www.securedoffers.com
192.254.188.6

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.paypal-www.calidad.com/
Effective URL:
https://www.securedoffers.com/
Submission Tags: @phishunt_io
Submission: On September 05 via api (September 5th 2021, 8:17:32 pm UTC) from DE

Summary HTTP 24 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 192.254.188.6, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.securedoffers.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 28th 2020. Valid for: a year.

This is the only time www.securedoffers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
6	199.59.242.153 199.59.242.153		395082 (BODIS-NJ) (BODIS-NJ)
1	2a00:1450:400... 2a00:1450:4001:831::2004		15169 (GOOGLE) (GOOGLE)
2 19	192.254.188.6 192.254.188.6		46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
24	4

6 199.59.242.153 (United States)

ASN395082 (BODIS-NJ, US)

www.paypal-www.calidad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 192.254.188.6 (United States) 2 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-188-6.unifiedlayer.com

www.securedoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	securedoffers.com 2 redirects www.securedoffers.com	561 KB
6	calidad.com www.paypal-www.calidad.com	22 KB
1	google.com www.google.com	56 KB
24	3

	Domain	Requested by
19	www.securedoffers.com	2 redirects www.paypal-www.calidad.com www.securedoffers.com
6	www.paypal-www.calidad.com	www.paypal-www.calidad.com
1	www.google.com	www.paypal-www.calidad.com
24	3

This site contains no links.

Subject Issuer	Validity	Valid
www.paypal-www.calidad.com R3	`2021-09-05` - `2021-12-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
securedoffers.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-28` - `2021-09-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.securedoffers.com/
Frame ID: 791EC51B5C7F4FE0E7B28EC1EAC3FB45
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.paypal-www.calidad.com/ Page URL
http://www.securedoffers.com/ HTTP 301
https://www.securedoffers.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

638 kB
Transfer

1151 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.paypal-www.calidad.com/ Page URL
http://www.securedoffers.com/ HTTP 301
https://www.securedoffers.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_d7d2851d6157854953801792a5388c06.css HTTP 302
https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_fallback.css

24 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.paypal-www.calidad.com/ 2 KB
2 KB 658ms
128ms Document
text/html 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal-www.calidad.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: e70e19c7c2e866e4c361dc840a758fe256b2edcbbaae823366eb2277dd73743a

Request headers

:method: GET
:authority: www.paypal-www.calidad.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server: openresty
date: Sun, 05 Sep 2021 20:17:33 GMT
content-type: text/html; charset=UTF-8
set-cookie: parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3; expires=Sun, 05-Sep-2021 20:32:33 GMT; Max-Age=900; path=/; HttpOnly
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_cdmtvFt2T2/0pBoSezVfKg9iPPda961hwU19Ll/fg/N7y4JO6Y+ZVvKCMbIFdYcSuDuMmJGmaocHFPUFy9vLAw==
cache-control: no-cache no-store, must-revalidate post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
content-encoding: gzip

GET
H2 200 parking.2.69.0.js Show response
www.paypal-www.calidad.com/js/ 58 KB
19 KB 129ms
128ms Script
application/javascript 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal-www.calidad.com/js/parking.2.69.0.js
Requested by: Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: 196e399ec6921b7b482f3c12cc3030872df4741a6f1e97e0abf5aa258626931d

Request headers

:path: /js/parking.2.69.0.js
pragma: no-cache
cookie: parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.paypal-www.calidad.com
referer: https://www.paypal-www.calidad.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.paypal-www.calidad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 20:17:33 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 21:03:49 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: no-cache no-store, must-revalidate post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 _fd Show response
www.paypal-www.calidad.com/ 601 B
767 B 159ms
159ms Fetch
text/html 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal-www.calidad.com/_fd
Requested by: Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/js/parking.2.69.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: 7db4b4c88f45aac8042e49c8d60d9588d59724dddbb5692975e4217e79a82368

Request headers

sec-fetch-mode: cors
origin: https://www.paypal-www.calidad.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3
content-length: 0
:path: /_fd
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: application/json
cache-control: no-cache
:authority: www.paypal-www.calidad.com
referer: https://www.paypal-www.calidad.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json
Referer: https://www.paypal-www.calidad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 20:17:33 GMT
content-encoding: gzip
server: openresty
content-type: text/html; charset=UTF-8
cache-control: no-cache no-store, must-revalidate post-check=0, pre-check=0
set-cookie: parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3; expires=Sun, 05-Sep-2021 20:32:33 GMT; Max-Age=900; path=/; httponly
x-version: 2.69.0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 152 KB
56 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/js/parking.2.69.0.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393ef61ede79218273b04edff7d8a27d222185409bffd0b93c1de5ea3d5febb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paypal-www.calidad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:33 GMT
content-encoding: gzip
vary: Accept-Encoding
server: sffe
x-content-type-options: nosniff
etag: "17159306335837364340"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 05 Sep 2021 20:17:33 GMT

GET
H2 200 px.gif?ch=1&rn=2.17141029309337
www.paypal-www.calidad.com/ 42 B
269 B 127ms
127ms Image
image/gif 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paypal-www.calidad.com/px.gif?ch=1&rn=2.17141029309337
Requested by: Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path: /px.gif?ch=1&rn=2.17141029309337
pragma: no-cache
cookie: parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.paypal-www.calidad.com
referer: https://www.paypal-www.calidad.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.paypal-www.calidad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 20:17:33 GMT
last-modified: Thu, 06 Aug 2020 15:09:01 GMT
server: openresty
content-type: image/gif
cache-control: no-cache no-store, must-revalidate post-check=0, pre-check=0
accept-ranges: bytes
content-length: 42
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 px.gif?ch=2&rn=2.17141029309337
www.paypal-www.calidad.com/ 42 B
269 B 128ms
127ms Image
image/gif 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paypal-www.calidad.com/px.gif?ch=2&rn=2.17141029309337
Requested by: Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path: /px.gif?ch=2&rn=2.17141029309337
pragma: no-cache
cookie: parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.paypal-www.calidad.com
referer: https://www.paypal-www.calidad.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.paypal-www.calidad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 20:17:33 GMT
last-modified: Thu, 06 Aug 2020 15:09:01 GMT
server: openresty
content-type: image/gif
cache-control: no-cache no-store, must-revalidate post-check=0, pre-check=0
accept-ranges: bytes
content-length: 42
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 _tr
www.paypal-www.calidad.com/ 2 B
0 157ms
157ms Fetch
text/html 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal-www.calidad.com/_tr
Requested by: Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/js/parking.2.69.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://www.paypal-www.calidad.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3
content-length: 1773
:path: /_tr
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: application/json
cache-control: no-cache
:authority: www.paypal-www.calidad.com
referer: https://www.paypal-www.calidad.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json
Referer: https://www.paypal-www.calidad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 20:17:33 GMT
content-encoding: gzip
server: openresty
content-type: text/html; charset=UTF-8
cache-control: no-cache no-store, must-revalidate post-check=0, pre-check=0
set-cookie: parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3; expires=Sun, 05-Sep-2021 20:32:33 GMT; Max-Age=900; path=/; httponly
x-version: 2.69.0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

Primary Request / Show response
www.securedoffers.com/
Redirect Chain

http://www.securedoffers.com/
https://www.securedoffers.com/

12 KB
4 KB

926ms
538ms

Document
text/html

192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securedoffers.com/
Requested by: Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/js/parking.2.69.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: f77125f25da4f281b6986f854c20ef974a74d8b98cda78d8dbeea22d367f1bf6

Request headers

:method: GET
:authority: www.securedoffers.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.paypal-www.calidad.com/

Response headers

date: Sun, 05 Sep 2021 20:17:35 GMT
server: Apache
vary: Accept-Encoding,Cookie
content-encoding: gzip
link: <https://www.securedoffers.com/wp-json/>; rel="https://api.w.org/"
content-length: 3887
cache-control: max-age=604800
expires: Sun, 12 Sep 2021 20:17:35 GMT
content-type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 05 Sep 2021 20:17:34 GMT
Server: Apache
Location: https://www.securedoffers.com/
Cache-Control: max-age=604800
Expires: Sun, 12 Sep 2021 20:17:34 GMT
Content-Length: 238
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

autoptimize_fallback.css
www.securedoffers.com/wp-content/cache/autoptimize/css/
Redirect Chain

https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_d7d2851d6157854953801792a5388c06.css
https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_fallback.css

89 KB
26 KB

232ms
232ms

Stylesheet
text/css

192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_fallback.css
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: f290b66f4e3852eb929757bcf5ee9a7c9b90487a89c5052634961b1ab8c10888

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_fallback.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:36 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 09:13:01 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30672000, public, immutable
accept-ranges: bytes
expires: Fri, 26 Aug 2022 20:17:36 GMT

Redirect headers

date: Sun, 05 Sep 2021 20:17:35 GMT
content-encoding: gzip
server: Apache
x-redirect-by: WordPress
vary: Accept-Encoding,Cookie
content-type: text/html; charset=UTF-8
location: /wp-content/cache/autoptimize/css/autoptimize_fallback.css
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.securedoffers.com/wp-json/>; rel="https://api.w.org/"
content-length: 3612
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 autoptimize_b8f9a0cccff8e785b5bd607356649a3f.css
www.securedoffers.com/wp-content/cache/autoptimize/css/ 210 KB
158 KB 201ms
201ms Stylesheet
text/css 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_b8f9a0cccff8e785b5bd607356649a3f.css
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: 47d75557a51564b5fdc449966ba0f23d165c0a7751f9df537ba4b0db84d2efad

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_b8f9a0cccff8e785b5bd607356649a3f.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:35 GMT
content-encoding: gzip
last-modified: Sun, 18 Jul 2021 09:38:15 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30672000, public, immutable
accept-ranges: bytes
expires: Fri, 26 Aug 2022 20:17:35 GMT

GET
H2 200 logo.png
www.securedoffers.com/wp-content/themes/rttheme7/images/theme1/color8/ 7 KB
8 KB 208ms
207ms Image
image/png 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securedoffers.com/wp-content/themes/rttheme7/images/theme1/color8/logo.png
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: 9e26b3ac63d0e966faaf22c089b8e1fbee0480702e28bd688fb97440911f7cc5

Request headers

:path: /wp-content/themes/rttheme7/images/theme1/color8/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:37 GMT
last-modified: Wed, 24 Jul 2013 10:12:02 GMT
server: Apache
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7659
expires: Mon, 05 Sep 2022 20:17:37 GMT

GET
H2 200 home-page-cta.png
www.securedoffers.com/ 68 KB
68 KB 211ms
209ms Image
image/png 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securedoffers.com/home-page-cta.png
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: c4d78d462fa91ba52ca61ab21ad2770c6801d7a8366b42149662c18427a9a4a1

Request headers

:path: /home-page-cta.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:37 GMT
last-modified: Mon, 08 Jul 2019 07:58:04 GMT
server: Apache
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 69212
expires: Mon, 05 Sep 2022 20:17:37 GMT

GET
H2 200 welcome-image.png
www.securedoffers.com/wp-content/uploads/2010/04/ 31 KB
32 KB 216ms
215ms Image
image/png 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securedoffers.com/wp-content/uploads/2010/04/welcome-image.png
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: 83edd2617ecf1095bde5aa7919c44bf44c528c846daf70e76dcfa7ad839d9a78

Request headers

:path: /wp-content/uploads/2010/04/welcome-image.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:37 GMT
last-modified: Fri, 16 Apr 2010 14:05:28 GMT
server: Apache
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 32179
expires: Mon, 05 Sep 2022 20:17:37 GMT

GET
H2 200 tornado-alley.jpg
www.securedoffers.com/wp-content/uploads/2016/05/ 7 KB
8 KB 394ms
393ms Image
image/jpeg 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securedoffers.com/wp-content/uploads/2016/05/tornado-alley.jpg
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: 9f52ef4fce5447e3dc2948cafd81167bb94acb9efae2124160f1a328ee111605

Request headers

:path: /wp-content/uploads/2016/05/tornado-alley.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:37 GMT
last-modified: Mon, 16 May 2016 10:07:14 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7603
expires: Mon, 05 Sep 2022 20:17:37 GMT

GET
H2 200 make-an-offer.png
www.securedoffers.com/wp-content/uploads/2010/04/ 32 KB
32 KB 394ms
393ms Image
image/png 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securedoffers.com/wp-content/uploads/2010/04/make-an-offer.png
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: ebb8ad6bf5d3a5d146aa179287efef8e5954562f989f5189bb0bd47d48bca9c9

Request headers

:path: /wp-content/uploads/2010/04/make-an-offer.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:37 GMT
last-modified: Fri, 16 Apr 2010 14:04:34 GMT
server: Apache
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 32697
expires: Mon, 05 Sep 2022 20:17:37 GMT

GET
H2 200 wp-polyfill.min.js?ver=7.4.4 Show response
www.securedoffers.com/wp-includes/js/dist/vendor/ 97 KB
41 KB 293ms
292ms Script
application/javascript 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securedoffers.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

:path: /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:36 GMT
content-encoding: gzip
last-modified: Sat, 05 Sep 2020 09:18:25 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 05 Oct 2021 20:17:36 GMT

GET
H2 200 hooks.min.js?ver=50e23bed88bcb9e6e14023e9961698c1 Show response
www.securedoffers.com/wp-includes/js/dist/ 7 KB
2 KB 206ms
205ms Script
application/javascript 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securedoffers.com/wp-includes/js/dist/hooks.min.js?ver=50e23bed88bcb9e6e14023e9961698c1
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: 21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b

Request headers

:path: /wp-includes/js/dist/hooks.min.js?ver=50e23bed88bcb9e6e14023e9961698c1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:36 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 09:11:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2434
expires: Tue, 05 Oct 2021 20:17:36 GMT

GET
H2 200 i18n.min.js?ver=db9a9a37da262883343e941c3731bc67 Show response
www.securedoffers.com/wp-includes/js/dist/ 10 KB
4 KB 218ms
218ms Script
application/javascript 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securedoffers.com/wp-includes/js/dist/i18n.min.js?ver=db9a9a37da262883343e941c3731bc67
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: 1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef

Request headers

:path: /wp-includes/js/dist/i18n.min.js?ver=db9a9a37da262883343e941c3731bc67
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:37 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 09:11:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4226
expires: Tue, 05 Oct 2021 20:17:37 GMT

GET
H2 200 lodash.min.js?ver=4.17.19 Show response
www.securedoffers.com/wp-includes/js/dist/vendor/ 71 KB
29 KB 211ms
211ms Script
application/javascript 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securedoffers.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: 26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8

Request headers

:path: /wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:37 GMT
content-encoding: gzip
last-modified: Sat, 05 Sep 2020 09:18:25 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 05 Oct 2021 20:17:37 GMT

GET
H2 200 url.min.js?ver=0ac7e0472c46121366e7ce07244be1ac Show response
www.securedoffers.com/wp-includes/js/dist/ 8 KB
4 KB 216ms
215ms Script
application/javascript 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securedoffers.com/wp-includes/js/dist/url.min.js?ver=0ac7e0472c46121366e7ce07244be1ac
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: bec20adaf53a0573ead4dd69e2360e7a78341073cceb950949a64d60ef0a67e1

Request headers

:path: /wp-includes/js/dist/url.min.js?ver=0ac7e0472c46121366e7ce07244be1ac
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:37 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 09:11:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3629
expires: Tue, 05 Oct 2021 20:17:37 GMT

GET
H2 200 api-fetch.min.js?ver=a783d1f442d2abefc7d6dbd156a44561 Show response
www.securedoffers.com/wp-includes/js/dist/ 12 KB
5 KB 214ms
212ms Script
application/javascript 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securedoffers.com/wp-includes/js/dist/api-fetch.min.js?ver=a783d1f442d2abefc7d6dbd156a44561
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: d9ff36d920672b4076a5d58283d7a4332d094bbfcb2a8c146bc9311150e5c43c

Request headers

:path: /wp-includes/js/dist/api-fetch.min.js?ver=a783d1f442d2abefc7d6dbd156a44561
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:37 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 09:11:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4907
expires: Tue, 05 Oct 2021 20:17:37 GMT

GET
H2 200 autoptimize_32d98098aba59f3963cfd3548e734c40.js Show response
www.securedoffers.com/wp-content/cache/autoptimize/js/ 206 KB
80 KB 394ms
393ms Script
application/javascript 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securedoffers.com/wp-content/cache/autoptimize/js/autoptimize_32d98098aba59f3963cfd3548e734c40.js
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: e89a0e79c3ef917b39154d8b5a2f417ca203a9fee4efd52e20f862ca1244825d

Request headers

:path: /wp-content/cache/autoptimize/js/autoptimize_32d98098aba59f3963cfd3548e734c40.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:37 GMT
content-encoding: gzip
last-modified: Sun, 18 Jul 2021 09:38:15 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30672000, public, immutable
accept-ranges: bytes
expires: Fri, 26 Aug 2022 20:17:37 GMT

GET
H2 200 wp-emoji-release.min.js?ver=5.7 Show response
www.securedoffers.com/wp-includes/js/ 14 KB
5 KB 424ms
424ms Script
application/javascript 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securedoffers.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:37 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 02:01:44 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4942
expires: Tue, 05 Oct 2021 20:17:37 GMT

GET
H2 200 background.png
www.securedoffers.com/wp-content/themes/rttheme7/images/theme1/ 54 KB
55 KB 416ms
416ms Image
image/png 192.254.188.6
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securedoffers.com/wp-content/themes/rttheme7/images/theme1/background.png
Requested by: Host: www.securedoffers.com
URL: https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_fallback.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-188-6.unifiedlayer.com
Software: Apache /
Resource Hash: 4254dee4c8e42bb9d4d4125e911aeaeb191b7b022d10e9be5fff20ec46adf860

Request headers

:path: /wp-content/themes/rttheme7/images/theme1/background.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.securedoffers.com
referer: https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_fallback.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_fallback.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:17:37 GMT
last-modified: Wed, 24 Jul 2013 10:11:06 GMT
server: Apache
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 55457
expires: Mon, 05 Sep 2022 20:17:37 GMT

GET
DATA 200
OK data:truncated
data:truncated 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6442be51226656071aef2d39e5d69150c5d4465f6e4adf419beffb7523c1933

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK data:truncated
data:truncated 249 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9a4d8852002172cb937f91cf58710856005ffc54b58ce405cb6c8e17e67d20f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK data:truncated
data:truncated 244 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 989a4503ca5b959b99e698a26521f90e54d1e03284d82eda0bfc4a857d9e844d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK data:truncated
data:truncated 355 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39ac468ad6d12e5702f6de452bc738636f6648f9575866f63dc457b3b8ea0901

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK data:truncated
data:truncated 262 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f2c7f3c5dc307acc68a51b841eca1b0c3c4c9e5bf9ef19992088eaaeba90a7a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wp function| sprintf function| vsprintf undefined| _ function| lodash object| wpcf7 object| twemoji object| ddsmoothmenu string| rttheme_disable_cufon function| Cufon function| $ function| jQuery string| toInject boolean| hasDuplicate number| scrollTop number| scrollLeft function| _showContent

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.securedoffers.com/wp-content/cache/autoptimize/js/autoptimize_32d98098aba59f3963cfd3548e734c40.js(Line 10) Message: [cycle] terminating; too few slides: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.google.com
www.paypal-www.calidad.com
www.securedoffers.com
192.254.188.6
199.59.242.153
2a00:1450:4001:831::2004
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
196e399ec6921b7b482f3c12cc3030872df4741a6f1e97e0abf5aa258626931d
1f2c7f3c5dc307acc68a51b841eca1b0c3c4c9e5bf9ef19992088eaaeba90a7a
1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef
21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
393ef61ede79218273b04edff7d8a27d222185409bffd0b93c1de5ea3d5febb7
39ac468ad6d12e5702f6de452bc738636f6648f9575866f63dc457b3b8ea0901
4254dee4c8e42bb9d4d4125e911aeaeb191b7b022d10e9be5fff20ec46adf860
47d75557a51564b5fdc449966ba0f23d165c0a7751f9df537ba4b0db84d2efad
7db4b4c88f45aac8042e49c8d60d9588d59724dddbb5692975e4217e79a82368
83edd2617ecf1095bde5aa7919c44bf44c528c846daf70e76dcfa7ad839d9a78
989a4503ca5b959b99e698a26521f90e54d1e03284d82eda0bfc4a857d9e844d
9e26b3ac63d0e966faaf22c089b8e1fbee0480702e28bd688fb97440911f7cc5
9f52ef4fce5447e3dc2948cafd81167bb94acb9efae2124160f1a328ee111605
b6442be51226656071aef2d39e5d69150c5d4465f6e4adf419beffb7523c1933
bec20adaf53a0573ead4dd69e2360e7a78341073cceb950949a64d60ef0a67e1
c4d78d462fa91ba52ca61ab21ad2770c6801d7a8366b42149662c18427a9a4a1
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d9ff36d920672b4076a5d58283d7a4332d094bbfcb2a8c146bc9311150e5c43c
e70e19c7c2e866e4c361dc840a758fe256b2edcbbaae823366eb2277dd73743a
e89a0e79c3ef917b39154d8b5a2f417ca203a9fee4efd52e20f862ca1244825d
e9a4d8852002172cb937f91cf58710856005ffc54b58ce405cb6c8e17e67d20f
ebb8ad6bf5d3a5d146aa179287efef8e5954562f989f5189bb0bd47d48bca9c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f290b66f4e3852eb929757bcf5ee9a7c9b90487a89c5052634961b1ab8c10888
f77125f25da4f281b6986f854c20ef974a74d8b98cda78d8dbeea22d367f1bf6