boi.visaoffers.eu Open in urlscan Pro
104.18.16.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.boi-alerts.visaoffers.eu/lnk/BAAAAIkgZB8AAAAAAAUAAJAI8YsAAAAAAAEAAAAAAAmIiQBd6QUm8TEzx0IDQ_SGUIMfs-vOhgAG8Os/2/9RKgX7iFh0...
Effective URL:
https://boi.visaoffers.eu/signin
Submission: On December 05 via manual (December 5th 2019, 1:31:57 pm UTC) from IE

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 25 HTTP transactions. The main IP is 104.18.16.210, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is boi.visaoffers.eu.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 12th 2019. Valid for: a year.

This is the only time boi.visaoffers.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.241.186.140 35.241.186.140	15169 (GOOGLE) (GOOGLE - Google LLC)
18	104.18.16.210 104.18.16.210	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
25	4

1 35.241.186.140 (Ascension Island) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 140.186.241.35.bc.googleusercontent.com

links.boi-alerts.visaoffers.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.18.16.210 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

boi.visaoffers.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	visaoffers.eu 1 redirects links.boi-alerts.visaoffers.eu boi.visaoffers.eu	255 KB
4	googleapis.com maps.googleapis.com	122 KB
1	google-analytics.com www.google-analytics.com	17 KB
0	google.de Failed www.google.de Failed
0	google.com Failed www.google.com Failed
25	5

	Domain	Requested by
18	boi.visaoffers.eu	boi.visaoffers.eu
4	maps.googleapis.com	boi.visaoffers.eu maps.googleapis.com
1	www.google-analytics.com	boi.visaoffers.eu
1	links.boi-alerts.visaoffers.eu	1 redirects
0	www.google.de Failed
0	www.google.com Failed
25	6

This site contains links to these domains. Also see Links.

Domain
personalbanking.bankofireland.com

Subject Issuer	Validity	Valid
visaoffers.eu CloudFlare Inc ECC CA-2	`2019-08-12` - `2020-08-11`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://boi.visaoffers.eu/signin
Frame ID: 825832877C730B3DB22F12ACF85E5A03
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://links.boi-alerts.visaoffers.eu/lnk/BAAAAIkgZB8AAAAAAAUAAJAI8YsAAAAAAAEAAAAAAAmIiQBd6QUm8TEzx0IDQ_SGUIMfs-vO... HTTP 302
https://boi.visaoffers.eu/signin Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

25
Requests

92 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

4
IPs

4
Countries

394 kB
Transfer

1208 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://personalbanking.bankofireland.com/bank/current-accounts/live-life-rewards/cashback-as-you-shop/
Title: Bank of Ireland

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.boi-alerts.visaoffers.eu/lnk/BAAAAIkgZB8AAAAAAAUAAJAI8YsAAAAAAAEAAAAAAAmIiQBd6QUm8TEzx0IDQ_SGUIMfs-vOhgAG8Os/2/9RKgX7iFh0-dHQSpbEzxWA/aHR0cHM6Ly9ib2kudmlzYW9mZmVycy5ldS9zaWduaW4 HTTP 302
https://boi.visaoffers.eu/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=424422908&t=pageview&_s=1&dl=https%3A%2F%2Fboi.visaoffers.eu%2Fsignin&dp=%2Fsignin&ul=en-us&de=UTF-8&dt=Sign%20in%20-%20Live%20Life%20Rewards%20from%20Bank%20of%20Ireland&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEBAAEAB~&jid=1349833636&gjid=217712011&cid=1975001494.1575552699&tid=UA-83359853-1&_gid=287163587.1575552699&_r=1&z=219413129 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83359853-1&cid=1975001494.1575552699&jid=1349833636&_gid=287163587.1575552699&gjid=217712011&_v=j79&z=219413129 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-83359853-1&cid=1975001494.1575552699&jid=1349833636&_v=j79&z=219413129

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin Show response
boi.visaoffers.eu/
Redirect Chain

http://links.boi-alerts.visaoffers.eu/lnk/BAAAAIkgZB8AAAAAAAUAAJAI8YsAAAAAAAEAAAAAAAmIiQBd6QUm8TEzx0IDQ_SGUIMfs-vOhgAG8Os/2/9RKgX7iFh0-dHQSpbEzxWA/aHR0cHM6Ly9ib2kudmlzYW9mZmVycy5ldS9zaWduaW4
https://boi.visaoffers.eu/signin

17 KB
6 KB

277ms
179ms

Document
text/html

104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f88860ffefeac394f5c5c6b62f0ecc1a4c7d318a69966d76b0ac955b896f0ded

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' www.google.com .google-analytics.com .googleapis.com .gstatic.com .googletagmanager.com connect.facebook.net www.facebook.com .doubleclick.net adservice.google.com ct.pinterest.com .trialpay.com:* trialpay.com .tp-cdn.com .cloudfront.net .omtrdc.net .tt.omtrdc.net *.demdex.net sc.ulsterbank.ie assets.adobedtm.com;frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: boi.visaoffers.eu
:scheme: https
:path: /signin
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 05 Dec 2019 13:31:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4433d3512cbbf3adcd8f676b337c4f3b1575552698; expires=Sat, 04-Jan-20 13:31:38 GMT; path=/; domain=.visaoffers.eu; HttpOnly; Secure AWSALB=zkebSqDsqIayw4yqc6jsXLzFQMzXAKNmYZ1QHC45dhPwCtUH6sHZRbUH8EcS7hASBG7f2vSRtnjvyk0HOjArTd60GXeavYPDuKIh0r/pcmPlO6n5V+R2KNu8d269; Expires=Thu, 12 Dec 2019 13:31:38 GMT; Path=/ ssid_secure=i166q7lq0rklqmq0uka3casu6va6a112177bceb8; path=/; domain=boi.visaoffers.eu; secure; HttpOnly
vary: X-Forwarded-Proto,Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' www.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.googletagmanager.com connect.facebook.net www.facebook.com *.doubleclick.net adservice.google.com ct.pinterest.com *.trialpay.com:* trialpay.com *.tp-cdn.com *.cloudfront.net *.omtrdc.net *.tt.omtrdc.net *.demdex.net sc.ulsterbank.ie assets.adobedtm.com;frame-ancestors 'self'
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 540661ad7ffedfc3-FRA
content-encoding: br

Redirect headers

date: Thu, 05 Dec 2019 13:31:38 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
location: https://boi.visaoffers.eu/signin

GET
H2 200 vcrunch-icons.woff
boi.visaoffers.eu/fonts/ 4 KB
4 KB 27ms
26ms Font
application/octet-stream 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/fonts/vcrunch-icons.woff

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8cdbd5952654c12c392ba165a4805ce9f61c65ce67923d32e9e760c9947ad63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://boi.visaoffers.eu/signin
Origin: https://boi.visaoffers.eu

Response headers

date: Thu, 05 Dec 2019 13:31:38 GMT
cf-cache-status: HIT
last-modified: Thu, 10 Oct 2019 20:18:03 GMT
server: cloudflare
age: 2953
etag: "115c-59494193c34c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Origin, Accept-Encoding
status: 200
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-ray: 540661aeabf0dfc3-FRA
content-length: 4444

GET
H2 200 normalize.css
boi.visaoffers.eu/css/ 7 KB
2 KB 27ms
26ms Stylesheet
text/css 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/css/normalize.css?rev=44cd4004ce8ea9d9ee8af8cb40db60eccfdbcceb0af288f044a210d4ed7ed21c

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d65bf66f0c26374e0550145b264b5dbdfb7e6b78c48e2e68453583878bc30801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Oct 2019 20:15:49 GMT
server: cloudflare
age: 2953
etag: W/"1c6f-59494113f8740-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/css
status: 200
strict-transport-security: max-age=31536000
cf-ray: 540661aeabf5dfc3-FRA

GET
H2 200 boi.css
boi.visaoffers.eu/css/ 108 KB
17 KB 53ms
53ms Stylesheet
text/css 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/css/boi.css?rev=b76b8444b2df64440c8ae3e7a1ef179264f7dfac5eba668ae104f9fe90da69b4

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

099ca723c8b2bc819d1f18823fff448f42d6c90f8bf02a478699f5523ae5dcc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Nov 2019 04:42:09 GMT
server: cloudflare
age: 2953
etag: W/"1ae50-59860bc6b8a40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/css
status: 200
strict-transport-security: max-age=31536000
cf-ray: 540661aeabf6dfc3-FRA

GET
H2 200 vendor-head-bundle-deb37d92df.js Show response
boi.visaoffers.eu/build/ 251 KB
84 KB 32ms
32ms Script
text/javascript 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/build/vendor-head-bundle-deb37d92df.js

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a404d6d26fa6867b1908f9c57a3e115871a78d133841614b9b1c062b9653df25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://boi.visaoffers.eu/signin
Origin: https://boi.visaoffers.eu

Response headers

date: Thu, 05 Dec 2019 13:31:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Nov 2019 04:42:07 GMT
server: cloudflare
age: 2953
etag: W/"3eb50-59860bc4d05c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,Origin
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000
cf-ray: 540661aeabf9dfc3-FRA

GET
H2 200 member-logo.png
boi.visaoffers.eu/img/member/boi/ 9 KB
9 KB 66ms
66ms Image
image/png 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://boi.visaoffers.eu/img/member/boi/member-logo.png?rev=abe7a06d688f1dd0e17a34d5061b409132ba23cfd130a3ff1a1462231e4a313a

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4163646b1eef29dc31a38e88d5e1096f9f0e60ad977f9a1d3ae69707b4c3755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:38 GMT
cf-cache-status: MISS
last-modified: Thu, 10 Oct 2019 20:18:03 GMT
server: cloudflare
etag: "23f4-59494193c34c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/png
status: 200
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-ray: 540661aeabfcdfc3-FRA
content-length: 9204

GET
H2 200 visa-logo.png
boi.visaoffers.eu/img/ 11 KB
12 KB 72ms
72ms Image
image/png 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://boi.visaoffers.eu/img/visa-logo.png?rev=44cd4004ce8ea9d9ee8af8cb40db60eccfdbcceb0af288f044a210d4ed7ed21c

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

82081f15656c4c8e116017ff48f9fe55a71fccf6ee93298a704b40ea3cbe7cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:38 GMT
cf-cache-status: MISS
last-modified: Thu, 10 Oct 2019 20:15:49 GMT
server: cloudflare
etag: "2df7-59494113f8740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/png
status: 200
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-ray: 540661aeac03dfc3-FRA
content-length: 11767

GET
H2 200 footer-logo.png
boi.visaoffers.eu/img/member/boi/ 6 KB
6 KB 24ms
23ms Image
image/png 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://boi.visaoffers.eu/img/member/boi/footer-logo.png?rev=abe7a06d688f1dd0e17a34d5061b409132ba23cfd130a3ff1a1462231e4a313a

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a893e80f969a03699d2bac7f10fcd220d42b58c162fa3be5bf5b825d52572d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:38 GMT
cf-cache-status: HIT
age: 2953
cf-polished: origSize=11767, status=vary_header_present
status: 200
strict-transport-security: max-age=31536000
content-length: 5997
last-modified: Thu, 10 Oct 2019 20:18:03 GMT
server: cloudflare
etag: "2df7-59494193c34c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 540661af1d79dfc3-FRA
cf-bgj: imgq:100

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 125 KB
40 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAXj9MwirNue2eHYO-60bGXv9GJQu9GSZk&libraries=geometry,places

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

mafe /

Resource Hash

1276cee0abc1ac364d5a066ad2d0ee18e6ddd6b4072b855cd1952884fdc3ccc5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:38 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
vary: Accept-Language
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=21
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41257
x-xss-protection: 0
expires: Thu, 05 Dec 2019 14:01:38 GMT

GET
H2 200 angular-locale_en-ie.js Show response
boi.visaoffers.eu/js/vendor/locale/ 3 KB
1 KB 22ms
21ms Script
text/javascript 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/js/vendor/locale/angular-locale_en-ie.js?rev=9e9b2e1b182390fbda642c43976532968179f6674e4d8eae5d1a0186264852b4

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0912dca04e5f9e99b0029e5c3fff91173677442ac404b53f5819dfaad89dd65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Oct 2019 20:18:04 GMT
server: cloudflare
age: 2953
etag: W/"ab6-59494194b7700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,Origin
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000
cf-ray: 540661af1d69dfc3-FRA

GET
H2 200 vendor-body-bundle-b37e445c4a.js Show response
boi.visaoffers.eu/build/ 257 KB
77 KB 31ms
30ms Script
text/javascript 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/build/vendor-body-bundle-b37e445c4a.js

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dc2bf6e2e95bee21d28365398b8892a579f8b8f2181c3c67df79733dfc45f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://boi.visaoffers.eu/signin
Origin: https://boi.visaoffers.eu

Response headers

date: Thu, 05 Dec 2019 13:31:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Nov 2019 04:42:08 GMT
server: cloudflare
age: 2953
etag: W/"40287-59860bc5c4800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,Origin
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000
cf-ray: 540661af1d6edfc3-FRA

GET
H2 200 app-modules-bundle-981bb78e9b.js Show response
boi.visaoffers.eu/build/ 80 KB
20 KB 33ms
32ms Script
text/javascript 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/build/app-modules-bundle-981bb78e9b.js

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e87c060d4d0da3515be2975f77afa3e575933da9349b8b7806b7998de1f5b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://boi.visaoffers.eu/signin
Origin: https://boi.visaoffers.eu

Response headers

date: Thu, 05 Dec 2019 13:31:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Nov 2019 04:42:08 GMT
server: cloudflare
age: 2953
etag: W/"13e89-59860bc5c4800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,Origin
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000
cf-ray: 540661af1d70dfc3-FRA

GET
H2 200 app-bundle-1b04a4baa0.js Show response
boi.visaoffers.eu/build/ 57 KB
12 KB 34ms
33ms Script
text/javascript 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/build/app-bundle-1b04a4baa0.js

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d9e395a5cff22431e92ed88501fae10db897fb67db47e2b2464eb4cd97c1e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://boi.visaoffers.eu/signin
Origin: https://boi.visaoffers.eu

Response headers

date: Thu, 05 Dec 2019 13:31:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Nov 2019 04:42:09 GMT
server: cloudflare
age: 2952
etag: W/"e424-59860bc6b8a40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,Origin
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000
cf-ray: 540661af1d74dfc3-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3481
date: Thu, 05 Dec 2019 12:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 05 Dec 2019 14:33:37 GMT

GET
H2 200 password-policy-popover.php Show response
boi.visaoffers.eu/partials/ 260 B
953 B 94ms
92ms XHR
text/html 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/partials/password-policy-popover.php

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/build/vendor-head-bundle-deb37d92df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e63f0cef84d0451f52351301db2a7b2b3e53e181d7573a4e6725a2353b1257b

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' www.google.com .google-analytics.com .googleapis.com .gstatic.com .googletagmanager.com connect.facebook.net www.facebook.com .doubleclick.net adservice.google.com ct.pinterest.com .trialpay.com:* trialpay.com .tp-cdn.com .cloudfront.net .omtrdc.net .tt.omtrdc.net *.demdex.net sc.ulsterbank.ie assets.adobedtm.com;frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
vary: X-Forwarded-Proto,Accept-Encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' www.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.googletagmanager.com connect.facebook.net www.facebook.com *.doubleclick.net adservice.google.com ct.pinterest.com *.trialpay.com:* trialpay.com *.tp-cdn.com *.cloudfront.net *.omtrdc.net *.tt.omtrdc.net *.demdex.net sc.ulsterbank.ie assets.adobedtm.com;frame-ancestors 'self'
cf-ray: 540661b2c899dfc3-FRA
expires: -1

GET
H2 200 home.php Show response
boi.visaoffers.eu/views/ 6 KB
1 KB 108ms
108ms XHR
text/html 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/views/home.php

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/build/vendor-head-bundle-deb37d92df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d2a4c7232682489b88392ee73e89077d91cacd114a0da02d39e3d6b9e17e085

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' www.google.com .google-analytics.com .googleapis.com .gstatic.com .googletagmanager.com connect.facebook.net www.facebook.com .doubleclick.net adservice.google.com ct.pinterest.com .trialpay.com:* trialpay.com .tp-cdn.com .cloudfront.net .omtrdc.net .tt.omtrdc.net *.demdex.net sc.ulsterbank.ie assets.adobedtm.com;frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
vary: X-Forwarded-Proto,Accept-Encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' www.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.googletagmanager.com connect.facebook.net www.facebook.com *.doubleclick.net adservice.google.com ct.pinterest.com *.trialpay.com:* trialpay.com *.tp-cdn.com *.cloudfront.net *.omtrdc.net *.tt.omtrdc.net *.demdex.net sc.ulsterbank.ie assets.adobedtm.com;frame-ancestors 'self'
cf-ray: 540661b2c89bdfc3-FRA
expires: -1

GET
H2 200 remove-card-confirm.php Show response
boi.visaoffers.eu/partials/ 1008 B
501 B 103ms
103ms XHR
text/html 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/partials/remove-card-confirm.php

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/build/vendor-head-bundle-deb37d92df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc65a7a017d1f945807378eb969b13c3c3deebbf03428ec10393b766b2ab7933

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' www.google.com .google-analytics.com .googleapis.com .gstatic.com .googletagmanager.com connect.facebook.net www.facebook.com .doubleclick.net adservice.google.com ct.pinterest.com .trialpay.com:* trialpay.com .tp-cdn.com .cloudfront.net .omtrdc.net .tt.omtrdc.net *.demdex.net sc.ulsterbank.ie assets.adobedtm.com;frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
vary: X-Forwarded-Proto,Accept-Encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' www.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.googletagmanager.com connect.facebook.net www.facebook.com *.doubleclick.net adservice.google.com ct.pinterest.com *.trialpay.com:* trialpay.com *.tp-cdn.com *.cloudfront.net *.omtrdc.net *.tt.omtrdc.net *.demdex.net sc.ulsterbank.ie assets.adobedtm.com;frame-ancestors 'self'
cf-ray: 540661b2c89ddfc3-FRA
expires: -1

GET
H2 200 signin.php Show response
boi.visaoffers.eu/views/ 3 KB
1 KB 100ms
99ms XHR
text/html 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://boi.visaoffers.eu/views/signin.php

Requested by

Host: boi.visaoffers.eu
URL: https://boi.visaoffers.eu/build/vendor-head-bundle-deb37d92df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea4241d60cfd7bf65d65cc764586a5ba79c5ff341b3298ef772339cd750519a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' www.google.com .google-analytics.com .googleapis.com .gstatic.com .googletagmanager.com connect.facebook.net www.facebook.com .doubleclick.net adservice.google.com ct.pinterest.com .trialpay.com:* trialpay.com .tp-cdn.com .cloudfront.net .omtrdc.net .tt.omtrdc.net *.demdex.net sc.ulsterbank.ie assets.adobedtm.com;frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
vary: X-Forwarded-Proto,Accept-Encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' www.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.googletagmanager.com connect.facebook.net www.facebook.com *.doubleclick.net adservice.google.com ct.pinterest.com *.trialpay.com:* trialpay.com *.tp-cdn.com *.cloudfront.net *.omtrdc.net *.tt.omtrdc.net *.demdex.net sc.ulsterbank.ie assets.adobedtm.com;frame-ancestors 'self'
cf-ray: 540661b2e8ecdfc3-FRA
expires: -1

GET
H2 200 spinner-white.svg
boi.visaoffers.eu/img/ 236 B
281 B 20ms
20ms Image
image/svg+xml 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://boi.visaoffers.eu/img/spinner-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

858af9b42e83a9af898d89d149b2c40b6c416b8f058bab5f85565bf0449fecb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Oct 2019 20:18:04 GMT
server: cloudflare
age: 2952
etag: W/"ec-59494194b7700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/svg+xml
status: 200
strict-transport-security: max-age=31536000
cf-ray: 540661b2e8eddfc3-FRA

GET
H2 200 spinner.svg
boi.visaoffers.eu/img/ 239 B
247 B 21ms
20ms Image
image/svg+xml 104.18.16.210
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://boi.visaoffers.eu/img/spinner.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.210 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8a854d6b4ab67b91732fa67665e525f70b81f2203a77a0d619089be9256ab8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://boi.visaoffers.eu/css/boi.css?rev=b76b8444b2df64440c8ae3e7a1ef179264f7dfac5eba668ae104f9fe90da69b4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 13:31:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Oct 2019 20:18:04 GMT
server: cloudflare
age: 2952
etag: W/"ef-59494194b7700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto, Accept-Encoding
content-type: image/svg+xml
status: 200
strict-transport-security: max-age=31536000
cf-ray: 540661b2e8f2dfc3-FRA

GET

ga-audiences
www.google.com/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=424422908&t=pageview&_s=1&dl=https%3A%2F%2Fboi.visaoffers.eu%2Fsignin&dp=%2Fsignin&ul=en-us&de=UTF-8&dt=Sign%20in%20-%20Live%20Life%20Rewards...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83359853-1&cid=1975001494.1575552699&jid=1349833636&_gid=287163587.1575552699&gjid=217712011&_v=j79&z=219413129
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-83359853-1&cid=1975001494.1575552699&jid=1349833636&_v=j79&z=219413129

0
0

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/39/1/ 76 KB
28 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/39/1/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAXj9MwirNue2eHYO-60bGXv9GJQu9GSZk&libraries=geometry,places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

276dfe3f1d67e4460d746e5fa7ecbf1aabe9be167f7b7d9e79d35adde1e229c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Dec 2019 16:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 03:15:12 GMT
server: sffe
age: 75634
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28590
x-xss-protection: 0
expires: Thu, 03 Dec 2020 16:31:10 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/39/1/ 143 KB
53 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/39/1/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAXj9MwirNue2eHYO-60bGXv9GJQu9GSZk&libraries=geometry,places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

babc197dfa92700bfd942fb45aff16cdbebff91715997560805ab61ef53b0ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Dec 2019 16:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 03:15:12 GMT
server: sffe
age: 75629
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 54080
x-xss-protection: 0
expires: Thu, 03 Dec 2020 16:31:15 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 60 B
146 B 31ms
31ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fboi.visaoffers.eu%2Fsignin&4sAIzaSyAXj9MwirNue2eHYO-60bGXv9GJQu9GSZk&callback=_xdc_._m0xe1&key=AIzaSyAXj9MwirNue2eHYO-60bGXv9GJQu9GSZk&token=61176

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/39/1/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

mafe /

Resource Hash

631bce36f192762f018f7865698764f70c1422cb9c4ef40b400043d3ed3bfaee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://boi.visaoffers.eu/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Dec 2019 13:31:44 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=17
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-83359853-1&cid=1975001494.1575552699&jid=1349833636&_v=j79&z=219413129

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-83359853-1&cid=1975001494.1575552699&jid=1349833636&_v=j79&z=219413129&slf_rd=1&random=3689302311

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.boi.visaoffers.eu/	1969-12-31 23:59:59	Name: ssid_secure Value: i166q7lq0rklqmq0uka3casu6va6a112177bceb8
.visaoffers.eu/	1970-01-19 23:10:24	Name: _ga Value: GA1.2.1975001494.1575552699
boi.visaoffers.eu/	1970-01-19 05:49:17	Name: AWSALB Value: zkebSqDsqIayw4yqc6jsXLzFQMzXAKNmYZ1QHC45dhPwCtUH6sHZRbUH8EcS7hASBG7f2vSRtnjvyk0HOjArTd60GXeavYPDuKIh0r/pcmPlO6n5V+R2KNu8d269
.visaoffers.eu/	1970-01-19 05:40:39	Name: _gid Value: GA1.2.287163587.1575552699
.visaoffers.eu/	1970-01-19 06:22:24	Name: __cfduid Value: d4433d3512cbbf3adcd8f676b337c4f3b1575552698

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://boi.visaoffers.eu/build/vendor-head-bundle-deb37d92df.js(Line 127) Message: SessionExpiration#init
console-api	info	URL: https://boi.visaoffers.eu/build/vendor-head-bundle-deb37d92df.js(Line 127) Message: app run
console-api	log	URL: https://boi.visaoffers.eu/build/app-bundle-1b04a4baa0.js(Line 1) Message: { "screen": { "availWidth": 1600, "availHeight": 1200, "width": 1600, "height": 1200, "availLeft": 0, "availTop": 0 }, "window": { "innerWidth": 1600, "outerWidth": 1600, "innerHeight": 1200, "outerHeight": 1200 }, "documentElement": { "clientWidth": 1585, "clientHeight": 1200, "offsetWidth": 1585, "offsetHeight": 1200, "scrollWidth": 1585, "scrollHeight": 1354 }, "body": { "clientWidth": 1585, "clientHeight": 1200, "offsetWidth": 1585, "offsetHeight": 1200, "scrollWidth": 1585, "scrollHeight": 1354 } }

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' www.google.com .google-analytics.com .googleapis.com .gstatic.com .googletagmanager.com connect.facebook.net www.facebook.com .doubleclick.net adservice.google.com ct.pinterest.com .trialpay.com:* trialpay.com .tp-cdn.com .cloudfront.net .omtrdc.net .tt.omtrdc.net *.demdex.net sc.ulsterbank.ie assets.adobedtm.com;frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

boi.visaoffers.eu
links.boi-alerts.visaoffers.eu
maps.googleapis.com
www.google-analytics.com
www.google.com
www.google.de
www.google.com
www.google.de
104.18.16.210
2a00:1450:4001:806::200a
2a00:1450:4001:808::200e
35.241.186.140
099ca723c8b2bc819d1f18823fff448f42d6c90f8bf02a478699f5523ae5dcc7
0e63f0cef84d0451f52351301db2a7b2b3e53e181d7573a4e6725a2353b1257b
0ea4241d60cfd7bf65d65cc764586a5ba79c5ff341b3298ef772339cd750519a
1276cee0abc1ac364d5a066ad2d0ee18e6ddd6b4072b855cd1952884fdc3ccc5
1d9e395a5cff22431e92ed88501fae10db897fb67db47e2b2464eb4cd97c1e8f
276dfe3f1d67e4460d746e5fa7ecbf1aabe9be167f7b7d9e79d35adde1e229c0
2d2a4c7232682489b88392ee73e89077d91cacd114a0da02d39e3d6b9e17e085
2e87c060d4d0da3515be2975f77afa3e575933da9349b8b7806b7998de1f5b9a
631bce36f192762f018f7865698764f70c1422cb9c4ef40b400043d3ed3bfaee
7dc2bf6e2e95bee21d28365398b8892a579f8b8f2181c3c67df79733dfc45f98
82081f15656c4c8e116017ff48f9fe55a71fccf6ee93298a704b40ea3cbe7cec
858af9b42e83a9af898d89d149b2c40b6c416b8f058bab5f85565bf0449fecb2
a0912dca04e5f9e99b0029e5c3fff91173677442ac404b53f5819dfaad89dd65
a404d6d26fa6867b1908f9c57a3e115871a78d133841614b9b1c062b9653df25
a893e80f969a03699d2bac7f10fcd220d42b58c162fa3be5bf5b825d52572d80
b8cdbd5952654c12c392ba165a4805ce9f61c65ce67923d32e9e760c9947ad63
babc197dfa92700bfd942fb45aff16cdbebff91715997560805ab61ef53b0ef0
d65bf66f0c26374e0550145b264b5dbdfb7e6b78c48e2e68453583878bc30801
d8a854d6b4ab67b91732fa67665e525f70b81f2203a77a0d619089be9256ab8a
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e4163646b1eef29dc31a38e88d5e1096f9f0e60ad977f9a1d3ae69707b4c3755
f88860ffefeac394f5c5c6b62f0ecc1a4c7d318a69966d76b0ac955b896f0ded
fc65a7a017d1f945807378eb969b13c3c3deebbf03428ec10393b766b2ab7933

boi.visaoffers.eu Open in urlscan Pro 104.18.16.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

92 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

4 IPs

4 Countries

394 kBTransfer

1208 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

5 Cookies

3 Console Messages

Security Headers

Indicators

boi.visaoffers.eu Open in urlscan Pro
104.18.16.210 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

92 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

4
IPs

4
Countries

394 kB
Transfer

1208 kB
Size

5
Cookies

25 HTTP transactions
0 data transactions