urlscan.io logo urlscan.io
SecurityTrails logo

usmedoffers.com Open in urlscan Pro
54.166.191.140  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://campaign.nearil.org/r/?id=h15N2o848PBTN2I2BMND_Qr_-BSN-2jvVBr/a4804b2,2dc707dd,22d56469&SIE=3Dfcfd1d1cdf70d26b4340b2...
Effective URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Submission: On February 25 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 32 HTTP transactions. The main IP is 54.166.191.140, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is usmedoffers.com.
TLS certificate: Issued by R3 on January 29th 2021. Valid for: 3 months.
This is the only time usmedoffers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 69.172.229.10 13768 (COGECO-PEER1)
2 2 34.237.29.129 14618 (AMAZON-AES)
22 54.166.191.140 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
32 6
1    69.172.229.10 (Los Angeles, United States)

ASN13768 (COGECO-PEER1, CA)
PTR: mail.wisdomsooner.com
campaign.nearil.org
2    34.237.29.129 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-29-129.compute-1.amazonaws.com
mrktrecord13.com
speedtrkzone.com
22    54.166.191.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-191-140.compute-1.amazonaws.com
usmedoffers.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
Domain Requested by
22 usmedoffers.com usmedoffers.com
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com usmedoffers.com
2 www.youtube.com usmedoffers.com
www.youtube.com
1 speedtrkzone.com 1 redirects
1 mrktrecord13.com 1 redirects
1 campaign.nearil.org
32 7

This site contains links to these domains. Also see Links.

Domain
www.usmed.com
Subject Issuer Validity Valid
*.nearil.org
R3		 2021-01-17 -
2021-04-17		 3 months crt.sh
www.securehomequotes.com
R3		 2021-01-29 -
2021-04-29		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Frame ID: EA64A0EA731737C1FE4C94AA41D1A707
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://campaign.nearil.org/r/?id=h15N2o848PBTN2I2BMND_Qr_-BSN-2jvVBr/a4804b2,2dc707dd,22d56469&SIE=3Dfc... Page URL
  2. https://mrktrecord13.com/?E=4bcZshimPoGE8HeD0tCDHv59FYtWrUbWDbfaF54T%2fx8%3d&s1=638432&s2=21che HTTP 302
    https://speedtrkzone.com/?E=4bcZshimPoGE8HeD0tCDHv59FYtWrUbWDbfaF54T%2fx8%3d&s1=638432&s2=21che&ckmgu... HTTP 302
    https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

32
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

2173 kB
Transfer

2886 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://campaign.nearil.org/r/?id=h15N2o848PBTN2I2BMND_Qr_-BSN-2jvVBr/a4804b2,2dc707dd,22d56469&SIE=3Dfcfd1d1cdf70d26b4340b223abcdf1a8b171235fdcb773dd5ee1b5ef29ae786f&delivery_id=3D930192718 Page URL
  2. https://mrktrecord13.com/?E=4bcZshimPoGE8HeD0tCDHv59FYtWrUbWDbfaF54T%2fx8%3d&s1=638432&s2=21che HTTP 302
    https://speedtrkzone.com/?E=4bcZshimPoGE8HeD0tCDHv59FYtWrUbWDbfaF54T%2fx8%3d&s1=638432&s2=21che&ckmguid=81c81557-4cab-420b-aed9-76bfe62cbfee HTTP 302
    https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
campaign.nearil.org/r/ 		191 B
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://campaign.nearil.org/r/?id=h15N2o848PBTN2I2BMND_Qr_-BSN-2jvVBr/a4804b2,2dc707dd,22d56469&SIE=3Dfcfd1d1cdf70d26b4340b223abcdf1a8b171235fdcb773dd5ee1b5ef29ae786f&delivery_id=3D930192718
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.172.229.10 Los Angeles, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
mail.wisdomsooner.com
Software
nginx Apache/2.4.6 (CentOS) PHP/5.6.8 / PHP/7.4.8 PHP/5.6.8
Resource Hash

Request headers

Host
campaign.nearil.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx Apache/2.4.6 (CentOS) PHP/5.6.8
Date
Thu, 25 Feb 2021 15:47:24 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.4.8 PHP/5.6.8
Content-Encoding
gzip
Primary Request Cookie set /
usmedoffers.com/
Redirect Chain
  • https://mrktrecord13.com/?E=4bcZshimPoGE8HeD0tCDHv59FYtWrUbWDbfaF54T%2fx8%3d&s1=638432&s2=21che
  • https://speedtrkzone.com/?E=4bcZshimPoGE8HeD0tCDHv59FYtWrUbWDbfaF54T%2fx8%3d&s1=638432&s2=21che&ckmguid=81c81557-4cab-420b-aed9-76bfe62cbfee
  • https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
26 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d1c4ed74ecf15e715fcd21e690d2a936ba67866bcb28fb099aceafe1f2016420

Request headers

Host
usmedoffers.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://campaign.nearil.org/r/?id=h15N2o848PBTN2I2BMND_Qr_-BSN-2jvVBr/a4804b2,2dc707dd,22d56469&SIE=3Dfcfd1d1cdf70d26b4340b223abcdf1a8b171235fdcb773dd5ee1b5ef29ae786f&delivery_id=3D930192718
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://campaign.nearil.org/r/?id=h15N2o848PBTN2I2BMND_Qr_-BSN-2jvVBr/a4804b2,2dc707dd,22d56469&SIE=3Dfcfd1d1cdf70d26b4340b223abcdf1a8b171235fdcb773dd5ee1b5ef29ae786f&delivery_id=3D930192718

Response headers

Date
Thu, 25 Feb 2021 15:47:26 GMT
Server
Apache
Set-Cookie
PHPSESSID=2et9rgqlumjk4cs6pku9qjc6q5; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
5731
Content-Type
text/html; charset=UTF-8
X-NID
N1

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Feb 2021 15:47:25 GMT
Location
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
st=31EqTQtP6aEmY1CuI1unGhxOvpfhzMLxVWITt9gc9VKsnl45/VGYFA==; domain=.speedtrkzone.com; path=/; SameSite=None; secure; HttpOnly tfl=dDuWBt4XuggmY1CuI1unGhxOvpfhzMLxVWITt9gc9VKsnl45/VGYFA==; domain=.speedtrkzone.com; expires=Wed, 25-Feb-2026 10:47:25 GMT; path=/; SameSite=None; secure; HttpOnly c31692=31EqTQtP6aE9Yuk0OiM8MP5c2JXvMdlK7wOUcb1yLD4Oq1iklLAXpw==; domain=.speedtrkzone.com; expires=Sat, 27-Mar-2021 15:47:25 GMT; path=/; SameSite=None; secure; HttpOnly
Content-Length
192
css
fonts.googleapis.com/ 		6 KB
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:200,300,400,500,600,700
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa3ac3d405b58c7b7ae61a11cbc5193708408c3ab87dd98f70a348a11c9440c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 13:47:44 GMT
server
ESF
date
Thu, 25 Feb 2021 15:47:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Feb 2021 15:47:26 GMT
css2
fonts.googleapis.com/ 		2 KB
588 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Playfair+Display&display=swap
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c18634efa68227797928ed1dadd140c93a4c5ed1d2e3335464ca09de76c30b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 15:47:26 GMT
server
ESF
date
Thu, 25 Feb 2021 15:47:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Feb 2021 15:47:26 GMT
css2
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:200,300,400,500,600,700
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
pyh_css-v=cPWbN5iVrVpb8tFM6myv3P7HnREHOaU5BltknIKxpxM1.css
usmedoffers.com/bundles/ 		277 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://usmedoffers.com/bundles/pyh_css-v=cPWbN5iVrVpb8tFM6myv3P7HnREHOaU5BltknIKxpxM1.css?ver=1.82
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ac35138b6723a13c6f5a50257ade6f6ed3da9c9ec298997d051d872f7e76ef88

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Feb 2021 19:47:45 GMT
Server
Apache
ETag
"453b7-5bad87197aba3-gzip"
Vary
Accept-Encoding
Content-Type
text/css
X-NID
N1
Accept-Ranges
bytes
Content-Length
46009
pyh_external_js-v=uN_DBNmZ1XZv0CCjSQ0FwwOJuRgjgQuhhe44tzI3abA1.js
usmedoffers.com/bundles/ 		579 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usmedoffers.com/bundles/pyh_external_js-v=uN_DBNmZ1XZv0CCjSQ0FwwOJuRgjgQuhhe44tzI3abA1.js?ver=1.21
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8dba6fa5f7198f6452b7f462e1c0349778aeaeb959219382acadbc58fd363aae

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Nov 2020 21:21:08 GMT
Server
Apache
ETag
"90b71-5b43ff4e96b77-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
X-NID
N1
Transfer-Encoding
chunked
Accept-Ranges
bytes
logo.jpg
usmedoffers.com/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/logo.jpg
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
147de59fcac989fc2a6bc4ff723cb579053be43a5f9179004b76e2af6e377c71

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Thu, 05 Nov 2020 21:08:01 GMT
Server
Apache
ETag
"2c7d-5b3627dc26eca"
Content-Type
image/jpeg
X-NID
N1
Accept-Ranges
bytes
Content-Length
11389
signs-mobile.png
usmedoffers.com/images/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/signs-mobile.png
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
4d99c758c9045890dcf98d5583505b38d3c6168c34173e098e69c8f36e6eabf1

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Mon, 08 Feb 2021 19:49:50 GMT
Server
Apache
ETag
"e2b7-5bad87917e47f"
Content-Type
image/png
X-NID
N1
Accept-Ranges
bytes
Content-Length
58039
bbb.png
usmedoffers.com/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/bbb.png
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7cd588c037f3829c13cfb14ed12697b7bc4c9281c651998e5772a325d3e9b687

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Thu, 05 Nov 2020 21:07:57 GMT
Server
Apache
ETag
"3f52-5b3627d8ae40c"
Content-Type
image/png
X-NID
N1
Accept-Ranges
bytes
Content-Length
16210
mobile-bullets.jpg
usmedoffers.com/images/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/mobile-bullets.jpg
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a746f3b45271794c42bb27a238fc6706293feafc650688c876db8abe5f99e941

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Thu, 05 Nov 2020 21:08:01 GMT
Server
Apache
ETag
"107a2-5b3627dc7be29"
Content-Type
image/jpeg
X-NID
N1
Accept-Ranges
bytes
Content-Length
67490
1.png
usmedoffers.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/1.png
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2a1ab3618d4f9883df839292d1c991ea2a271e4e7358ab67bcfd7b9b1aeb774f

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Thu, 05 Nov 2020 21:07:56 GMT
Server
Apache
ETag
"10ae-5b3627d71fd0d"
Content-Type
image/png
X-NID
N1
Accept-Ranges
bytes
Content-Length
4270
2.png
usmedoffers.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/2.png
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
679e93b9e5a323a1be52a71e3b6785a867cf6174fc21a9fef421a16bffb6c6dc

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Thu, 05 Nov 2020 21:07:56 GMT
Server
Apache
ETag
"fb7-5b3627d71fd0d"
Content-Type
image/png
X-NID
N1
Accept-Ranges
bytes
Content-Length
4023
3.png
usmedoffers.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/3.png
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6dee2656ac9ad093d74ea4a33a74eb6e8eb26196ccfe847d812f2482fa60fcb4

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Thu, 05 Nov 2020 21:07:56 GMT
Server
Apache
ETag
"1130-5b3627d71fd0d"
Content-Type
image/png
X-NID
N1
Accept-Ranges
bytes
Content-Length
4400
4.png
usmedoffers.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/4.png
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
dfe1f0c232b11d19d4dbb637bbf2fc551adbc0bd90cdd5d7aca2d92af087056b

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Thu, 05 Nov 2020 21:07:56 GMT
Server
Apache
ETag
"1870-5b3627d76a08d"
Content-Type
image/png
X-NID
N1
Accept-Ranges
bytes
Content-Length
6256
worth.png
usmedoffers.com/images/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/worth.png
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
17500a245b2c1f1301e08bdcd614c336ee5bcb75a877552f86b957a17ab63702

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Thu, 05 Nov 2020 21:08:03 GMT
Server
Apache
ETag
"22452-5b3627de6cf48"
Content-Type
image/png
X-NID
N1
Accept-Ranges
bytes
Content-Length
140370
quotes.png
usmedoffers.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/quotes.png
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
aae92af2baad48bf0c36155965a4f7a2c69942eaa6f005381da389bc713b499a

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Thu, 05 Nov 2020 21:08:02 GMT
Server
Apache
ETag
"6c2-5b3627dce8489"
Content-Type
image/png
X-NID
N1
Accept-Ranges
bytes
Content-Length
1730
stars.png
usmedoffers.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/stars.png
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
360230be329b565d2850ff997ccef9c6c428fd627857c15ad4768475401cace8

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:28 GMT
Last-Modified
Thu, 05 Nov 2020 21:08:02 GMT
Server
Apache
ETag
"93e-5b3627dd2d9e9"
Content-Type
image/png
X-NID
N1
Accept-Ranges
bytes
Content-Length
2366
signs.png
usmedoffers.com/images/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/signs.png
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d395f552120210e77ed98d4850d1a1859711c5ade5ab3fed322ed586304abce3

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:28 GMT
Last-Modified
Thu, 05 Nov 2020 21:08:03 GMT
Server
Apache
ETag
"143c8-5b3627de09588"
Content-Type
image/png
X-NID
N1
Accept-Ranges
bytes
Content-Length
82888
pyh_main_js-v=IYSNC0cAO_B-_TUsyGCiemgQo0mfVgmz1oShNb7ny1Q1.js
usmedoffers.com/bundles/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usmedoffers.com/bundles/pyh_main_js-v=IYSNC0cAO_B-_TUsyGCiemgQo0mfVgmz1oShNb7ny1Q1.js?ver=1.9
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3b37d6ab7e67cfbf9a435cf26f87bcfccce40a6f97ba8c5fc0f91051b637562e

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Dec 2020 23:40:23 GMT
Server
Apache
ETag
"3260-5b6109548275f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
X-NID
N1
Accept-Ranges
bytes
Content-Length
3043
iframe_api
www.youtube.com/ 		810 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/bundles/pyh_external_js-v=uN_DBNmZ1XZv0CCjSQ0FwwOJuRgjgQuhhe44tzI3abA1.js?ver=1.21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4359084286d10cc9196a0977cfcc4d9affd88c497b8beae702eceaf228615c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 15:47:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 25 Feb 2021 15:47:27 GMT
background-header-backdrop.jpg
usmedoffers.com/images/ 		865 KB
866 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/background-header-backdrop.jpg
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/bundles/pyh_css-v=cPWbN5iVrVpb8tFM6myv3P7HnREHOaU5BltknIKxpxM1.css?ver=1.82
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
34b537c40b0a50c56ee03dc55f6b8ea7da072a4845a0f3bc41949112bfabefc4

Request headers

Referer
https://usmedoffers.com/bundles/pyh_css-v=cPWbN5iVrVpb8tFM6myv3P7HnREHOaU5BltknIKxpxM1.css?ver=1.82
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Mon, 08 Feb 2021 19:33:17 GMT
Server
Apache
ETag
"d858e-5bad83de275be"
Content-Type
image/jpeg
X-NID
N1
Accept-Ranges
bytes
Content-Length
886158
running.jpg
usmedoffers.com/images/ 		496 KB
496 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/images/running.jpg
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/bundles/pyh_css-v=cPWbN5iVrVpb8tFM6myv3P7HnREHOaU5BltknIKxpxM1.css?ver=1.82
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3c1cfe6894d031baaa5fabe2e2be357febc2d8735315b2b8d0d9854dadbb0baf

Request headers

Referer
https://usmedoffers.com/bundles/pyh_css-v=cPWbN5iVrVpb8tFM6myv3P7HnREHOaU5BltknIKxpxM1.css?ver=1.82
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 15:47:28 GMT
Last-Modified
Thu, 05 Nov 2020 21:08:03 GMT
Server
Apache
ETag
"7bfba-5b3627de2e748"
Content-Type
image/jpeg
X-NID
N1
Accept-Ranges
bytes
Content-Length
507834
/
usmedoffers.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 15:47:28 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
X-NID
N1
Cache-Control
no-store, no-cache, must-revalidate
Content-Length
5731
Expires
Thu, 19 Nov 1981 08:52:00 GMT
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtXK-F2qC0s.woff
fonts.gstatic.com/s/playfairdisplay/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtXK-F2qC0s.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc5ea1de0f82c765709a45116b2a45a706f702be6f8a4869550b46fed0e426d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://usmedoffers.com
Referer
https://fonts.googleapis.com/css2?family=Playfair+Display&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 19:41:30 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:30:41 GMT
server
sffe
age
590757
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23128
x-xss-protection
0
expires
Fri, 18 Feb 2022 19:41:30 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:200,300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://usmedoffers.com
Referer
https://fonts.googleapis.com/css?family=Poppins:200,300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 12:56:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:13 GMT
server
sffe
age
10244
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Fri, 25 Feb 2022 12:56:43 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:200,300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://usmedoffers.com
Referer
https://fonts.googleapis.com/css?family=Poppins:200,300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 19:41:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:44 GMT
server
sffe
age
590761
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Fri, 18 Feb 2022 19:41:26 GMT
gotham-book-webfont.woff2
usmedoffers.com/Content/ProtectYourHome/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://usmedoffers.com/Content/ProtectYourHome/fonts/gotham-book-webfont.woff2
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/bundles/pyh_css-v=cPWbN5iVrVpb8tFM6myv3P7HnREHOaU5BltknIKxpxM1.css?ver=1.82
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6bafd1886162782f66948323a41e8a8b557741619d20f6df918a306c7be2bd0d

Request headers

Origin
https://usmedoffers.com
Referer
https://usmedoffers.com/bundles/pyh_css-v=cPWbN5iVrVpb8tFM6myv3P7HnREHOaU5BltknIKxpxM1.css?ver=1.82
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-NID
N1
Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Thu, 05 Nov 2020 21:08:12 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"48ac-5b3627e620a23"
Content-Length
18604
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:200,300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://usmedoffers.com
Referer
https://fonts.googleapis.com/css?family=Poppins:200,300,400,500,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 03:07:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:02:15 GMT
server
sffe
age
563992
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
expires
Sat, 19 Feb 2022 03:07:35 GMT
gotham-light-webfont.woff2
usmedoffers.com/Content/ProtectYourHome/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://usmedoffers.com/Content/ProtectYourHome/fonts/gotham-light-webfont.woff2
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/bundles/pyh_css-v=cPWbN5iVrVpb8tFM6myv3P7HnREHOaU5BltknIKxpxM1.css?ver=1.82
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bd4641dad1c6cfd193d37eab50aaad0df7c0fb4b0c42ff0be9fb1a6229fa4779

Request headers

Origin
https://usmedoffers.com
Referer
https://usmedoffers.com/bundles/pyh_css-v=cPWbN5iVrVpb8tFM6myv3P7HnREHOaU5BltknIKxpxM1.css?ver=1.82
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-NID
N1
Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Thu, 05 Nov 2020 21:08:12 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"4800-5b3627e64f822"
Content-Length
18432
glyphicons-halflings-regular.woff2
usmedoffers.com/Content/ProtectYourHome/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://usmedoffers.com/Content/ProtectYourHome/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: usmedoffers.com
URL: https://usmedoffers.com/bundles/pyh_css-v=cPWbN5iVrVpb8tFM6myv3P7HnREHOaU5BltknIKxpxM1.css?ver=1.82
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.191.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-191-140.compute-1.amazonaws.com
Software
Apache /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin
https://usmedoffers.com
Referer
https://usmedoffers.com/bundles/pyh_css-v=cPWbN5iVrVpb8tFM6myv3P7HnREHOaU5BltknIKxpxM1.css?ver=1.82
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-NID
N1
Date
Thu, 25 Feb 2021 15:47:27 GMT
Last-Modified
Thu, 05 Nov 2020 21:08:11 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"466c-5b3627e59ec03"
Content-Length
18028
www-widgetapi.js
www.youtube.com/s/player/392133a3/www-widgetapi.vflset/ 		105 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/392133a3/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5d27c9a34bd87aecbe25a52dddb4b92c2fd59899b0ed568b7a09cea72d1d17f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://usmedoffers.com/?pid=42016&subid=638432&r=299520021&c=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 12:00:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Feb 2021 01:19:09 GMT
server
sffe
age
13631
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107664
x-xss-protection
0
expires
Fri, 25 Feb 2022 12:00:16 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| onYouTubeIframeAPIReady function| onReady function| ConfirmPurchase function| AddToCart function| RemoveFromCart function| TrackStep function| TrackProductDetail function| GetProductsArray function| GetPurchaseObject object| AmCharts object| tag object| firstScriptTag object| players object| currentPurchaseInfo function| $ function| jQuery object| classie object| jQuery1113004170716298655286 function| CreateChart function| ShowError function| PostGTMEvent function| executeFunctionByName function| captureExactTargetEmail object| timeoutID string| emailCaptured string| scriptUrl object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey

1 Cookies

Domain/Path Name / Value
usmedoffers.com/ Name: PHPSESSID
Value: 2et9rgqlumjk4cs6pku9qjc6q5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

campaign.nearil.org
fonts.googleapis.com
fonts.gstatic.com
mrktrecord13.com
speedtrkzone.com
usmedoffers.com
www.youtube.com
2a00:1450:4001:802::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:82a::200a
34.237.29.129
54.166.191.140
69.172.229.10
147de59fcac989fc2a6bc4ff723cb579053be43a5f9179004b76e2af6e377c71
17500a245b2c1f1301e08bdcd614c336ee5bcb75a877552f86b957a17ab63702
2a1ab3618d4f9883df839292d1c991ea2a271e4e7358ab67bcfd7b9b1aeb774f
34b537c40b0a50c56ee03dc55f6b8ea7da072a4845a0f3bc41949112bfabefc4
360230be329b565d2850ff997ccef9c6c428fd627857c15ad4768475401cace8
3b37d6ab7e67cfbf9a435cf26f87bcfccce40a6f97ba8c5fc0f91051b637562e
3c1cfe6894d031baaa5fabe2e2be357febc2d8735315b2b8d0d9854dadbb0baf
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4c18634efa68227797928ed1dadd140c93a4c5ed1d2e3335464ca09de76c30b5
4d99c758c9045890dcf98d5583505b38d3c6168c34173e098e69c8f36e6eabf1
679e93b9e5a323a1be52a71e3b6785a867cf6174fc21a9fef421a16bffb6c6dc
6bafd1886162782f66948323a41e8a8b557741619d20f6df918a306c7be2bd0d
6dee2656ac9ad093d74ea4a33a74eb6e8eb26196ccfe847d812f2482fa60fcb4
7bc5ea1de0f82c765709a45116b2a45a706f702be6f8a4869550b46fed0e426d
7cd588c037f3829c13cfb14ed12697b7bc4c9281c651998e5772a325d3e9b687
8dba6fa5f7198f6452b7f462e1c0349778aeaeb959219382acadbc58fd363aae
a5d27c9a34bd87aecbe25a52dddb4b92c2fd59899b0ed568b7a09cea72d1d17f
a746f3b45271794c42bb27a238fc6706293feafc650688c876db8abe5f99e941
aae92af2baad48bf0c36155965a4f7a2c69942eaa6f005381da389bc713b499a
ac35138b6723a13c6f5a50257ade6f6ed3da9c9ec298997d051d872f7e76ef88
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bd4641dad1c6cfd193d37eab50aaad0df7c0fb4b0c42ff0be9fb1a6229fa4779
d1c4ed74ecf15e715fcd21e690d2a936ba67866bcb28fb099aceafe1f2016420
d395f552120210e77ed98d4850d1a1859711c5ade5ab3fed322ed586304abce3
dfe1f0c232b11d19d4dbb637bbf2fc551adbc0bd90cdd5d7aca2d92af087056b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4359084286d10cc9196a0977cfcc4d9affd88c497b8beae702eceaf228615c2
fa3ac3d405b58c7b7ae61a11cbc5193708408c3ab87dd98f70a348a11c9440c7
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c