specialoffersbank.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://specialoffersbank.com/
Submission: On June 09 via automatic, source certstream-suspicious (June 9th 2022, 4:37:11 am UTC) — Scanned from DE

Summary HTTP 29 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 12 domains to perform 29 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is specialoffersbank.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2022. Valid for: a year.

This is the only time specialoffersbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a05:d014:275... 2a05:d014:275:cb00:ce75:162:d945:5f34	16509 (AMAZON-02) (AMAZON-02)
1	173.231.242.81 173.231.242.81	54641 (IMH-IAD) (IMH-IAD)
1 1	199.59.243.220 199.59.243.220	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:2978	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::393	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
1	45.79.152.74 45.79.152.74	63949 (LINODE-AP...) (LINODE-AP Linode)
1	199.30.211.241 199.30.211.241	53568 (FRANKLIN-...) (FRANKLIN-UNIVERSITY)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
29	11

17 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

specialoffersbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:275:cb00:ce75:162:d945:5f34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

www.oberlo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.242.81 (United States)

ASN54641 (IMH-IAD, US)
PTR: ecngx285.inmotionhosting.com

hempoilfrog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.59.243.220 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

images.watchfree.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2978 (United States)

ASN13335 (CLOUDFLARENET, US)

backlink.bodiscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.152.74 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1251-74.members.linode.com

www.mtfcu.coop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.30.211.241 (Columbus, United States)

ASN53568 (FRANKLIN-UNIVERSITY, US)

www.franklin.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	specialoffersbank.com specialoffersbank.com	195 KB
2	gstatic.com fonts.gstatic.com	80 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 52	2 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 2907	84 KB
1	franklin.edu www.franklin.edu — Cisco Umbrella Rank: 490000	99 KB
1	mtfcu.coop www.mtfcu.coop	309 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 123	36 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2477	36 KB
1	bodiscdn.com backlink.bodiscdn.com — Cisco Umbrella Rank: 200298	4 KB
1	watchfree.to 1 redirects images.watchfree.to	230 B
1	hempoilfrog.com hempoilfrog.com	66 KB
1	oberlo.com www.oberlo.com — Cisco Umbrella Rank: 254931	61 KB
29	12

	Domain	Requested by
17	specialoffersbank.com	specialoffersbank.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	specialoffersbank.com
1	i0.wp.com	specialoffersbank.com
1	www.franklin.edu	specialoffersbank.com
1	www.mtfcu.coop	specialoffersbank.com
1	i.ytimg.com	specialoffersbank.com
1	res.cloudinary.com	specialoffersbank.com
1	backlink.bodiscdn.com	specialoffersbank.com
1	images.watchfree.to	1 redirects
1	hempoilfrog.com	specialoffersbank.com
1	www.oberlo.com	specialoffersbank.com
29	12

This site contains links to these domains. Also see Links.

Domain
en.wikipedia.org
invoke.tax
www.mtfcu.coop
www.buchbinder.com
www.vinethemes.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-09` - `2023-06-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
au.oberlo.com R3	`2022-05-22` - `2022-08-20`	3 months	crt.sh
hempoilfrog.com cPanel, Inc. Certification Authority	`2022-05-10` - `2022-08-08`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
mtfcu.coop R3	`2022-05-14` - `2022-08-12`	3 months	crt.sh
www.franklin.edu InCommon RSA Server CA	`2022-05-22` - `2023-05-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://specialoffersbank.com/
Frame ID: D8324D09111A2981D8DB74092FA58D40
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

World Fund and Finance -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

29
Requests

97 %
HTTPS

58 %
IPv6

12
Domains

12
Subdomains

11
IPs

2
Countries

970 kB
Transfer

1334 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://en.wikipedia.org/wiki/Information_systems_success_model
Title: systems of success

Search URL Search Domain Scan URL

URL: https://invoke.tax/services/property-tax/
Title: property tax consulting firms

Search URL Search Domain Scan URL

URL: https://www.mtfcu.coop/
Title: credit union auto loan

Search URL Search Domain Scan URL

URL: https://www.buchbinder.com/services/tax-consulting-tax-advisory/
Title: tax consulting

Search URL Search Domain Scan URL

URL: https://www.vinethemes.com/
Title: VineThemes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://images.watchfree.to/thumbs/3141_Stephen_Kings_It_1990.jpg HTTP 302
https://backlink.bodiscdn.com/image/images.watchfree.to

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
specialoffersbank.com/ 56 KB
13 KB 1014ms
954ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47681a2a7ed85e1e029834aabc28f0d627f4dc9bd739567016742d2ccdbc4479

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71872b78dcfa5a37-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Jun 2022 04:37:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://specialoffersbank.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=by56dQDqnLySb2Ktm2t6%2BnQM23P3X11u%2FcAWHV5VfHTSglnqzoLkxPyaoKV61CoPLekt%2F4NObeGC%2FnzDAzuBP4332JJKetJiIcNcGiGQsaSP3jEdA1e0StNqLgOfmPeKOA%2Fgi4ksOE92jpF5UVqLrq4Dll4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.min.css
specialoffersbank.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 714ms
708ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 May 2022 02:22:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RI39Z9RnYhJ3hHU5TrQqQuYK4tS6AASynnLLSmt4zCx4KVFM9sJMmP9ITgwp%2BBS6wjP6WiyWH6VyRoRb%2FtgvnhAuwvhB%2BCwko%2BkglzHI%2FZgwAJit8YFYXdd9eWxQ8awfMh6J3GsIYSpDIbE%2FYn0stTpNrJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b7efe855a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
specialoffersbank.com/wp-content/themes/foodicious/ 96 KB
17 KB 697ms
692ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-content/themes/foodicious/style.css
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dfeac0244b044abc4b08a17dfa6ab44888fea969d11abbc3b22f24545494e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 00:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Qf1PHriiN25oE8CjDuZAw%2FDsr2VT1gPz%2Bo2KZABdbSPaycHQ5RNPgV6QB7OwwGY3cjLxnHil7VhR3g3FxM2CznA15BAsbpVQrFB2Al8rWhJGqT4sasE3IEn9Rf%2FS5MOjfub8dEF6LYIovSukUWzmh4RlCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b7efe895a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.css
specialoffersbank.com/wp-content/themes/foodicious/includes/css/ 37 KB
7 KB 537ms
532ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-content/themes/foodicious/includes/css/font-awesome.css
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 00:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovMiRjcO3cgcqe%2BTSXt3u4wDJkBHPfgbwkmtNfemcSzKsioHu1HRfnNooqgt6saSkoDWSTDOeHjwvKDZKb%2FJdylIXCO7v%2FR6Di7fbEvdn%2BeRoekSzOwqvrEw7ujuoSXKO1HcqNN%2BYMccHox9ct%2FwFJJdhSk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b7efe8b5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 responsive.css
specialoffersbank.com/wp-content/themes/foodicious/css/ 8 KB
2 KB 538ms
534ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-content/themes/foodicious/css/responsive.css
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1162fdb96b59b43f82ba907b6be3acfdd30b87e1497ab838f507e06e50bfd7b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 00:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSy3A2%2F5SiRcICDuIuKydnEa%2F%2F3HFEB6m6BccQ3H5urtXf4oVyPYL311JcH2DoPpjOasFcvrxg5Zu1Ebgu45ScngdmU7IYos2LqYQKEoJgYeNKrG17eshPPC5G5qW5kvc%2F%2F8ijlqlQ4H8CWvr1LV3lYiveI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b7efe8d5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
578 B 40ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Playfair+Display%3Awght%40400%3B700&ver=6.0

Requested by

Host: specialoffersbank.com
URL: https://specialoffersbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b9a989718ea0f80b4ed94f32516e3429951da34e2cc25efbe06a73e5daa7698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 04:37:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Jun 2022 04:37:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Jun 2022 04:37:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700&ver=6.0

Requested by

Host: specialoffersbank.com
URL: https://specialoffersbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

72e8a3eb4c99274570a057a55be91036d8b5ae00f5ea87f4f122fe17e66339f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 03:45:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Jun 2022 04:37:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Jun 2022 04:37:04 GMT

GET
H2 200 jquery.min.js Show response
specialoffersbank.com/wp-includes/js/jquery/ 87 KB
32 KB 706ms
704ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 21 Jul 2021 01:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wESnQoJqExNBneeuFpSMILKGhwGUlW3N9kGZKcpjByKsP%2BvukfLv41T4m%2B5fQxXv7uF%2BAtnBJEsftiNO2epkPI8oObcg5HjF6%2BYnBo2oDKYZSxe1ncxFYKUSQ7e6ykw7r5RtU5GHTJecPFqmr%2Bmi7DLgmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b7efe8e5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
specialoffersbank.com/wp-includes/js/jquery/ 11 KB
5 KB 528ms
527ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Dec 2020 13:46:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifQ0aegcyagCABJmUccj09w6x0yWWdmHqEVLeU2R6I8AJEX9HxvON9B9AeizzGtNUHAN6iGo59v%2BvI7gXp88%2BbMHgxJJTfEBH3QhXFZsQ1DuAgHVZBuy1gFrZH6TdXMCRj6mt%2F82BNVrEKvR1SToaRRiBi4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b7efe8f5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1603968035-success.jpg
www.oberlo.com/media/ 60 KB
61 KB 92ms
9ms Image
image/jpeg 2a05:d014:275:cb00:ce75:162:d945:5f34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oberlo.com/media/1603968035-success.jpg?w=1824&fit=max

Requested by

Host: specialoffersbank.com
URL: https://specialoffersbank.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:ce75:162:d945:5f34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ce3703b0c6c1348d9f74f0899f22f502db3bce73bee75f2bed7147f18aa8f72a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G53C0VKWCWPZYQY7W5KAFAMH
date: Tue, 07 Jun 2022 13:05:33 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
age: 142292
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
x-status: MISS
content-length: 61454
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10056-SJC, cache-fra19145-FRA
last-modified: Wed, 25 May 2022 07:20:59 GMT
server: Netlify
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-imgix-id: 85bd00c64711d65b428d9ef6187b623089cce9b6
cache-control: public, max-age=31536000
x-version: 2
accept-ranges: bytes
cf-ray: 71799999ea909969-FRA

GET
H2 200 home-business-ideas-800x400.jpg
hempoilfrog.com/wp-content/uploads/2018/12/ 65 KB
66 KB 1254ms
91ms Image
image/jpeg 173.231.242.81
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hempoilfrog.com/wp-content/uploads/2018/12/home-business-ideas-800x400.jpg
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.231.242.81 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: ecngx285.inmotionhosting.com
Software: nginx/1.21.6 /
Resource Hash: e82baf199c653761a2774ea76661f28065953aa63fbe46d83ae27a8e998daaac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:06 GMT
last-modified: Mon, 22 Jul 2019 05:53:42 GMT
server: nginx/1.21.6
etag: "5d354f66-105a3"
content-type: image/jpeg
expires: Thu, 16 Jun 2022 04:37:06 GMT
cache-control: max-age=604800, public, must-revalidate
accept-ranges: bytes
content-length: 66979
x-proxy-cache: STATIC/TYPE

GET
H2

200

images.watchfree.to
backlink.bodiscdn.com/image/
Redirect Chain

https://images.watchfree.to/thumbs/3141_Stephen_Kings_It_1990.jpg
https://backlink.bodiscdn.com/image/images.watchfree.to

4 KB
4 KB

63ms
21ms

Image
image/webp

2606:4700:10::6816:2978
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://backlink.bodiscdn.com/image/images.watchfree.to
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H2
Server: 2606:4700:10::6816:2978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 2a3a46cc65aa8c50e15b0827ad95605a3536fbb854cc618f950093a3e8866c54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-version: 2.89.1
date: Thu, 09 Jun 2022 04:37:05 GMT
cf-cache-status: HIT
age: 760
x-powered-by: PHP/7.4.27
content-disposition: inline; filename="images.webp"
content-length: 3750
last-modified: Thu, 09 Jun 2022 03:34:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: private, max-age=14400
cf-polished: origFmt=jpeg, origSize=7310
accept-ranges: bytes
cf-ray: 71872b87a97801e3-ZRH
cf-bgj: imgq:100,h2pri

Redirect headers

location: http://backlink.bodiscdn.com/image/images.watchfree.to
pragma: no-cache
date: Thu, 09 Jun 2022 04:37:05 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
server: openresty
content-type: text/html; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 GettyImages-1168618923.jpg
res.cloudinary.com/highereducation/images/v1618319750/Accounting.com/GettyImages-1168618923/ 35 KB
36 KB 319ms
236ms Image
image/jpeg 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/highereducation/images/v1618319750/Accounting.com/GettyImages-1168618923/GettyImages-1168618923.jpg?_i=AA

Requested by

Host: specialoffersbank.com
URL: https://specialoffersbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

89cddae9ef4d902c1e5f6ef2ed62851efffe55519bddc497df1b1999aa27d414

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Sep 2021 16:25:45 GMT
server: Cloudinary
etag: "6902ce0776bed288035a53d84328f60a"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=218;cpu=1;start=2022-06-09T04:37:05.281Z;desc=miss,rtt;dur=17,cloudinary;dur=24;start=2022-06-09T04:37:05.324Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 36207

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/72r3aITORCs/ 35 KB
36 KB 97ms
18ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/72r3aITORCs/hqdefault.jpg

Requested by

Host: specialoffersbank.com
URL: https://specialoffersbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae2cc3402aa449596dba58a8ece3d252496504f0cff93c41cc9eb79f4c88cc9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35853
x-xss-protection: 0
server: sffe
etag: "1444928175"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Jun 2022 06:37:05 GMT

GET
H2 200 21-MTFCU-02599-1Q-Mobile-640x4504-1.jpg
www.mtfcu.coop/wp-content/uploads/2022/02/ 308 KB
309 KB 866ms
194ms Image
image/jpeg 45.79.152.74
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mtfcu.coop/wp-content/uploads/2022/02/21-MTFCU-02599-1Q-Mobile-640x4504-1.jpg
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.152.74 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1251-74.members.linode.com
Software: Flywheel/4.1.0 /
Resource Hash: da5ae5a0d9ccad6fe7dde78c52d9381390ccba834a632fb6d533dbd0aef58418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 09 Jun 2022 04:37:05 GMT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
content-length: 315788
magicmarker: 1
last-modified: Wed, 23 Feb 2022 15:43:56 GMT
server: Flywheel/4.1.0
etag: "6216563c-4d18c"
x-fw-hash: 5o9n31oozc
content-type: image/jpeg
x-fw-serve: TRUE
x-fw-type: VISIT
cache-control: max-age=604800
x-hits: 1
accept-ranges: bytes

GET
H/1.1 200
OK iStock-983321926.jpg
www.franklin.edu/sites/default/files/styles/btcb_photo/public/fr/back%20to%20college%20blog/main%20images/ 98 KB
99 KB 880ms
110ms Image
image/jpeg 199.30.211.241
FRANKLIN-UNIVERSITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.franklin.edu/sites/default/files/styles/btcb_photo/public/fr/back%20to%20college%20blog/main%20images/iStock-983321926.jpg?itok=usJ_HhgI

Requested by

Host: specialoffersbank.com
URL: https://specialoffersbank.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.30.211.241 Columbus, United States, ASN53568 (FRANKLIN-UNIVERSITY, US),

Reverse DNS

Software

Apache /

Resource Hash

4a486bce71f936a106100ef6d583789ac2fd5f9be44d056ada857b12201dd19c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://franklin.instructure.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Content-Security-Policy: frame-ancestors 'self' https://franklin.instructure.com;
Via: 1.1 varnish-v4
Last-Modified: Tue, 26 Jan 2021 15:49:38 GMT
Server: Apache
Age: 49018
ETag: "1883c-5b9cf9a152880"
Content-Type: image/jpeg
Cache-Control: max-age=1209600, private
Date: Wed, 08 Jun 2022 15:00:06 GMT
X-Varnish: 438233961 435777588
Accept-Ranges: bytes
Content-Length: 100412
x-storage: memory
Expires: Wed, 22 Jun 2022 15:00:06 GMT

GET
H3 200 jquery.fitvids.js Show response
specialoffersbank.com/wp-content/themes/foodicious/includes/js/fitvid/ 4 KB
2 KB 518ms
518ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-content/themes/foodicious/includes/js/fitvid/jquery.fitvids.js
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6295e08004dc6c02e011ed027e49efb2fcb68d569d8c9397af14791236ee9e8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 00:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXAeICtG44FiMA7enbRONGBOcXlr4Al08LqHY2LM2Zl0%2BQQsoosGNMo26u4XwFO3UH%2FOk86xVYgVAoG30g8ssC%2FTY34B2I1uF3tTSFgLcwkGYH5E3mwsOXJ1X15dXmJrghYhNzKKmMk1%2BjutjMW1dVE%2FFUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b836c52d610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 matchheight.js Show response
specialoffersbank.com/wp-content/themes/foodicious/includes/js/matchheight/ 3 KB
2 KB 515ms
515ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-content/themes/foodicious/includes/js/matchheight/matchheight.js
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e37fc992e4b37984702e4e271c5e965731eec7f88acbd4459c4e8e1c443b909

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 00:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D4Yyn61nenbX4MD8Exn%2FguE2vot82r%2BMWQvekYhWT%2FzjXhoYYvKMCBdKgfAm%2BaR6efokTVyekrEcJlDzKxVQAptNWO2oTKceM2I0ez8V3HoP0sPqk45hLjI%2BssFZMFvThBTVtU1XE1m4WtLT%2FfYDJ4srNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b836c58d610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 micromodal.js Show response
specialoffersbank.com/wp-content/themes/foodicious/includes/js/micromodal/ 11 KB
3 KB 533ms
533ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-content/themes/foodicious/includes/js/micromodal/micromodal.js
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea7bdfc3404aaf10c0401d80ad24eaf8ec9df7653a0082c1eff800487ce1785e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 00:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xkrFE%2FLobvZHYhqQjTJgwyNBX2%2BxmPkIoy8e8Yd1KrL4GT6pKNbCXAzSh%2FuORfLZJBqhjQS4KxIeHDjOEDKeBW0VujI82nOHNg%2B3KWpfObkCG9bCCx7PKbDPZJ1Kc25sRD9BGR%2BppUjMOo0KJk1uAGT2LM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b837c63d610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 outline.js Show response
specialoffersbank.com/wp-content/themes/foodicious/includes/js/outline/ 1 KB
996 B 530ms
529ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-content/themes/foodicious/includes/js/outline/outline.js
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29bee9a80398ca6705a4bad2a5b1d3de6e8c9cdc6da6b5d1b26a3d4785226de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 00:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZyryXMT3m4oPdwBj46u%2F2r2gMD6Qwuw%2B3zSLe66YaA0AdOQpemVT9TAn6rpQN5yKiGH7hWOK6ZLachefoMHQlyhd5mgjWNxWpBJGwoIzTpOij%2B8%2ByRTaNFPzzspyDlpVOOiDCCezhwcOij1RSKQVPm4Tf0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b837c66d610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 custom.js Show response
specialoffersbank.com/wp-content/themes/foodicious/includes/js/custom/ 8 KB
2 KB 518ms
516ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-content/themes/foodicious/includes/js/custom/custom.js
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec9a1081ff245634b20e80272611598cc6d9f3e0e46642573a06c6fe3d3f3bba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 00:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zn8elJZTnPRYRnmR1A9v845QyJJ09wJjfjPzzDENaNwO36RyQp%2Fw2uoOiOtz9fDs2Y9LKEIErRqTlyddoNGDrx5in%2FPtjqY7M9b1AhBGLmjo2XZ9cYQUxCgsxuRN77LVlx1K0VBh7X6DNpsXqUQBqP2G5VY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b837c67d610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 slick.min.js Show response
specialoffersbank.com/wp-content/themes/foodicious/includes/js/slickslider/ 42 KB
11 KB 671ms
670ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-content/themes/foodicious/includes/js/slickslider/slick.min.js
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 00:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Z9f7bG7VAjZT6XUH4au2c9wMzu7rm%2BySA%2FGuCh9ew7L1BjJch6NsJsNkD8OC9BBcTC8cBfIm92vX5kKdx9jS2%2BiHiZif%2FrlsKSyrBl7e1Fp47S%2FOBSq%2BO7SRWPa2NpNhHLrRa9pujSLHC18mi2MrxEPn6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b837c68d610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.slicknav.min.js Show response
specialoffersbank.com/wp-content/themes/foodicious/includes/js/slicknav/ 8 KB
3 KB 532ms
531ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-content/themes/foodicious/includes/js/slicknav/jquery.slicknav.min.js
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 00:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J23%2FDM4sFufUBed1nJx%2FF7dMNNl5MTCtSZhjPzOTVli0eCxUIFw4laO%2BkwY7rlOAeXSUE%2FuC9ZGan9iM1uwf%2FExQlIEpnLyGF93sGdQawke8GvXsJVrqgpELnbR3XHRUmeYvSB0HEm2VncH4On%2F1JDUWtR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b837c69d610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 html5shiv.js Show response
specialoffersbank.com/wp-content/themes/foodicious/includes/js/html5/ 2 KB
2 KB 535ms
534ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-content/themes/foodicious/includes/js/html5/html5shiv.js
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7a9c0470563367ab00307b4fb9bb3052d0a27f0b94e63b9dc0bb8c369449cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 00:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBXt0%2FeqvHAQeXDuJW2p%2BKQCiXFrGwCmiG%2F2DL9XmUBySvsmOxfBJoUETVWSWnMVdoIqMT9V%2F%2FJW6u1TaQ16Eqdj4v1zWoKisw2a7A69FL8e56qlGSPLY%2BgVcm32viZIi0QveJGQ3fcPKvwqJTOTDNIzMuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b837c6bd610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wp-emoji-release.min.js Show response
specialoffersbank.com/wp-includes/js/ 18 KB
5 KB 516ms
515ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 May 2022 02:22:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PK%2FJDhpX9O7kZ9I8kCGmln31H7yzDsx9e91bw2A3XC5UmOmFO951Ys%2FTEh84thC0z%2FGx8fvtG4cUboEHg2qgLmg8o3KvfemmkSSnGs6i%2FRTj9%2BS5PxwYMvM0yLurc00aJhmAY49m9zGU0M9DEVPZhPd58aI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71872b837c6cd610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 86ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700&ver=6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://specialoffersbank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 191096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 23:32:09 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v29/ 35 KB
35 KB 94ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v29/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display%3Awght%40400%3B700&ver=6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaab4ae2a2dfdfa746dd72cead3ebc53cb1b10081ebb32e755f98efebaeab965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://specialoffersbank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:31:24 GMT
x-content-type-options: nosniff
age: 32741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35948
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:31:24 GMT

GET
H3 200 fontawesome-webfont.woff2
specialoffersbank.com/wp-content/themes/foodicious/includes/fonts/ 75 KB
76 KB 994ms
993ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://specialoffersbank.com/wp-content/themes/foodicious/includes/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: specialoffersbank.com
URL: https://specialoffersbank.com/wp-content/themes/foodicious/includes/css/font-awesome.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://specialoffersbank.com/wp-content/themes/foodicious/includes/css/font-awesome.css
Origin: https://specialoffersbank.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:37:06 GMT
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 00:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCO%2FNH0smhE0Q5kGTviVwcf5LV8YdVgLdOzXuUWExxbMyggHnojJRC%2B3rykszAhiPKFOpgNIfusPPPmTNuQ2joyiSxkhnoOiccI%2FQ4bjvPxieAYtaCBeCLCbtmNQ4QsM7zHwoUqw1xIrnL1vKF83OEQ2JBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71872b839c83d610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160

GET
H2 200 ls-article-01.jpg
i0.wp.com/www.livingsquaremyanmar.com/wp-content/uploads/2019/04/ 84 KB
84 KB 63ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.livingsquaremyanmar.com/wp-content/uploads/2019/04/ls-article-01.jpg?w=1080&ssl=1

Requested by

Host: specialoffersbank.com
URL: https://specialoffersbank.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

ee4accf599b6c6e80e8f3a25928cb4bb50fa558727afc5ceec3180b778cafee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://specialoffersbank.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Thu, 09 Jun 2022 04:37:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Jun 2022 05:36:17 GMT
server: nginx
etag: "e180378ce47a22ee"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.livingsquaremyanmar.com/wp-content/uploads/2019/04/ls-article-01.jpg>; rel="canonical"
content-length: 85930
expires: Fri, 31 May 2024 17:36:17 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://specialoffersbank.com/ Message: Mixed Content: The page at 'https://specialoffersbank.com/' was loaded over HTTPS, but requested an insecure element 'http://hempoilfrog.com/wp-content/uploads/2018/12/home-business-ideas-800x400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://specialoffersbank.com/ Message: Mixed Content: The page at 'https://specialoffersbank.com/' was loaded over HTTPS, but requested an insecure element 'http://images.watchfree.to/thumbs/3141_Stephen_Kings_It_1990.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://specialoffersbank.com/(Line 308) Message: Mixed Content: The page at 'https://specialoffersbank.com/' was loaded over HTTPS, but requested an insecure element 'http://hempoilfrog.com/wp-content/uploads/2018/12/home-business-ideas-800x400.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://specialoffersbank.com/(Line 308) Message: Mixed Content: The page at 'https://specialoffersbank.com/' was loaded over HTTPS, but requested an insecure element 'http://images.watchfree.to/thumbs/3141_Stephen_Kings_It_1990.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

backlink.bodiscdn.com
fonts.googleapis.com
fonts.gstatic.com
hempoilfrog.com
i.ytimg.com
i0.wp.com
images.watchfree.to
res.cloudinary.com
specialoffersbank.com
www.franklin.edu
www.mtfcu.coop
www.oberlo.com
173.231.242.81
192.0.77.2
199.30.211.241
199.59.243.220
2606:4700:10::6816:2978
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2016
2a04:4e42:400::393
2a05:d014:275:cb00:ce75:162:d945:5f34
2a06:98c1:3121::3
45.79.152.74
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1162fdb96b59b43f82ba907b6be3acfdd30b87e1497ab838f507e06e50bfd7b5
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
29bee9a80398ca6705a4bad2a5b1d3de6e8c9cdc6da6b5d1b26a3d4785226de8
2a3a46cc65aa8c50e15b0827ad95605a3536fbb854cc618f950093a3e8866c54
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b9a989718ea0f80b4ed94f32516e3429951da34e2cc25efbe06a73e5daa7698
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
47681a2a7ed85e1e029834aabc28f0d627f4dc9bd739567016742d2ccdbc4479
4a486bce71f936a106100ef6d583789ac2fd5f9be44d056ada857b12201dd19c
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
6295e08004dc6c02e011ed027e49efb2fcb68d569d8c9397af14791236ee9e8a
72e8a3eb4c99274570a057a55be91036d8b5ae00f5ea87f4f122fe17e66339f4
7dfeac0244b044abc4b08a17dfa6ab44888fea969d11abbc3b22f24545494e5c
89cddae9ef4d902c1e5f6ef2ed62851efffe55519bddc497df1b1999aa27d414
8c7a9c0470563367ab00307b4fb9bb3052d0a27f0b94e63b9dc0bb8c369449cb
9e37fc992e4b37984702e4e271c5e965731eec7f88acbd4459c4e8e1c443b909
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aaab4ae2a2dfdfa746dd72cead3ebc53cb1b10081ebb32e755f98efebaeab965
ae2cc3402aa449596dba58a8ece3d252496504f0cff93c41cc9eb79f4c88cc9c
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
ce3703b0c6c1348d9f74f0899f22f502db3bce73bee75f2bed7147f18aa8f72a
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
da5ae5a0d9ccad6fe7dde78c52d9381390ccba834a632fb6d533dbd0aef58418
e82baf199c653761a2774ea76661f28065953aa63fbe46d83ae27a8e998daaac
ea7bdfc3404aaf10c0401d80ad24eaf8ec9df7653a0082c1eff800487ce1785e
ec9a1081ff245634b20e80272611598cc6d9f3e0e46642573a06c6fe3d3f3bba
ee4accf599b6c6e80e8f3a25928cb4bb50fa558727afc5ceec3180b778cafee3

specialoffersbank.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

29 Requests

97 %HTTPS

58 %IPv6

12 Domains

12 Subdomains

11 IPs

2 Countries

970 kBTransfer

1334 kBSize

0 Cookies

5 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

specialoffersbank.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

97 %
HTTPS

58 %
IPv6

12
Domains

12
Subdomains

11
IPs

2
Countries

970 kB
Transfer

1334 kB
Size

0
Cookies

29 HTTP transactions
0 data transactions