Submitted URL: http://getmyoffercapitalone.xyz
Effective URL: https://www.getmyoffercapitalone.xyz/
Submission: On October 22 via api from US

Summary

This website contacted 21 IPs in 3 countries across 21 domains to perform 47 HTTP transactions.
The main IP is 2a00:1450:4001:81d::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE - Google LLC, US. The main domain is www.getmyoffercapitalone.xyz.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 1st 2019. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 1 216.239.34.21 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.139.242.29 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 151.101.112.134 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.64.134 54113 (FASTLY)
1 151.101.112.64 54113 (FASTLY)
47 21
Domain Requested by
6 www.blogger.com www.getmyoffercapitalone.xyz
www.blogger.com
4 c.disquscdn.com getmyoffercapitalone.disqus.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 fonts.gstatic.com pagead2.googlesyndication.com
www.getmyoffercapitalone.xyz
3 www.getmyoffercapitalone.xyz 1 redirects www.getmyoffercapitalone.xyz
2 disqus.com getmyoffercapitalone.disqus.com
2 www.google-analytics.com www.googletagmanager.com
www.getmyoffercapitalone.xyz
2 images.dmca.com www.getmyoffercapitalone.xyz
2 2.bp.blogspot.com www.getmyoffercapitalone.xyz
pagead2.googlesyndication.com
2 maxcdn.bootstrapcdn.com www.getmyoffercapitalone.xyz
pagead2.googlesyndication.com
2 fonts.googleapis.com www.getmyoffercapitalone.xyz
2 cdnjs.cloudflare.com www.getmyoffercapitalone.xyz
2 pagead2.googlesyndication.com www.getmyoffercapitalone.xyz
pagead2.googlesyndication.com
1 links.services.disqus.com c.disquscdn.com
1 getmyoffercapitalone.disqus.com www.getmyoffercapitalone.xyz
1 www.googletagservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www.getmyoffercapitalone.xyz
1 resources.blogblog.com www.getmyoffercapitalone.xyz
1 3.bp.blogspot.com www.getmyoffercapitalone.xyz
1 4.bp.blogspot.com www.getmyoffercapitalone.xyz
1 1.bp.blogspot.com www.getmyoffercapitalone.xyz
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 ajax.googleapis.com www.getmyoffercapitalone.xyz
1 getmyoffercapitalone.xyz 1 redirects
0 fontawesome.io Failed www.getmyoffercapitalone.xyz
0 fortawesome.github.io Failed www.getmyoffercapitalone.xyz
47 27
Subject / Issuer Validity Valid
www.getmyoffercapitalone.xyz
Let's Encrypt Authority X3
2019-10-01 -
2019-12-30
3 months
*.blogger.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months
*.g.doubleclick.net
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-10 -
2020-02-16
6 months
*.googleapis.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year
*.google.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months
*.googleusercontent.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months
images.dmca.com
Go Daddy Secure Certificate Authority - G2
2018-02-01 -
2020-04-04
2 years
*.google-analytics.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months
*.disqus.com
DigiCert SHA2 Secure Server CA
2018-03-28 -
2020-04-27
2 years
ssl565697.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-25 -
2020-03-02
6 months
f.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2
2018-08-30 -
2020-12-02
2 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i

Web
Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Web
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/

Redirect Chain
  • http://getmyoffercapitalone.xyz/
  • http://www.getmyoffercapitalone.xyz/
  • https://www.getmyoffercapitalone.xyz/
136 KB
29 KB
Document
General
Full URL
https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
61b017f3a602237651fd1d15bee8e4a943bfb371c6bff47ae41c6ff5e07f6466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.getmyoffercapitalone.xyz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
x-robots-tag
all,noodp
content-type
text/html; charset=UTF-8
expires
Tue, 22 Oct 2019 01:53:28 GMT
date
Tue, 22 Oct 2019 01:53:28 GMT
cache-control
private, max-age=0
last-modified
Mon, 21 Oct 2019 09:50:48 GMT
etag
W/"3ee3cc570c4a38a4240849b723aa896993e14757e5b9dacc63859dcadb50b6a3"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
29088
server
GSE

Redirect headers

Location
https://www.getmyoffercapitalone.xyz/
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Date
Tue, 22 Oct 2019 01:53:28 GMT
Expires
Tue, 22 Oct 2019 01:53:28 GMT
Cache-Control
private, max-age=0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Length
183
Server
GSE
2549344219-widget_css_bundle.css
www.blogger.com/static/v1/widgets
31 KB
7 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d539a910089008f073b426d44a496f1952ba01b9ff018425c18d21bea42aa128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 10:46:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 20 Oct 2019 12:11:06 GMT
server
sffe
age
54431
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6822
x-xss-protection
0
expires
Tue, 20 Oct 2020 10:46:17 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js
103 KB
37 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
304ae66279a84ab5174685bd0d52365d0daf5077d4f4d6a3de7d2d3602903252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
36818
x-xss-protection
0
server
cafe
etag
6601406587884151186
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Oct 2019 01:53:28 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0
4 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
16343149
status
200
alt-svc
h3-23=":443"; ma=86400
served-in-seconds
0.016
timing-allow-origin
*
last-modified
Tue, 17 Jul 2018 12:30:51 GMT
server
cloudflare
etag
W/"5b4de17b-fe0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5297d6783d1dcbb4-VIE
expires
Sun, 11 Oct 2020 01:53:28 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0
20 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
16343150
status
200
alt-svc
h3-23=":443"; ma=86400
served-in-seconds
0.025
timing-allow-origin
*
last-modified
Tue, 17 Jul 2018 12:30:51 GMT
server
cloudflare
etag
W/"5b4de17b-5148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5297d6783d1ecbb4-VIE
expires
Sun, 11 Oct 2020 01:53:28 GMT
css?family=Rokkitt:400,700%7CMontserrat:400,700&subset=latin,latin-ext
fonts.googleapis.com
6 KB
743 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Rokkitt:400,700%7CMontserrat:400,700&subset=latin,latin-ext
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
db19a507a4985a6fc2d7a9a20d510b6d4b11b2013b62217c1f462c6dac782c85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 22 Oct 2019 01:53:28 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 22 Oct 2019 01:53:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 22 Oct 2019 01:53:28 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css
23 KB
6 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
status
200
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
5442
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 09:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1094997
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33495
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Oct 2020 09:43:31 GMT
integrator.js?domain=www.getmyoffercapitalone.xyz
adservice.google.de/adsid
109 B
656 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.getmyoffercapitalone.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Oct 2019 01:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js?domain=www.getmyoffercapitalone.xyz
adservice.google.com/adsid
109 B
656 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.getmyoffercapitalone.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Oct 2019 01:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20191015/r20190131
238 KB
88 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
1a58095266eb45b55188805f4507e88c0fa62d1fc111b67585e98a9f8b1c4e4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
89450
x-xss-protection
0
server
cafe
etag
530792698881188819
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Oct 2019 01:53:28 GMT
font-awesome.css
fortawesome.github.io/Font-Awesome/assets/font-awesome/css
0
0

css?family=Oswald
fonts.googleapis.com
2 KB
500 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3700c7c0f24f48f6b4b6e2402969286e19418aa84f14f134e436960439726926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 22 Oct 2019 01:53:28 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 22 Oct 2019 01:53:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 22 Oct 2019 01:53:28 GMT
GetMyOffer.CapitalOne.jpg
2.bp.blogspot.com/-p32QevSm_5A/XA07uDDq_EI/AAAAAAAAAEM/xrmQkdh6CkQhyhp7c4fYWdCi2Uik2V7VgCLcBGAs/s320
17 KB
18 KB
Image
General
Full URL
https://2.bp.blogspot.com/-p32QevSm_5A/XA07uDDq_EI/AAAAAAAAAEM/xrmQkdh6CkQhyhp7c4fYWdCi2Uik2V7VgCLcBGAs/s320/GetMyOffer.CapitalOne.jpg
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
aff4797ef7e75348304db820fc3f92331daf87a0922f7d71b9ea4f403662210f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="GetMyOffer.CapitalOne.jpg"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17813
x-xss-protection
0
server
fife
etag
"v44"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 11 Oct 2019 23:31:31 GMT
Capital%2BOne%2BPlatinum%2BCredit%2BCard.png
1.bp.blogspot.com/-PsqaagjyBkY/XA08PvKVaqI/AAAAAAAAAEU/f6yhgPg5W9kUW1R-4EEAduwhYfN1WMjuQCLcBGAs/s320
84 KB
84 KB
Image
General
Full URL
https://1.bp.blogspot.com/-PsqaagjyBkY/XA08PvKVaqI/AAAAAAAAAEU/f6yhgPg5W9kUW1R-4EEAduwhYfN1WMjuQCLcBGAs/s320/Capital%2BOne%2BPlatinum%2BCredit%2BCard.png
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
3b8e6ac26c01c190eb98f85643e43f77e7978032cd77bb5a6cff85cf358f7ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="Capital One Platinum Credit Card.png"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
85955
x-xss-protection
0
server
fife
etag
"v46"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 16 Oct 2019 00:15:30 GMT
Capital%2BOne%2B360.png
4.bp.blogspot.com/-QZW5LBcWQAQ/XA08qLdiJbI/AAAAAAAAAEc/JWubXoxbvj4aWvgDrgu4Iy3U9DQIU3YcwCLcBGAs/s320
7 KB
7 KB
Image
General
Full URL
https://4.bp.blogspot.com/-QZW5LBcWQAQ/XA08qLdiJbI/AAAAAAAAAEc/JWubXoxbvj4aWvgDrgu4Iy3U9DQIU3YcwCLcBGAs/s320/Capital%2BOne%2B360.png
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
6e07fc4bedfda05e00f7f58ecb20bbf6b2b4d19b9fac64663f375b75d2496501
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="Capital One 360.png"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6947
x-xss-protection
0
server
fife
etag
"v48"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 18 Oct 2019 00:53:46 GMT
360%2BChecking.png
3.bp.blogspot.com/-2hQLc65qNUE/XA09EsWsXpI/AAAAAAAAAEk/SzY2LX6rbekGiDZ9p3ZEOr7_wZ_2mbfsACLcBGAs/s320
86 KB
86 KB
Image
General
Full URL
https://3.bp.blogspot.com/-2hQLc65qNUE/XA09EsWsXpI/AAAAAAAAAEk/SzY2LX6rbekGiDZ9p3ZEOr7_wZ_2mbfsACLcBGAs/s320/360%2BChecking.png
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
339e423d8fd20b3af10b27d60d6c68a2732cbc735a3d633b6870b526f91bd1ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="360 Checking.png"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
88043
x-xss-protection
0
server
fife
etag
"v4a"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 23 Oct 2019 01:53:28 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img
475 B
762 B
Image
General
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 15 Oct 2019 20:52:40 GMT
x-content-type-options
nosniff
last-modified
Mon, 14 Oct 2019 16:23:57 GMT
server
sffe
age
536448
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
475
x-xss-protection
0
expires
Tue, 22 Oct 2019 20:52:40 GMT
dmca-badge-w100-5x1-09.png?ID=552b2454-0132-48ef-b5ac-6e2beedd192c
images.dmca.com/Badges
3 KB
3 KB
Image
General
Full URL
https://images.dmca.com/Badges/dmca-badge-w100-5x1-09.png?ID=552b2454-0132-48ef-b5ac-6e2beedd192c
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
89ee540bbb3aca4b8db6314526f492c377b8258640c18a7615dee490e3981852

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
server
nginx
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/dmca-badge-w100-5x1-09.png>; rel="canonical"
content-length
3101
expires
Thu, 21 Nov 2019 01:53:28 GMT
DMCABadgeHelper.min.js
images.dmca.com/Badges
465 B
610 B
Script
General
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
content-encoding
gzip
etag
"26b181f16d28d51:0"
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
nginx
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
280
expires
Thu, 21 Nov 2019 01:53:13 GMT
js?id=UA-111931040-6
www.googletagmanager.com/gtag
74 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111931040-6
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53d31c9dc69b4d5906fd55ffcb6bcb2923aab126cfc12e88ead449a0e76b5f18
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
content-encoding
br
last-modified
Tue, 22 Oct 2019 00:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28468
x-xss-protection
0
expires
Tue, 22 Oct 2019 01:53:28 GMT
cookienotice.js
/js
6 KB
2 KB
Script
General
Full URL
https://www.getmyoffercapitalone.xyz/js/cookienotice.js
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 21 Oct 2019 21:12:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Tue, 29 Oct 2019 01:53:28 GMT
2136525808-widgets.js
www.blogger.com/static/v1/widgets
140 KB
52 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/2136525808-widgets.js
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
337e0172ac0349c0c416c3fe424ebce33388dd9f9cc49c2b7b110e7918a0119e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 23:50:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 Oct 2019 03:28:36 GMT
server
sffe
age
7364
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
52979
x-xss-protection
0
expires
Tue, 20 Oct 2020 23:50:44 GMT
font-awesome.css
fontawesome.io/assets/font-awesome/css
0
0

authorization.css?targetBlogID=4501793401680649599&zx=fd7c7221-43c9-45f6-a9e1-1c6a6c7e0958
www.blogger.com/dyn-css
1 B
668 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4501793401680649599&zx=fd7c7221-43c9-45f6-a9e1-1c6a6c7e0958
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 22 Oct 2019 01:53:28 GMT
server
GSE
date
Tue, 22 Oct 2019 01:53:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
body.png
2.bp.blogspot.com/-Hm3T7xvyEHY/VVFzNTane3I/AAAAAAAANEU/5u8UrSAC26Y/s1600
2 KB
3 KB
Image
General
Full URL
https://2.bp.blogspot.com/-Hm3T7xvyEHY/VVFzNTane3I/AAAAAAAANEU/5u8UrSAC26Y/s1600/body.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
7428f7c0f1ad385958b1edd2202d6136dababa9af4c76164fbef4c29d70ef0b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:52:24 GMT
x-content-type-options
nosniff
age
64
status
200
content-disposition
inline;filename="body.png"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2385
x-xss-protection
0
server
fife
etag
"v3446"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 20 Oct 2019 00:09:58 GMT
qFdE35qfgYFjGy5hkEaCdvTIyh8.woff2
fonts.gstatic.com/s/rokkitt/v14
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rokkitt/v14/qFdE35qfgYFjGy5hkEaCdvTIyh8.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
94988e117ca0454258023586f1cae897b0d63c332c661d4a4247557f8185b72c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Rokkitt:400,700%7CMontserrat:400,700&subset=latin,latin-ext
Origin
https://www.getmyoffercapitalone.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 04:53:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:55:21 GMT
server
sffe
age
507580
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9460
x-xss-protection
0
expires
Thu, 15 Oct 2020 04:53:48 GMT
fontawesome-webfont.woff2?v=4.3.0
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts
55 KB
56 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Sec-Fetch-Mode
cors
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin
https://www.getmyoffercapitalone.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
56792
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191015/r20190131
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191015/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191015/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.getmyoffercapitalone.xyz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.getmyoffercapitalone.xyz/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 15 Oct 2019 14:47:51 GMT
expires
Tue, 29 Oct 2019 14:47:51 GMT
content-type
text/html; charset=UTF-8
etag
8648543205226238674
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7402
x-xss-protection
0
cache-control
public, max-age=1209600
age
558337
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
ads?client=ca-pub-2242706110318405&output=html&adk=1812271804&adf=3025194257&lmt=1571651448&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&npa=1&guci=1.2.0.0.2.1.0...
googleads.g.doubleclick.net/pagead
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2242706110318405&output=html&adk=1812271804&adf=3025194257&lmt=1571651448&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=https%3A%2F%2Fwww.getmyoffercapitalone.xyz%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1571709208404&bpp=110&bdt=65&fdt=112&idt=112&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4554749825760&frm=20&pv=2&ga_vid=1911836198.1571709209&ga_sid=1571709209&ga_hid=1686586368&ga_fc=0&iag=0&icsg=2570&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064603&oid=3&pvsid=1868592267769333&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=132
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2242706110318405&output=html&adk=1812271804&adf=3025194257&lmt=1571651448&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=https%3A%2F%2Fwww.getmyoffercapitalone.xyz%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1571709208404&bpp=110&bdt=65&fdt=112&idt=112&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4554749825760&frm=20&pv=2&ga_vid=1911836198.1571709209&ga_sid=1571709209&ga_hid=1686586368&ga_fc=0&iag=0&icsg=2570&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064603&oid=3&pvsid=1868592267769333&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=132
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.getmyoffercapitalone.xyz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.getmyoffercapitalone.xyz/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 22 Oct 2019 01:53:28 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 22-Oct-2019 02:08:28 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 22 Oct 2019 01:53:28 GMT
cache-control
private
osd.js?cb=%2Fr20100101
www.googletagservices.com/activeview/js/current
77 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a1999737449d990f86a266a62e57fb225dd6e5d5521da2358d967c6bd662b314
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1571656559023965"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29155
x-xss-protection
0
expires
Tue, 22 Oct 2019 01:53:28 GMT
www.getmyoffercapitalone.xyz&dtd=15
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2016428766068553&output=html&h=90&slotname=4984950834&adk=1872772140&adf=2149194589&w=658&fwrn=4&lmt=1571651448&rafmt=10&npa=1&guci=1.2.0.0.2.1....
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2016428766068553&output=html&h=90&slotname=4984950834&adk=1872772140&adf=2149194589&w=658&fwrn=4&lmt=1571651448&rafmt=10&npa=1&guci=1.2.0.0.2.1.0.0&format=658x90_0ads_al&url=https%3A%2F%2Fwww.getmyoffercapitalone.xyz%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1571709208541&bpp=9&bdt=202&fdt=9&idt=10&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4554749825760&frm=20&pv=2&ga_vid=1911836198.1571709209&ga_sid=1571709209&ga_hid=1686586368&ga_fc=0&iag=0&icsg=43050&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=271&ady=721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064603&oid=3&pvsid=1868592267769333&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=m4ctWddcdQ&p=https%3A//www.getmyoffercapitalone.xyz&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2016428766068553&output=html&h=90&slotname=4984950834&adk=1872772140&adf=2149194589&w=658&fwrn=4&lmt=1571651448&rafmt=10&npa=1&guci=1.2.0.0.2.1.0.0&format=658x90_0ads_al&url=https%3A%2F%2Fwww.getmyoffercapitalone.xyz%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1571709208541&bpp=9&bdt=202&fdt=9&idt=10&shv=r20191015&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4554749825760&frm=20&pv=2&ga_vid=1911836198.1571709209&ga_sid=1571709209&ga_hid=1686586368&ga_fc=0&iag=0&icsg=43050&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=271&ady=721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21064603&oid=3&pvsid=1868592267769333&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=m4ctWddcdQ&p=https%3A//www.getmyoffercapitalone.xyz&dtd=15
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.getmyoffercapitalone.xyz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.getmyoffercapitalone.xyz/

Response headers

status
400
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 22 Oct 2019 01:53:28 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 22-Oct-2019 02:08:28 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v26
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v26/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d22923ca6b9adcfeadaafe921c36b3355201e32e3cf6d54354e4276ff1e34980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Oswald
Origin
https://www.getmyoffercapitalone.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 08:24:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 26 Sep 2019 22:26:33 GMT
server
sffe
age
1013345
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12596
x-xss-protection
0
expires
Fri, 09 Oct 2020 08:24:23 GMT
embed.js
getmyoffercapitalone.disqus.com
64 KB
21 KB
Script
General
Full URL
https://getmyoffercapitalone.disqus.com/embed.js
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
openresty /
Resource Hash
fe7cfd273d68ced36be0d32a742439381f57b365f9b669a30a31053224b9afce
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 22 Oct 2019 01:53:29 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
21538
qFdB35qfgYFjGy5hmP2nY9nqxzUKg1o.woff2
fonts.gstatic.com/s/rokkitt/v14
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rokkitt/v14/qFdB35qfgYFjGy5hmP2nY9nqxzUKg1o.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
29b3b06634f3f1f6cc6c2531eeb83257366b0501feac8dbf392f7c09ebf0f2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Rokkitt:400,700%7CMontserrat:400,700&subset=latin,latin-ext
Origin
https://www.getmyoffercapitalone.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 21 Oct 2019 22:56:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:55:52 GMT
server
sffe
age
10591
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9444
x-xss-protection
0
expires
Tue, 20 Oct 2020 22:56:57 GMT
authorization.css?targetBlogID=4501793401680649599&zx=fd7c7221-43c9-45f6-a9e1-1c6a6c7e0958
www.blogger.com/dyn-css
1 B
114 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4501793401680649599&zx=fd7c7221-43c9-45f6-a9e1-1c6a6c7e0958
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 22 Oct 2019 01:53:29 GMT
server
GSE
date
Tue, 22 Oct 2019 01:53:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111931040-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1134
date
Tue, 22 Oct 2019 01:34:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Tue, 22 Oct 2019 03:34:34 GMT
collect?v=1&_v=j79&a=1686586368&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getmyoffercapitalone.xyz%2F&ul=en-us&de=UTF-8&dt=www.getmyoffer.capitalone.com%20-%20Respond%20to%20Capital%20One%20Mail%20Offer...
www.google-analytics.com/r
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1686586368&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getmyoffercapitalone.xyz%2F&ul=en-us&de=UTF-8&dt=www.getmyoffer.capitalone.com%20-%20Respond%20to%20Capital%20One%20Mail%20Offer&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=2017318181&gjid=960898765&cid=1911836198.1571709209&tid=UA-111931040-6&_gid=701859122.1571709209&_r=1&gtm=2ouaa0&z=809597462
Requested by
Host: www.getmyoffercapitalone.xyz
URL: https://www.getmyoffercapitalone.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Oct 2019 01:53:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
lounge.953a2bd009935f47a8e815c3ee2bfc5a.css
c.disquscdn.com/next/embed/styles
0
21 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.953a2bd009935f47a8e815c3ee2bfc5a.css
Requested by
Host: getmyoffercapitalone.disqus.com
URL: https://getmyoffercapitalone.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4ca6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1730439
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
21493
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Wed, 02 Oct 2019 01:07:45 GMT
server
cloudflare
etag
"5d93f861-53f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
cf-ray
5297d67cde86cba0-VIE
expires
Thu, 01 Oct 2020 01:12:47 GMT
common.bundle.bdf2715fe3d262793670748c6697b1f3.js
c.disquscdn.com/next/embed
0
88 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.bdf2715fe3d262793670748c6697b1f3.js
Requested by
Host: getmyoffercapitalone.disqus.com
URL: https://getmyoffercapitalone.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4ca6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
525334
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
90421
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Tue, 15 Oct 2019 23:50:48 GMT
server
cloudflare
etag
"5da65b58-16135"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
cf-ray
5297d67cde87cba0-VIE
expires
Wed, 14 Oct 2020 23:57:48 GMT
lounge.bundle.df4113f81691d4ed6cccc5b74c6c17e8.js
c.disquscdn.com/next/embed
0
107 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.df4113f81691d4ed6cccc5b74c6c17e8.js
Requested by
Host: getmyoffercapitalone.disqus.com
URL: https://getmyoffercapitalone.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4ca6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
525334
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
109276
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Tue, 15 Oct 2019 23:50:48 GMT
server
cloudflare
etag
"5da65b58-1aadc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
cf-ray
5297d67cde88cba0-VIE
expires
Wed, 14 Oct 2020 23:57:48 GMT
config.js
disqus.com/next
0
3 KB
Other
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: getmyoffercapitalone.disqus.com
URL: https://getmyoffercapitalone.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 22 Oct 2019 01:53:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
41
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2226
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin
*
?base=default&f=getmyoffercapitalone&t_u=https%3A%2F%2Fwww.getmyoffercapitalone.xyz%2F&t_d=%0Awww.getmyoffer.capitalone.com%20-%20Respond%20to%20Capital%20One%20Mail%20Offer%0A&t_t=%0Awww.getmyoffe...
disqus.com/embed/comments
0
0
Document
General
Full URL
https://disqus.com/embed/comments/?base=default&f=getmyoffercapitalone&t_u=https%3A%2F%2Fwww.getmyoffercapitalone.xyz%2F&t_d=%0Awww.getmyoffer.capitalone.com%20-%20Respond%20to%20Capital%20One%20Mail%20Offer%0A&t_t=%0Awww.getmyoffer.capitalone.com%20-%20Respond%20to%20Capital%20One%20Mail%20Offer%0A&s_o=default
Requested by
Host: getmyoffercapitalone.disqus.com
URL: https://getmyoffercapitalone.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.getmyoffercapitalone.xyz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.getmyoffercapitalone.xyz/

Response headers

Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Last-Modified
Wed, 14 Aug 2019 03:40:01 GMT
ETag
W/"lounge:view:7099649009.60509744819641fc7852542d6a66ab59.2"
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Content-Length
2508
Date
Tue, 22 Oct 2019 01:53:29 GMT
Age
0
Connection
keep-alive
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
368954415-lightbox_bundle.css
www.blogger.com/static/v1/v-css
35 KB
7 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/v-css/368954415-lightbox_bundle.css
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2136525808-widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 22:43:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Oct 2019 09:31:04 GMT
server
sffe
age
616217
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6541
x-xss-protection
0
expires
Tue, 13 Oct 2020 22:43:12 GMT
1253295923-lbx.js
www.blogger.com/static/v1/jsbin
356 KB
114 KB
Script
General
Full URL
https://www.blogger.com/static/v1/jsbin/1253295923-lbx.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2136525808-widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d20ddd097d2a21b802873c4d149081098a1a91bfb2c9b7422a63b327f9d3b125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 00:10:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 21:32:29 GMT
server
sffe
age
351756
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
116736
x-xss-protection
0
expires
Sat, 17 Oct 2020 00:10:53 GMT
alfie.f51946af45e0b561c60f768335c9eb79.js
c.disquscdn.com/next/embed
19 KB
7 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Requested by
Host: getmyoffercapitalone.disqus.com
URL: https://getmyoffercapitalone.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4ca6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 22 Oct 2019 01:53:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
23153046
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
6605
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Wed, 29 Aug 2018 23:43:03 GMT
server
cloudflare
fastly-debug-digest
baac760ca1e6f62ea6380d62d4f07b5dfbb97755c19df0448623d4ede950e2e4
etag
"5b872f87-19cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
cf-ray
5297d680fa7acba0-VIE
expires
Sat, 31 Aug 2019 08:32:13 GMT
ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fwww.getmyoffercapitalone.xyz%2F&subId=5670920&v=1&jsonp=vglnk_jsonp_15717092097720
links.services.disqus.com/api
223 B
861 B
XHR
General
Full URL
https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fwww.getmyoffercapitalone.xyz%2F&subId=5670920&v=1&jsonp=vglnk_jsonp_15717092097720
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
f1f045aff41d2588978803ff6a56c383296a507171ab0ef6aac73a5a940c8a09

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.getmyoffercapitalone.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Oct 2019 01:53:29 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.getmyoffercapitalone.xyz
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
223
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://getmyoffercapitalone.xyz/
  • http://www.getmyoffercapitalone.xyz/
  • https://www.getmyoffercapitalone.xyz/

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fortawesome.github.io
URL
https://fortawesome.github.io/Font-Awesome/assets/font-awesome/css/font-awesome.css
Domain
fontawesome.io
URL
http://fontawesome.io/assets/font-awesome/css/font-awesome.css

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| adsbygoogle object| cookieconsent function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| showrecentcomments function| rp number| summary_noimg number| summary_img number| img_thumb_height number| img_thumb_width function| removeHtmlTag function| createSummaryAndThumb function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl function| mbtTOC function| mbtToggle function| google_spfd object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired boolean| _gfp_p_ number| google_lpabyc number| google_unique_id string| gethead number| headlength function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| creditsyear function| gtag object| dataLayer object| google_tag_manager function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_858146 object| cookieChoices string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaData function| disqus_config object| DISQUS string| vglnk_self function| vl_cB function| vl_disable undefined| vglnk_jsonp_15717092097720 object| vglnk

4 Cookies

Domain/Path Name / Value
.getmyoffercapitalone.xyz/ Name: _gat_gtag_UA_111931040_6
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.getmyoffercapitalone.xyz/ Name: _gid
Value: GA1.2.701859122.1571709209
.getmyoffercapitalone.xyz/ Name: _ga
Value: GA1.2.1911836198.1571709209

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
c.disquscdn.com
cdnjs.cloudflare.com
disqus.com
fontawesome.io
fonts.googleapis.com
fonts.gstatic.com
fortawesome.github.io
getmyoffercapitalone.disqus.com
getmyoffercapitalone.xyz
googleads.g.doubleclick.net
images.dmca.com
links.services.disqus.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
resources.blogblog.com
www.blogger.com
www.getmyoffercapitalone.xyz
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com

fontawesome.io
fortawesome.github.io

151.101.112.134
151.101.112.64
151.101.64.134
151.139.242.29
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3a
216.239.34.21
2606:4700::6810:4ca6
2606:4700::6813:c497
2a00:1450:4001:808::2002
2a00:1450:4001:809::2009
2a00:1450:4001:809::200a
2a00:1450:4001:817::200a
2a00:1450:4001:819::2001
2a00:1450:4001:819::200e
2a00:1450:4001:81d::2013
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2001
2a00:1450:4001:824::2003
2a00:1450:4001:824::2009
2a00:1450:4001:825::2008

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
1a58095266eb45b55188805f4507e88c0fa62d1fc111b67585e98a9f8b1c4e4e
29b3b06634f3f1f6cc6c2531eeb83257366b0501feac8dbf392f7c09ebf0f2b5
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
304ae66279a84ab5174685bd0d52365d0daf5077d4f4d6a3de7d2d3602903252
337e0172ac0349c0c416c3fe424ebce33388dd9f9cc49c2b7b110e7918a0119e
339e423d8fd20b3af10b27d60d6c68a2732cbc735a3d633b6870b526f91bd1ce
3700c7c0f24f48f6b4b6e2402969286e19418aa84f14f134e436960439726926
3b8e6ac26c01c190eb98f85643e43f77e7978032cd77bb5a6cff85cf358f7ed6
53d31c9dc69b4d5906fd55ffcb6bcb2923aab126cfc12e88ead449a0e76b5f18
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
61b017f3a602237651fd1d15bee8e4a943bfb371c6bff47ae41c6ff5e07f6466
6e07fc4bedfda05e00f7f58ecb20bbf6b2b4d19b9fac64663f375b75d2496501
7428f7c0f1ad385958b1edd2202d6136dababa9af4c76164fbef4c29d70ef0b2
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89ee540bbb3aca4b8db6314526f492c377b8258640c18a7615dee490e3981852
94988e117ca0454258023586f1cae897b0d63c332c661d4a4247557f8185b72c
a1999737449d990f86a266a62e57fb225dd6e5d5521da2358d967c6bd662b314
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aff4797ef7e75348304db820fc3f92331daf87a0922f7d71b9ea4f403662210f
b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d20ddd097d2a21b802873c4d149081098a1a91bfb2c9b7422a63b327f9d3b125
d22923ca6b9adcfeadaafe921c36b3355201e32e3cf6d54354e4276ff1e34980
d539a910089008f073b426d44a496f1952ba01b9ff018425c18d21bea42aa128
db19a507a4985a6fc2d7a9a20d510b6d4b11b2013b62217c1f462c6dac782c85
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25
f1f045aff41d2588978803ff6a56c383296a507171ab0ef6aac73a5a940c8a09
fe7cfd273d68ced36be0d32a742439381f57b365f9b669a30a31053224b9afce