.css
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf59d457739d11535ca5fe8b4a42098459fd5d883e0a76768497aecfda25ddc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"668c1b6e-97ffe"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6JNaYEePtpmwOFY2D9vRW7crYTkHSr41Xiqb9rNrPz%2BvC3IUISzpCGI55C1R%2B%2FICfThWpiaRF9rQwzK2GBKJ%2BwSCOfoUmG5tOp6lByBq0JQFFEMoli9Raai%2FoiCkexW0IlNPBUCUby%2BdvPqgtOvnmjwrHiA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294c2c11d39d-FRA
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css
last-modified
Mon, 08 Jul 2024 17:01:34 GMT
vary
Accept-Encoding
server
cloudflare
vendor.css
ultimatenusavings.com/custom/sweep-blank-v2-c1/css/
26 KB
4 KB
Stylesheet
General
Full URL
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/vendor.css
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60c5481983777f04f5cdcdd6b92e89ee1a9d76a6ab38d5d134532fa6a1f50964

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"668c1b6e-68c3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dRqFqz0aEB2W4IXbpQdoCVY%2FSpuZaQQneyikfMZAd%2FyOB75EJ%2BoqqmlbbZvY6jJR%2BGJ5P5b%2Bir7IAGhIHLAGH9PMHO3I3xewDmXlUH%2FQ96tK1U04UWlizB2z4gX6nKRWviErqShySyx4kkTdYH%2FjYnGzTCM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294c2c12d39d-FRA
alt-svc
h3=":443"; ma=86400
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css
last-modified
Mon, 08 Jul 2024 17:01:34 GMT
vary
Accept-Encoding
server
cloudflare
loader.gif
ultimatenusavings.com/custom/sweep-blank-v2-c1/images/
9 KB
9 KB
Image
General
Full URL
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/images/loader.gif
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a411f4c5091bcf644036f6e382a1b1b14de1ed1f67c2391659d17c30c1a827ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"668c1b6e-23ed"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zbnnr%2BdwZGjbKFp6CXM%2FmkU26jOGklBV1LoLDu1YMoOY1vkHmF5NIf%2FeLSq37rYo8CDyK%2Ff%2BkP2Ir7TAg6cFwuBNX3GL374K8L819gOOSKUt9FGP0Mk5a5POZFG0ilnoITdLIm1i5Wh0cbBf%2Fn9yBTE9%2BlI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294c3c1dd39d-FRA
accept-ranges
bytes
content-length
9197
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
image/gif
last-modified
Mon, 08 Jul 2024 17:01:34 GMT
vary
Accept-Encoding
server
cloudflare
loader.gif
ultimatenusavings.com/assets/images/global/
3 KB
3 KB
Image
General
Full URL
https://ultimatenusavings.com/assets/images/global/loader.gif
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e99a4b97bc2aed7a51684a223a9bbd15642727c282dfa217336274c7475a3509

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
BYPASS
pragma
no-cache
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZBlNnOU8GV026e3EIqr7dDybfwsXHfWWtwdoQDL8uFyR54AE9V9%2BKXEzDjlyRIYRvHvj9Ff9o0x0S4AEoai8qMbqN%2FY9zlSJDIUqyOZ0x9b6VjMRRAeofgjgm2AQOKO0T1p%2FHDCtVKp5JvMuEoETZmh4LVw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294d6e42d39d-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
jquery.min.js
ultimatenusavings.com/assets/js/
94 KB
34 KB
Script
General
Full URL
https://ultimatenusavings.com/assets/js/jquery.min.js
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"61244747-1762a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xgPQ%2BzxlQlxbx9itvv0vhAEvGT%2Bvt68UxB4PzdYvfoORTP100R6rDnSf0W57SFcQfX6Rv38IQE%2FX%2BiqWCBzU4r730yTeCMKhBHP4vontoqmU3TOjXLqCPrQdjd%2FpMn%2BwfiUklFQ%2BEWd5luVBL1AeR%2BaZGBI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294d6e49d39d-FRA
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
application/javascript
last-modified
Tue, 24 Aug 2021 01:11:35 GMT
vary
Accept-Encoding
server
cloudflare
app.min.js
ultimatenusavings.com/assets/js/
44 KB
15 KB
Script
General
Full URL
https://ultimatenusavings.com/assets/js/app.min.js
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
627587890dfc820f64014e0ef50c9a54aec5fb2740e9261187a209655f64518e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"61244747-b081"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUr42Nbx8NSFnSLMabz2My9Ic95RzYU0SGlntX7AzymNYubtIYhPF4WpTSANMPQ1GHosM4c%2FDZByYG9Uf%2FC1p6wWdk0gWcNEHYiHMbvZ5aV1ow9bm%2BONujbPQ69vLEp9XW3yRrGdqJ97PoFML8s%2ByatcTwo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294e1f78d39d-FRA
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
application/javascript
last-modified
Tue, 24 Aug 2021 01:11:35 GMT
vary
Accept-Encoding
server
cloudflare
secure.png
ultimatenusavings.com/assets/images/
22 KB
22 KB
Image
General
Full URL
https://ultimatenusavings.com/assets/images/secure.png
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6b807fed694f06d0c1e856efc61949c8829cd40af6e29f8ec8e588efe0855c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"61244747-570b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2OHcCPvzhHjT1HJoWufREYke9IPdYRmTynKmqGwDz0o4DDz6iPkRTcEqSEd9hH8xmfQ%2BoEQ4UzG3B9VWeezTdhlh1Q83ByvZncenZwvzEurVG%2FUM8oIO3i1%2BrqR6sO7QHskoUPtSqPGLJ%2FRYEynUyIAn%2Fxs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294e1f7cd39d-FRA
accept-ranges
bytes
content-length
22283
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
image/png
last-modified
Tue, 24 Aug 2021 01:11:35 GMT
vary
Accept-Encoding
server
cloudflare
css2_1.css
ultimatenusavings.com/custom/sweep-blank-v2-c1/css/
196 B
604 B
Stylesheet
General
Full URL
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/css2_1.css
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e9d3de829b3297e79c35c60b9994664ee63ba0c254bcf19227c409b3e81839

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"668c1b6e-c4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6euE%2Fi1jCNK6AldeyyY8AQT8RGQQGwOtoPFrv8Q2uSC4aD9hW1EjC%2FCC2Jov2vOm4%2BBflMKSI7ZIlX5y6GBd%2FqD%2FFz%2B4dQMeNSLa0AE4IHO1L8uOR5iDBS85HNexdjISoDVLTQgistmr%2Bpkr%2BA%2BcWrnjXw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294d7e50d39d-FRA
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css
last-modified
Mon, 08 Jul 2024 17:01:34 GMT
vary
Accept-Encoding
server
cloudflare
css2_4.css
ultimatenusavings.com/custom/sweep-blank-v2-c1/css/
522 B
607 B
Stylesheet
General
Full URL
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/css2_4.css
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf7c644d4d4274b71bed289aedbb61b5b27954d6ee4c08f477506b35ad964ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"668c1b6e-20a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NRFTY4zGyBcspZdd6qNq73bHcmkS4V7cl48HAV4nMO8qlNysVFW1MaS%2BA5BocNoY%2Fw6OMi7hxeP4xRa3wV%2FpxoGVHybELwogfkfCd8A%2Bb%2FUwdmXZkjJpgAsV5zmIx%2FFeBRJWYk9V3rs9cxea%2FToatd%2Fdudo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294d7e51d39d-FRA
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css
last-modified
Mon, 08 Jul 2024 17:01:34 GMT
vary
Accept-Encoding
server
cloudflare
css2_2.css
ultimatenusavings.com/custom/sweep-blank-v2-c1/css/
183 B
590 B
Stylesheet
General
Full URL
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/css2_2.css
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e140267b739b66f00ef2d02ba496d49f79084c1e6b1f6be65600e2aa5990cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"668c1b6e-b7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FmsrFnxsWT51jDIeNUd3iY%2B4HNKJzKlMh8PeytLXABUrYFs9t3qsYJ5uRXi7KDAvmVEh2%2B92hHy3nwIb6kSMDmdBQ%2FkMZvPqNefemaEZ2AtjfLG2KuRresXs%2FkSGkRT%2F4GvIHD5RF1dR3eqLzkLkw2drkE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294d7e54d39d-FRA
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css
last-modified
Mon, 08 Jul 2024 17:01:34 GMT
vary
Accept-Encoding
server
cloudflare
css2.css
ultimatenusavings.com/custom/sweep-blank-v2-c1/css/
344 B
589 B
Stylesheet
General
Full URL
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/css2.css
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a159ad2b110f305a5fa89ff31b4c409098c5f737e15e592882366c461768a288

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"668c1b6e-158"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxC2SW2q5WyYD5cNbYi13Eces5hCF6g3vmzYZVoH%2FMSx7ufI3gyd%2BM5unirSA27G2OR%2B8slAZxdrFup17tUKIHj4InGQkfIlfdzQbgSlXSDEnsU14122qSXb3vmlYlDKNk2mdmqC%2BqPaXA%2FA8pK8pNDq%2Bts%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294d7e55d39d-FRA
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css
last-modified
Mon, 08 Jul 2024 17:01:34 GMT
vary
Accept-Encoding
server
cloudflare
css2_3.css
ultimatenusavings.com/custom/sweep-blank-v2-c1/css/
2 KB
715 B
Stylesheet
General
Full URL
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/css2_3.css
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cecff46402ca9519189bb571c83895990d87f8b0c2e9488fb2f2cf74229d0162

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"668c1b6e-754"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TgLgIomHN1h%2BXcx7WDgCEi0mD7Qs6wrc6zly%2FQmySqr%2FoDo3zxxjEDUSpf6TEHi9jFXuEvrJlTE9wvUw4DMa3iJnCSkFEQkVh1JW3TxePSeTccC9HHAWNLtA1%2FfqcvnbBy7fcsLsHPdtrJyvffCnnsORXLc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa294d7e56d39d-FRA
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css
last-modified
Mon, 08 Jul 2024 17:01:34 GMT
vary
Accept-Encoding
server
cloudflare
css2
fonts.googleapis.com/
446 B
414 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Shadows+Into+Light&display=swap
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/form.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76416c3d387eb6702c2a9bcf7fa3abd5bf7b1cf478965b26d05965f055332c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 29 Sep 2024 07:11:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 29 Sep 2024 07:08:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
2 KB
483 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@200;500;800&display=swap
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/form.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
427e56deec59c53dd48d3bc03def13ccc5e3d27573ebbb44e858ae0dba47ebfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 29 Sep 2024 07:11:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 29 Sep 2024 07:11:49 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
3 KB
832 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@300&display=swap
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/form.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
476dbea84f9f5179dc06e5cfffcf4c7034665bf56f726a4439e19fbbe3d35464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 29 Sep 2024 07:11:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 29 Sep 2024 06:29:38 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
5 KB
738 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;500&display=swap
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/form.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02b712f7df8700b1250afc30abd7ebe3910214de12c809b662c038245009280b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 29 Sep 2024 07:11:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 29 Sep 2024 07:01:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
46 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/form.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ae7f95490a78f65a3612c5c50957a7af7aa44425713df780551f839341965c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 29 Sep 2024 07:11:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Sep 2024 07:11:49 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 29 Sep 2024 07:11:49 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
Metropolis-Regular.otf
ultimatenusavings.com/custom/sweep-blank-v2-c1/css/vendor/
23 KB
23 KB
Font
General
Full URL
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/vendor/Metropolis-Regular.otf
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/form.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f8992eb58eeced41efea7076be4d468ac678f9778420438fab4a3358aa2b462

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ultimatenusavings.com
Referer
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/form.min.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"668c1b6e-5a54"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JcOHrpVrtIuRAagvNPkHCpJwSvbR%2Bi3ZkC1VNfYClmZc58etPjlc9gmFdvxlLbq9qBqJUqWHXyx7y2VMyfd9Mx1576LKq2zvmNV11JhEugvJHifI7%2BIZlnIkkGhAYljoR7cN9U1p%2BZeZSDoI0QRQ9irl%2Fy4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa2950ec8dd39d-FRA
accept-ranges
bytes
content-length
23124
date
Sun, 29 Sep 2024 07:11:50 GMT
content-type
application/octet-stream
last-modified
Mon, 08 Jul 2024 17:01:34 GMT
vary
Accept-Encoding
server
cloudflare
Metropolis-Regular.otf
ultimatenusavings.com/custom/sweep-blank-v2-c1/
0
0
Font
General
Full URL
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/Metropolis-Regular.otf
Requested by
Host: ultimatenusavings.com
URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ultimatenusavings.com
Referer
https://ultimatenusavings.com/custom/sweep-blank-v2-c1/css/loader.css

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
BYPASS
pragma
no-cache
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MwACouor%2F5H6q9l9pJ7CNDDAoQ%2BHiMQAzzX8SmEHm6lEAA6D9KnTEaAEDzcfGgoPVX7tixDQ7dJJD%2FhvExFZmAVvwvQnsZ3ozczUbSllJr05lSP4cBiOX0x3%2FjH19rLmEEhsizFu%2FcyfIqR7D8EYhh%2FJpc4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa2952cffed39d-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Sun, 29 Sep 2024 07:11:50 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
blank.png
ultimatenusavings.com/assets/images/
975 B
1 KB
Other
General
Full URL
https://ultimatenusavings.com/assets/images/blank.png?1727593909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2627c5f17f84a80fb9d57ed833b9be09500acf344772836d78ae86861a102fe3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ultimatenusavings.com/11/?pub=14404&click_id=771082829&c1=350689&c2=9KhRuvA8hZpp&c3=&c4=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"61244747-3cf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXoptCcLJXtK%2FZBzo3E%2FaQn%2BE77RhK4E7vLWDtuSqw46pwPNIVHinjaFvuOKgHlEA3QzP4w%2FOv4xmRlN3G7KDSaJ%2F%2FUEZ1lKCF0eU4%2Bhvaxi1YD9YyMMAg0VrLPjU%2B88LkLfdHRsg%2B%2FE69r9Z2Eu0waSXpw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8caa2952c809d39d-FRA
accept-ranges
bytes
content-length
975
date
Sun, 29 Sep 2024 07:11:50 GMT
content-type
image/png
last-modified
Tue, 24 Aug 2021 01:11:35 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getDate object| offer_vars function| $ function| jQuery object| $jscomp object| jQuery111105682827863455615 object| VanillaModal object| softModal function| vmodal function| animate_dots function| startTimer function| get_time_string function| vmodal_msg function| remove_values function| submit_form function| enable_mc_modal_on_timeout function| enable_mc_modal_on_cc function| getUrlVars

2 Cookies

Domain/Path Name / Value
ultimatenusavings.com/ Name: PHPSESSID
Value: hues87fuf3kpoots4sm9vllgpn
ultimatenusavings.com/ Name: __cflb
Value: 0H28vV6nZydAwhJGvjuKK9itLGeE8KBUyDRJLEfaZac

2 Console Messages

Source Level URL
Text
network error URL: https://ultimatenusavings.com/assets/images/global/loader.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ultimatenusavings.com/custom/sweep-blank-v2-c1/Metropolis-Regular.otf
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
ultimatenusavings.com
2606:4700:3033::6815:5072
2a00:1450:4001:82b::200a
02b712f7df8700b1250afc30abd7ebe3910214de12c809b662c038245009280b
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1ae7f95490a78f65a3612c5c50957a7af7aa44425713df780551f839341965c3
2026635e9e0b7691a660cd59b9b21bb8f4503d9ca73a984cac0b880718b33937
2627c5f17f84a80fb9d57ed833b9be09500acf344772836d78ae86861a102fe3
427e56deec59c53dd48d3bc03def13ccc5e3d27573ebbb44e858ae0dba47ebfc
476dbea84f9f5179dc06e5cfffcf4c7034665bf56f726a4439e19fbbe3d35464
48eccf77e843576490c8fd9230cce9e4d9d6db65ac7803771efab2a654e2339d
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5cf7c644d4d4274b71bed289aedbb61b5b27954d6ee4c08f477506b35ad964ad
60c5481983777f04f5cdcdd6b92e89ee1a9d76a6ab38d5d134532fa6a1f50964
627587890dfc820f64014e0ef50c9a54aec5fb2740e9261187a209655f64518e
6f8992eb58eeced41efea7076be4d468ac678f9778420438fab4a3358aa2b462
76416c3d387eb6702c2a9bcf7fa3abd5bf7b1cf478965b26d05965f055332c10
92e9d3de829b3297e79c35c60b9994664ee63ba0c254bcf19227c409b3e81839
a159ad2b110f305a5fa89ff31b4c409098c5f737e15e592882366c461768a288
a411f4c5091bcf644036f6e382a1b1b14de1ed1f67c2391659d17c30c1a827ad
bf59d457739d11535ca5fe8b4a42098459fd5d883e0a76768497aecfda25ddc8
cecff46402ca9519189bb571c83895990d87f8b0c2e9488fb2f2cf74229d0162
d5e140267b739b66f00ef2d02ba496d49f79084c1e6b1f6be65600e2aa5990cf
e23b131b6bd26bd0633aab3991f3f7759eb4c29b445b7481b9c5a6542771f4cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b807fed694f06d0c1e856efc61949c8829cd40af6e29f8ec8e588efe0855c0
e99a4b97bc2aed7a51684a223a9bbd15642727c282dfa217336274c7475a3509