admin.branchoffer.com Open in urlscan Pro
162.242.183.198 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://admin.branchoffer.com/
Effective URL:
https://admin.branchoffer.com/
Submission: On January 12 via manual (January 12th 2023, 8:59:49 pm UTC) from US — Scanned from DE

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 39 HTTP transactions. The main IP is 162.242.183.198, located in United States and belongs to RACKSPACE, US. The main domain is admin.branchoffer.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 3rd 2022. Valid for: a year.

This is the only time admin.branchoffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	162.242.183.198 162.242.183.198	19994 (RACKSPACE) (RACKSPACE)
1	23.35.236.144 23.35.236.144	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.35.236.209 23.35.236.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1 4	52.48.61.43 52.48.61.43	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:34fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.195.228.119 54.195.228.119	16509 (AMAZON-02) (AMAZON-02)
1	15.236.125.10 15.236.125.10	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	142.251.208.162 142.251.208.162	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	3.86.122.109 3.86.122.109	14618 (AMAZON-AES) (AMAZON-AES)
5	35.193.75.18 35.193.75.18	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
39	14

17 162.242.183.198 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

admin.branchoffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-144.deploy.static.akamaitechnologies.com

88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-209.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.48.61.43 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-61-43.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.228.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-228-119.eu-west-1.compute.amazonaws.com

usbank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.125.10 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-125-10.eu-west-3.compute.amazonaws.com

smetrics.sdcvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.86.122.109 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-122-109.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.193.75.18 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 18.75.193.35.bc.googleusercontent.com

usbankit-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	branchoffer.com 1 redirects admin.branchoffer.com	281 KB
6	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 2388 usbankit-app.quantummetric.com	166 KB
5	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 204 usbank.demdex.net — Cisco Umbrella Rank: 17023	8 KB
4	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 957	186 KB
2	rkdms.com 1 redirects mid.rkdms.com — Cisco Umbrella Rank: 1268	234 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 215	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 253	541 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	265 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 609	395 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 350	98 B
1	sdcvisit.com smetrics.sdcvisit.com — Cisco Umbrella Rank: 70873	463 B
1	rackcdn.com 88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 944536	21 KB
39	13

	Domain	Requested by
17	admin.branchoffer.com	1 redirects admin.branchoffer.com
5	usbankit-app.quantummetric.com	cdn.quantummetric.com
4	dpm.demdex.net	1 redirects
4	tags.tiqcdn.com	admin.branchoffer.com tags.tiqcdn.com
2	mid.rkdms.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	www.google-analytics.com	admin.branchoffer.com www.google-analytics.com
1	c.bing.com	1 redirects
1	match.adsrvr.org
1	analytics.twitter.com
1	idsync.rlcdn.com
1	smetrics.sdcvisit.com	tags.tiqcdn.com
1	usbank.demdex.net	tags.tiqcdn.com
1	cdn.quantummetric.com	tags.tiqcdn.com
1	88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com	admin.branchoffer.com
39	15

This site contains no links.

Subject Issuer	Validity	Valid
admin.branchoffer.com Entrust Certification Authority - L1K	`2022-10-03` - `2023-10-03`	a year	crt.sh
*.ssl.cf2.rackcdn.com DigiCert SHA2 Secure Server CA	`2022-01-30` - `2023-01-31`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.sdcvisit.com Entrust Certification Authority - L1K	`2022-07-22` - `2023-08-03`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-18` - `2023-02-13`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://admin.branchoffer.com/
Frame ID: F5993A8620566AB024383CCB0F6F908A
Requests: 27 HTTP requests in this frame

Frame: https://usbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 2EE0AC7F52A3AE698778212CA69C1CB0
Requests: 7 HTTP requests in this frame

Frame: https://usbankit-app.quantummetric.com/?T=B&u=https%3A%2F%2Fadmin.branchoffer.com%2F&t=1673557187351&v=1673557187437&z=1&S=0&N=0&P=0
Frame ID: 8700785DEB0FAC8D8E7CDBD0F2C08C58
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BAA Landing Index - Elan

Page URL History Show full URLs

http://admin.branchoffer.com/ HTTP 301
https://admin.branchoffer.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

39
Requests

87 %
HTTPS

20 %
IPv6

13
Domains

15
Subdomains

14
IPs

4
Countries

682 kB
Transfer

2790 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://admin.branchoffer.com/ HTTP 301
https://admin.branchoffer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1673557185253 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1673557185253

Request Chain 27

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODc2MTc5MjUyMDg5OTM0ODM1ODE5MjA3NTY4OTkxMTk3NTAwNzc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODc2MTc5MjUyMDg5OTM0ODM1ODE5MjA3NTY4OTkxMTk3NTAwNzc=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAVkQZV-ShTSuFQrI5Msvfk&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 30

https://c.bing.com/c.gif?uid=87617925208993483581920756899119750077&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=21072A08CD4C66541F32389FCCC76782

Request Chain 31

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=87617925208993483581920756899119750077&_ct=img HTTP 302
https://mid.rkdms.com/restricted

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
admin.branchoffer.com/
Redirect Chain

http://admin.branchoffer.com/
https://admin.branchoffer.com/

32 KB
8 KB

590ms
361ms

Document
text/html

162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

26e11b3807aea1d5ac1b279e8050cc065466e7cab2742d09d55cdc0c9827ddb8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 6793
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
Content-Type: text/html;charset=UTF-8
Date: Thu, 12 Jan 2023 20:59:43 GMT
ETag: "633776fc"
Keep-Alive: timeout=5, max=100
Liferay-Portal: Liferay Portal Enterprise Edition 6.1.20 EE (Paton / Build 6120 / July 31, 2012)
Referrer-Policy: no-referrer-when-downgrade
Server: CRC Admin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache
Connection: close
Location: https://admin.branchoffer.com/
Pragma: no-cache

GET
H/1.1 200
OK main.css
admin.branchoffer.com/html/css/ 133 KB
23 KB 141ms
141ms Stylesheet
text/css 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/html/css/main.css?browserId=other&themeId=baa_WAR_baatheme&minifierType=css&languageId=en_US&b=6120&t=1341582090000

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

96a06b6295ca49ec9528a7613135551dc2e52c5826d7c30f46d144a4126bbf62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
Connection: Keep-Alive
Content-Length: 23151
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Jul 2012 13:41:30 GMT
Server: CRC Admin
ETag: "211d347"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Keep-Alive: timeout=5, max=99
Expires: Sun, 09 Jan 2033 20:59:43 GMT

GET
H/1.1 200
OK main.css
admin.branchoffer.com/html/portlet/journal_content/css/ 1 KB
1 KB 346ms
127ms Stylesheet
text/css 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/html/portlet/journal_content/css/main.css?browserId=other&themeId=baa_WAR_baatheme&minifierType=css&languageId=en_US&b=6120&t=1673267059000

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

461067e8ee661fd39768aa536701090fe098ef4f1109d57c0ca7823893d3003d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
Connection: Keep-Alive
Content-Length: 370
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 09 Jan 2023 12:24:19 GMT
Server: CRC Admin
ETag: "d8e9819d"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Keep-Alive: timeout=5, max=100
Expires: Sun, 09 Jan 2033 20:59:44 GMT

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
admin.branchoffer.com/html/js/ 87 KB
31 KB 810ms
587ms Script
application/javascript 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/html/js/jquery-3.5.1.min.js

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
Connection: Keep-Alive
Content-Length: 30958
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 09 Jan 2023 12:28:33 GMT
Server: CRC Admin
ETag: W/"89478-1673267313000"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 09 Jan 2033 20:59:44 GMT

GET
H/1.1 200
OK jquery-migrate-1.4.1.js Show response
admin.branchoffer.com/html/js/ 23 KB
8 KB 362ms
138ms Script
application/javascript 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/html/js/jquery-migrate-1.4.1.js

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

c68a880944aa03082e88bbe6c7df7747ee45f506fa777e76fb41709a0ba5a935

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
Connection: Keep-Alive
Content-Length: 7801
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 09 Jan 2023 12:28:33 GMT
Server: CRC Admin
ETag: W/"23497-1673267313000"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 09 Jan 2033 20:59:44 GMT

GET
H/1.1 200
OK moment.min.js Show response
admin.branchoffer.com/html/js/ 57 KB
19 KB 588ms
362ms Script
application/javascript 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/html/js/moment.min.js

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

d921ae5398393d52a0d875c602db8e2dfc30bd5865a741cc4d24c6dc7016d646

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
Connection: Keep-Alive
Content-Length: 18637
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 09 Jan 2023 12:28:33 GMT
Server: CRC Admin
ETag: W/"58863-1673267313000"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 09 Jan 2033 20:59:44 GMT

GET
H/1.1 200
OK datatables.min.js Show response
admin.branchoffer.com/html/js/ 83 KB
29 KB 387ms
133ms Script
application/javascript 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/html/js/datatables.min.js

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

4fec136e31d15a5302e0deb9d934dc5c798dc5daaa01851b194b36a828ef2392

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
Connection: Keep-Alive
Content-Length: 29309
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 09 Jan 2023 12:28:33 GMT
Server: CRC Admin
ETag: W/"85170-1673267313000"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Sun, 09 Jan 2033 20:59:44 GMT

GET
H/1.1 200
OK datetime-moment.js Show response
admin.branchoffer.com/html/js/ 2 KB
2 KB 467ms
122ms Script
application/javascript 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/html/js/datetime-moment.js

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

2a320c97429ea17677c89e56e26f1bebd05ba52522c7f9aa5a457e574274f44a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
Connection: Keep-Alive
Content-Length: 969
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 09 Jan 2023 12:28:33 GMT
Server: CRC Admin
ETag: W/"2207-1673267313000"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sun, 09 Jan 2033 20:59:44 GMT

GET
H/1.1 200
OK barebone.jsp Show response
admin.branchoffer.com/html/js/ 323 KB
105 KB 497ms
151ms Script
text/javascript 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/html/js/barebone.jsp?browserId=other&themeId=baa_WAR_baatheme&colorSchemeId=01&minifierType=js&minifierBundleId=javascript.barebone.files&languageId=en_US&b=6120&t=1673267313000

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

ce2b80e8c57d3d26d25c324a90dac34e167e935fc82f20a02d748867855cf0bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
Connection: Keep-Alive
Content-Length: 106341
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 09 Jan 2023 12:28:33 GMT
Server: CRC Admin
ETag: "3fde9344"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Keep-Alive: timeout=5, max=99
Expires: Sun, 09 Jan 2033 20:59:44 GMT

GET
H/1.1 200
OK main.css
admin.branchoffer.com/baa-theme/css/ 39 KB
9 KB 343ms
126ms Stylesheet
text/css 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/baa-theme/css/main.css?browserId=other&themeId=baa_WAR_baatheme&minifierType=css&languageId=en_US&b=6120&t=1654176565000

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

3bccb766aeb6d7721f0d938ba0c978dd53d5fb9f4170e6e6e32c76e5ab2f9c8b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Connection: Keep-Alive
Content-Length: 8394
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 02 Jun 2022 13:29:25 GMT
Server: CRC Admin
ETag: "d42e1735"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK plugins.js Show response
admin.branchoffer.com/baa-theme/js/ 120 KB
39 KB 496ms
134ms Script
application/javascript 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/baa-theme/js/plugins.js

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

6c01ac5428cd685b091777bd45ac784070b870f9b5aed10a168e91d256eb5662

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Connection: Keep-Alive
Content-Length: 39510
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 29 Jan 2019 07:21:20 GMT
Server: CRC Admin
ETag: W/"123343-1548746480000"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK bootstrap.css
88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com/css/ 142 KB
21 KB 145ms
25ms Stylesheet
text/css 23.35.236.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com/css/bootstrap.css
Requested by: Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c718b31f11b5d9b57ca0c4455aba3aba99eeb84761025c1b1072cee4d72eae06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Mar 2018 14:54:11 GMT
ETag: 6b994d9ec76a94866c11cfb102e61037
Vary: Accept-Encoding
Content-Type: text/css
X-Timestamp: 1522421650.12202
Cache-Control: public, max-age=144426
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx0be81ef10604458fb30c8-0063419b9aord1
Content-Length: 21041
Expires: Sat, 14 Jan 2023 13:06:49 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/usbank/external/dev/ 150 KB
49 KB 370ms
308ms Script
application/x-javascript 23.35.236.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/usbank/external/dev/utag.sync.js
Requested by: Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-209.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d87af700bfe3fc9e2462e4ee5c5c4b4802b74dc19befd531b087a34d70fe38e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 20:59:44 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 12:02:21 GMT
server: AkamaiNetStorage
etag: "d130f051a297b12b4407882cd31f1800:1669723341.10911"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 12 Jan 2023 21:04:44 GMT

GET
H/1.1 200
OK spacer.png
admin.branchoffer.com/baa-theme/images/ 95 B
932 B 124ms
124ms Image
image/png 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://admin.branchoffer.com/baa-theme/images/spacer.png

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

80c27e47a287a2e94bb78ec5c60a6bfd3d840e61718f5a4aacd2248ec3b3783a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Connection: Keep-Alive
Content-Length: 95
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 30 Nov 2013 12:43:08 GMT
Server: CRC Admin
ETag: W/"95-1385815388000"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Sun, 09 Jan 2033 20:59:44 GMT

GET
H/1.1 200
OK main.js Show response
admin.branchoffer.com/baa-theme/js/ 109 B
919 B 122ms
122ms Script
text/javascript 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/baa-theme/js/main.js?browserId=other&minifierType=js&languageId=en_US&b=6120&t=1654176565000

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

329dc5a1be6896ffda57ff80a3f28b265e8f2daa81d6035377f4fa81b9e47259

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Connection: Keep-Alive
Content-Length: 84
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 02 Jun 2022 13:29:25 GMT
Server: CRC Admin
ETag: "ca749a59"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Keep-Alive: timeout=5, max=98
Expires: Sun, 09 Jan 2033 20:59:44 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/usbank/external/dev/ 465 KB
130 KB 386ms
386ms Script
application/x-javascript 23.35.236.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/usbank/external/dev/utag.js
Requested by: Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-209.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93c4e2e9aa0f3b2a9e6873ffed6518b87b29eda62c238137bfe0100ee91c774c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 20:59:45 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 12:02:21 GMT
server: AkamaiNetStorage
etag: "944e2a130bd5b3c0aff57ef8b01294e8:1669723341.395011"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 12 Jan 2023 21:04:45 GMT

GET
H/1.1 200
OK error.png
admin.branchoffer.com/baa-theme/images/messages/ 701 B
2 KB 123ms
122ms Image
image/png 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://admin.branchoffer.com/baa-theme/images/messages/error.png

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/baa-theme/css/main.css?browserId=other&themeId=baa_WAR_baatheme&minifierType=css&languageId=en_US&b=6120&t=1654176565000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

c89b56c55b934b1f05ef01d47aa7169b5ca0322c37d1fcf62b067d660eb29f12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/baa-theme/css/main.css?browserId=other&themeId=baa_WAR_baatheme&minifierType=css&languageId=en_US&b=6120&t=1654176565000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:44 GMT
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Connection: Keep-Alive
Content-Length: 701
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 30 Nov 2013 12:43:08 GMT
Server: CRC Admin
ETag: W/"701-1385815388000"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sun, 09 Jan 2033 20:59:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 111ms
29ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 12 Jan 2023 20:21:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2270
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 12 Jan 2023 22:21:54 GMT

GET
H/1.1 200
OK /
admin.branchoffer.com/combo/ 270 B
909 B 124ms
124ms Stylesheet
text/css 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/combo/?browserId=other&minifierType=&languageId=en_US&b=6120&t=1673267313000&p=/html/js&m=/aui/widget-base/assets/skins/sam/widget-base.css

Requested by

Host: admin.branchoffer.com
URL: https://admin.branchoffer.com/html/js/barebone.jsp?browserId=other&themeId=baa_WAR_baatheme&colorSchemeId=01&minifierType=js&minifierBundleId=javascript.barebone.files&languageId=en_US&b=6120&t=1673267313000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

fc6e0af6c09ee55282f65c73154602835554b1996a4eb7690715b1989bbdb507

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
Connection: Keep-Alive
Content-Length: 150
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 09 Jan 2023 12:28:33 GMT
Server: CRC Admin
ETag: "27b99dd1"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Keep-Alive: timeout=5, max=96
Expires: Sun, 09 Jan 2033 20:59:44 GMT

GET
H/1.1 200
OK / Show response
admin.branchoffer.com/combo/ 2 KB
2 KB 128ms
127ms Script
text/javascript 162.242.183.198
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.branchoffer.com/combo/?browserId=other&minifierType=&languageId=en_US&b=6120&t=1673267313000&p=/html/js&m=/aui/base-build/base-build-min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.242.183.198 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

Software

CRC Admin /

Resource Hash

3aabd72904a559aa3347088891fdfa7512972125b7058ab989dcfb87e101306c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 20:59:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
Connection: Keep-Alive
Content-Length: 1194
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 09 Jan 2023 12:28:33 GMT
Server: CRC Admin
ETag: "802d5236"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: act-uat.qa.clockfour.net;
Cache-Control: no-store
Keep-Alive: timeout=5, max=99
Expires: Sun, 09 Jan 2033 20:59:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 51ms
50ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=703159249&t=pageview&_s=1&dl=https%3A%2F%2Fadmin.branchoffer.com%2F&ul=en-us&de=UTF-8&dt=BAA%20Landing%20Index%20-%20Elan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=417796616&gjid=1978033289&cid=1962403922.1673557185&tid=UA-48378840-8&_gid=902491280.1673557185&_r=1&_slc=1&z=1024699277

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.branchoffer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 20:59:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://admin.branchoffer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1673557185253
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1673557185253

1 KB
1 KB

35ms
35ms

XHR
application/json

52.48.61.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1673557185253

Protocol

HTTP/1.1

Server

52.48.61.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-61-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

1447f5e81cf57c9f2ca8d78549fc43527c1d259846b4f2c5c9004312fb3caeb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: e6mx0AVeSRk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://admin.branchoffer.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 644
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-0a2056b15.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: w24Z2hTVTp8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://admin.branchoffer.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=675616D751E567410A490D4C%40AdobeOrg&d_nsid=0&ts=1673557185253
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 quantum-usbankit.js Show response
cdn.quantummetric.com/qscripts/ 1 MB
162 KB 946ms
914ms Script
text/javascript 2606:4700:10::6816:34fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-usbankit.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/dev/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

507862c7ca7188f00a03f9f08164c949e4987faa5a5dd2f0274780e75fe08603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 20:59:46 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"167348184349116733831781781673514003178"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
cf-ray: 7888d15818572c53-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 utag.64.js Show response
tags.tiqcdn.com/utag/usbank/external/dev/ 21 KB
7 KB 13ms
12ms Script
application/x-javascript 23.35.236.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/usbank/external/dev/utag.64.js?utv=ut4.46.202010201600
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/dev/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-209.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2edc228ea64c8d99ddafa8983fcdf5568433336698ef92367eb3654d531ea1ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 20:59:45 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 19:15:09 GMT
server: AkamaiNetStorage
etag: "0eb571b49024018efda2626d47865c4f:1604517309.876466"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 6830
expires: Fri, 27 Jan 2023 20:59:45 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
216 B 7ms
7ms Script
application/x-javascript 23.35.236.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=usbank/external/202211291202&cb=1673557185281
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/dev/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-209.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.branchoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 12 Jan 2023 20:59:45 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Thu, 12 Jan 2023 21:09:45 GMT

GET
H/1.1 200
OK dest5.html Show response
usbank.demdex.net/ Frame 2EE0 7 KB
3 KB 138ms
32ms Document
text/html 54.195.228.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://usbank.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/dev/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.228.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-228-119.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://admin.branchoffer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: SNv+oCsrSfg=
content-encoding: gzip
date: Thu, 12 Jan 2023 20:59:45 GMT
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
smetrics.sdcvisit.com/ 48 B
463 B 90ms
19ms XHR
application/x-javascript 15.236.125.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.sdcvisit.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=675616D751E567410A490D4C%40AdobeOrg&mid=87881219130444680621930473624991374693&ts=1673557185523

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/usbank/external/dev/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.125.10 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-125-10.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

72a57e61ad653b33e3a1982bb3ff75309f21989a8075c39530e4cecf43b22325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://admin.branchoffer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Jan 2023 20:59:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://admin.branchoffer.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame 2EE0 0
98 B 84ms
22ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=87617925208993483581920756899119750077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 20:59:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEAVkQZV-ShTSuFQrI5Msvfk&google_cver=1
dpm.demdex.net/ Frame 2EE0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODc2MTc5MjUyMDg5OTM0ODM1ODE5MjA3NTY4OTkxMTk3NTAwNzc=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODc2MTc5MjUyMDg5OTM0ODM1ODE5MjA3NTY4OTkxMTk3NTAwNzc=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAVkQZV-ShTSuFQrI5Msvfk&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

35ms
35ms

Image
image/gif

52.48.61.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAVkQZV-ShTSuFQrI5Msvfk&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.48.61.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-61-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0cc0feb7f.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fs7MrscXQCE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 12 Jan 2023 20:59:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAVkQZV-ShTSuFQrI5Msvfk&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 2EE0 43 B
395 B 150ms
113ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=87617925208993483581920756899119750077&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 106
date: Thu, 12 Jan 2023 20:59:45 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 78b1185dd918da07
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f0ba519b5f71a78dc625cdefc98242faf9f8cbddd431b0941223cb9881f61dcb
content-length: 43

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2EE0 70 B
265 B 123ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=admin.branchoffer.com&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 12 Jan 2023 20:59:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=21072A08CD4C66541F32389FCCC76782
dpm.demdex.net/ Frame 2EE0
Redirect Chain

https://c.bing.com/c.gif?uid=87617925208993483581920756899119750077&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=21072A08CD4C66541F32389FCCC76782

42 B
942 B

35ms
35ms

Image
image/gif

52.48.61.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=21072A08CD4C66541F32389FCCC76782

Protocol

HTTP/1.1

Server

52.48.61.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-61-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-01a6f2a00.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0lhKJnffS4w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 12 Jan 2023 20:59:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3EC1EE2851E249DCB7FFB17B9E2DC030 Ref B: FRA31EDGE0515 Ref C: 2023-01-12T20:59:46Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=21072A08CD4C66541F32389FCCC76782
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

restricted
mid.rkdms.com/ Frame 2EE0
Redirect Chain

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=87617925208993483581920756899119750077&_ct=img
https://mid.rkdms.com/restricted

0
0

104ms
104ms

Image
text/html

3.86.122.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/restricted
Protocol: H2
Server: 3.86.122.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-122-109.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usbank.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 12 Jan 2023 20:59:46 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: nginx
location: /restricted
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
BLOB 200
OK b21ca12a-f129-4071-8e45-4a10cffb3994
https://admin.branchoffer.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://admin.branchoffer.com/b21ca12a-f129-4071-8e45-4a10cffb3994
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc0065ba95def2e17cb95d2872e157d939d8e7aa0aab1bfd7e43dbd9ff561780

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

POST
H2 200 / Show response
usbankit-app.quantummetric.com/ Frame 8700 90 B
914 B 404ms
129ms XHR
application/json 35.193.75.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://usbankit-app.quantummetric.com/?T=B&u=https%3A%2F%2Fadmin.branchoffer.com%2F&t=1673557187351&v=1673557187437&z=1&S=0&N=0&P=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-usbankit.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.75.18 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

18.75.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e085e2c04f0d7ee0931d8fcc65d7c7188d7e1419586a8b55bbb0513e7a549e14

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 20:59:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://admin.branchoffer.com
access-control-allow-credentials: true
x-robots-tag: noindex

POST
H2 200 / Show response
usbankit-app.quantummetric.com/ Frame 8700 0
650 B 392ms
130ms XHR
application/json 35.193.75.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://usbankit-app.quantummetric.com/?T=B&u=https%3A%2F%2Fadmin.branchoffer.com%2F&t=1673557187351&v=1673557187439&z=1&Q=1&Y=1&X=3ce674e7c7ad43b80e53d7d9941cc500

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-usbankit.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.75.18 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

18.75.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 20:59:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://admin.branchoffer.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H2 200 / Show response
usbankit-app.quantummetric.com/ Frame 8700 28 B
736 B 128ms
128ms XHR
application/json 35.193.75.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://usbankit-app.quantummetric.com/?s=90c94e0896f02e5a5d0da0064a704b93&H=6849b06536c7c66e64fea806&Q=3

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-usbankit.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.75.18 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

18.75.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 20:59:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://admin.branchoffer.com
access-control-allow-credentials: true
x-robots-tag: noindex

POST
H2 200 / Show response
usbankit-app.quantummetric.com/ Frame 8700 0
650 B 128ms
128ms XHR
application/json 35.193.75.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://usbankit-app.quantummetric.com/?T=B&u=https%3A%2F%2Fadmin.branchoffer.com%2F&t=1673557187351&v=1673557187983&H=6849b06536c7c66e64fea806&s=90c94e0896f02e5a5d0da0064a704b93&U=0adba5ad4757708f6cdb25f89c9281d4&z=1&Q=2&S=0&N=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-usbankit.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.75.18 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

18.75.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 20:59:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://admin.branchoffer.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 / Show response
usbankit-app.quantummetric.com/ Frame 8700 0
650 B 127ms
127ms XHR
application/json 35.193.75.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://usbankit-app.quantummetric.com/?T=B&u=https%3A%2F%2Fadmin.branchoffer.com%2F&t=1673557187351&v=1673557188116&H=6849b06536c7c66e64fea806&s=90c94e0896f02e5a5d0da0064a704b93&z=1&S=995&N=2&P=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-usbankit.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.75.18 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

18.75.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 20:59:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://admin.branchoffer.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
admin.branchoffer.com/baa-theme/	1969-12-31 23:59:59	Name: JSESSIONID Value: 5C6995CECF43B04D50A975B9D77115B9
admin.branchoffer.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 2AF526D74174362FA7F8121D5C5ECC90
admin.branchoffer.com/	1970-01-20 17:38:13	Name: GUEST_LANGUAGE_ID Value: en_US
admin.branchoffer.com/	1970-01-20 17:38:13	Name: COOKIE_SUPPORT Value: true
.admin.branchoffer.com/	1970-01-20 18:28:37	Name: _ga Value: GA1.3.1962403922.1673557185
.admin.branchoffer.com/	1970-01-20 08:54:03	Name: _gid Value: GA1.3.902491280.1673557185
.admin.branchoffer.com/	1970-01-20 08:52:37	Name: _gat Value: 1
.branchoffer.com/	1970-01-20 17:38:13	Name: utag_main Value: v_id:0185a7c812de001378182b60d5ef03073001e06b00b08$_sn:1$_se:1$_ss:1$_st:1673558985247$ses_id:1673557185247%3Bexp-session$_pn:1%3Bexp-session
.demdex.net/	1970-01-20 13:11:49	Name: demdex Value: 87617925208993483581920756899119750077
.branchoffer.com/	1969-12-31 23:59:59	Name: AMCVS_675616D751E567410A490D4C%40AdobeOrg Value: 1
.branchoffer.com/	1970-01-20 18:28:37	Name: AMCV_675616D751E567410A490D4C%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19370%7CMCMID%7C87881219130444680621930473624991374693%7CMCAAMLH-1674161985%7C6%7CMCAAMB-1674161985%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1673564385s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.doubleclick.net/	1970-01-20 18:14:13	Name: IDE Value: AHWqTUlHSpya1cmRdTeSp8eP5IdqF9FtE3RjF_PEPiZuktDDoQkfK48oEARARqbMqPg
.dpm.demdex.net/	1970-01-20 13:11:49	Name: dpm Value: 87617925208993483581920756899119750077
.twitter.com/	1970-01-20 18:28:37	Name: personalization_id Value: "v1_HzLrDXZTgxS/tWOwfcbuOg=="
.bing.com/	1970-01-20 18:14:13	Name: MUID Value: 21072A08CD4C66541F32389FCCC76782
.demdex.net/	1970-01-20 13:11:49	Name: dextp Value: 60-1-1673557185681\|771-1-1673557185782\|1123-1-1673557185883\|903-1-1673557185983\|1957-1-1673557186084\|129099-1-1673557186185
usbankit-app.quantummetric.com/	1969-12-31 23:59:59	Name: s Value: 90c94e0896f02e5a5d0da0064a704b93
usbankit-app.quantummetric.com/	1970-01-20 17:38:13	Name: U Value: 0adba5ad4757708f6cdb25f89c9281d4
.branchoffer.com/	1970-01-20 08:52:38	Name: QuantumMetricSessionID Value: 90c94e0896f02e5a5d0da0064a704b93
.branchoffer.com/	1970-01-20 17:38:13	Name: QuantumMetricUserID Value: 0adba5ad4757708f6cdb25f89c9281d4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=87617925208993483581920756899119750077 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' crc.elanfinancialservices.com crcadmin.elanfinancialservices.com mediaserver-elan.qa.clockfour.net *.getmetrical.com c4twilio.clockfour.net cardcentral.usbank.com auth.cardcentral.usbank.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

88cea71d446b5cb60fe4-65f1242d80004611c0f2d4448a3c4128.ssl.cf2.rackcdn.com
admin.branchoffer.com
analytics.twitter.com
c.bing.com
cdn.quantummetric.com
cm.g.doubleclick.net
dpm.demdex.net
idsync.rlcdn.com
match.adsrvr.org
mid.rkdms.com
smetrics.sdcvisit.com
tags.tiqcdn.com
usbank.demdex.net
usbankit-app.quantummetric.com
www.google-analytics.com
104.244.42.3
142.251.208.162
15.236.125.10
162.242.183.198
23.35.236.144
23.35.236.209
2606:4700:10::6816:34fc
2620:1ec:c11::200
2a00:1450:400d:80c::200e
3.33.220.150
3.86.122.109
35.193.75.18
35.244.174.68
52.48.61.43
54.195.228.119
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
1447f5e81cf57c9f2ca8d78549fc43527c1d259846b4f2c5c9004312fb3caeb5
26e11b3807aea1d5ac1b279e8050cc065466e7cab2742d09d55cdc0c9827ddb8
2a320c97429ea17677c89e56e26f1bebd05ba52522c7f9aa5a457e574274f44a
2edc228ea64c8d99ddafa8983fcdf5568433336698ef92367eb3654d531ea1ce
329dc5a1be6896ffda57ff80a3f28b265e8f2daa81d6035377f4fa81b9e47259
3aabd72904a559aa3347088891fdfa7512972125b7058ab989dcfb87e101306c
3bccb766aeb6d7721f0d938ba0c978dd53d5fb9f4170e6e6e32c76e5ab2f9c8b
461067e8ee661fd39768aa536701090fe098ef4f1109d57c0ca7823893d3003d
4fec136e31d15a5302e0deb9d934dc5c798dc5daaa01851b194b36a828ef2392
507862c7ca7188f00a03f9f08164c949e4987faa5a5dd2f0274780e75fe08603
6c01ac5428cd685b091777bd45ac784070b870f9b5aed10a168e91d256eb5662
72a57e61ad653b33e3a1982bb3ff75309f21989a8075c39530e4cecf43b22325
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
80c27e47a287a2e94bb78ec5c60a6bfd3d840e61718f5a4aacd2248ec3b3783a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93c4e2e9aa0f3b2a9e6873ffed6518b87b29eda62c238137bfe0100ee91c774c
96a06b6295ca49ec9528a7613135551dc2e52c5826d7c30f46d144a4126bbf62
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c68a880944aa03082e88bbe6c7df7747ee45f506fa777e76fb41709a0ba5a935
c718b31f11b5d9b57ca0c4455aba3aba99eeb84761025c1b1072cee4d72eae06
c89b56c55b934b1f05ef01d47aa7169b5ca0322c37d1fcf62b067d660eb29f12
ce2b80e8c57d3d26d25c324a90dac34e167e935fc82f20a02d748867855cf0bd
d87af700bfe3fc9e2462e4ee5c5c4b4802b74dc19befd531b087a34d70fe38e7
d921ae5398393d52a0d875c602db8e2dfc30bd5865a741cc4d24c6dc7016d646
e085e2c04f0d7ee0931d8fcc65d7c7188d7e1419586a8b55bbb0513e7a549e14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
fc0065ba95def2e17cb95d2872e157d939d8e7aa0aab1bfd7e43dbd9ff561780
fc6e0af6c09ee55282f65c73154602835554b1996a4eb7690715b1989bbdb507

admin.branchoffer.com Open in urlscan Pro 162.242.183.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

87 %HTTPS

20 %IPv6

13 Domains

15 Subdomains

14 IPs

4 Countries

682 kBTransfer

2790 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

admin.branchoffer.com Open in urlscan Pro
162.242.183.198 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

87 %
HTTPS

20 %
IPv6

13
Domains

15
Subdomains

14
IPs

4
Countries

682 kB
Transfer

2790 kB
Size

20
Cookies

39 HTTP transactions
0 data transactions