Submitted URL: https://www.paypal-www.calidad.com/
Effective URL: https://www.securedoffers.com/
Submission Tags: @phishunt_io
Submission: On September 05 via api from DE

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 192.254.188.6, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.securedoffers.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 28th 2020. Valid for: a year.
This is the only time www.securedoffers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 199.59.242.153 395082 (BODIS-NJ)
1 2a00:1450:400... 15169 (GOOGLE)
2 19 192.254.188.6 46606 (UNIFIEDLA...)
24 4
Apex Domain
Subdomains
Transfer
19 securedoffers.com
www.securedoffers.com
561 KB
6 calidad.com
www.paypal-www.calidad.com
22 KB
1 google.com
www.google.com
56 KB
24 3
Domain Requested by
19 www.securedoffers.com 2 redirects www.paypal-www.calidad.com
www.securedoffers.com
6 www.paypal-www.calidad.com www.paypal-www.calidad.com
1 www.google.com www.paypal-www.calidad.com
24 3

This site contains no links.

Subject Issuer Validity Valid
www.paypal-www.calidad.com
R3
2021-09-05 -
2021-12-04
3 months crt.sh
www.google.com
GTS CA 1C3
2021-08-16 -
2021-11-08
3 months crt.sh
securedoffers.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-28 -
2021-09-28
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.securedoffers.com/
Frame ID: 791EC51B5C7F4FE0E7B28EC1EAC3FB45
Requests: 29 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.paypal-www.calidad.com/ Page URL
  2. http://www.securedoffers.com/ HTTP 301
    https://www.securedoffers.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

638 kB
Transfer

1151 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.paypal-www.calidad.com/ Page URL
  2. http://www.securedoffers.com/ HTTP 301
    https://www.securedoffers.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_d7d2851d6157854953801792a5388c06.css HTTP 302
  • https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_fallback.css

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.paypal-www.calidad.com/
2 KB
2 KB
Document
General
Full URL
https://www.paypal-www.calidad.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software
openresty /
Resource Hash
e70e19c7c2e866e4c361dc840a758fe256b2edcbbaae823366eb2277dd73743a

Request headers

:method
GET
:authority
www.paypal-www.calidad.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server
openresty
date
Sun, 05 Sep 2021 20:17:33 GMT
content-type
text/html; charset=UTF-8
set-cookie
parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3; expires=Sun, 05-Sep-2021 20:32:33 GMT; Max-Age=900; path=/; HttpOnly
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_cdmtvFt2T2/0pBoSezVfKg9iPPda961hwU19Ll/fg/N7y4JO6Y+ZVvKCMbIFdYcSuDuMmJGmaocHFPUFy9vLAw==
cache-control
no-cache no-store, must-revalidate post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
pragma
no-cache
content-encoding
gzip
parking.2.69.0.js
www.paypal-www.calidad.com/js/
58 KB
19 KB
Script
General
Full URL
https://www.paypal-www.calidad.com/js/parking.2.69.0.js
Requested by
Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software
openresty /
Resource Hash
196e399ec6921b7b482f3c12cc3030872df4741a6f1e97e0abf5aa258626931d

Request headers

:path
/js/parking.2.69.0.js
pragma
no-cache
cookie
parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.paypal-www.calidad.com
referer
https://www.paypal-www.calidad.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paypal-www.calidad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 20:17:33 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 21:03:49 GMT
server
openresty
content-type
application/javascript; charset=utf-8
cache-control
no-cache no-store, must-revalidate post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
_fd
www.paypal-www.calidad.com/
601 B
767 B
Fetch
General
Full URL
https://www.paypal-www.calidad.com/_fd
Requested by
Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/js/parking.2.69.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software
openresty /
Resource Hash
7db4b4c88f45aac8042e49c8d60d9588d59724dddbb5692975e4217e79a82368

Request headers

sec-fetch-mode
cors
origin
https://www.paypal-www.calidad.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3
content-length
0
:path
/_fd
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json
accept
application/json
cache-control
no-cache
:authority
www.paypal-www.calidad.com
referer
https://www.paypal-www.calidad.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json
Referer
https://www.paypal-www.calidad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 20:17:33 GMT
content-encoding
gzip
server
openresty
content-type
text/html; charset=UTF-8
cache-control
no-cache no-store, must-revalidate post-check=0, pre-check=0
set-cookie
parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3; expires=Sun, 05-Sep-2021 20:32:33 GMT; Max-Age=900; path=/; httponly
x-version
2.69.0
expires
Thu, 01 Jan 1970 00:00:01 GMT
caf.js
www.google.com/adsense/domains/
152 KB
56 KB
Script
General
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/js/parking.2.69.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
393ef61ede79218273b04edff7d8a27d222185409bffd0b93c1de5ea3d5febb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paypal-www.calidad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:33 GMT
content-encoding
gzip
vary
Accept-Encoding
server
sffe
x-content-type-options
nosniff
etag
"17159306335837364340"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 05 Sep 2021 20:17:33 GMT
px.gif?ch=1&rn=2.17141029309337
www.paypal-www.calidad.com/
42 B
269 B
Image
General
Full URL
https://www.paypal-www.calidad.com/px.gif?ch=1&rn=2.17141029309337
Requested by
Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path
/px.gif?ch=1&rn=2.17141029309337
pragma
no-cache
cookie
parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.paypal-www.calidad.com
referer
https://www.paypal-www.calidad.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paypal-www.calidad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 20:17:33 GMT
last-modified
Thu, 06 Aug 2020 15:09:01 GMT
server
openresty
content-type
image/gif
cache-control
no-cache no-store, must-revalidate post-check=0, pre-check=0
accept-ranges
bytes
content-length
42
expires
Thu, 01 Jan 1970 00:00:01 GMT
px.gif?ch=2&rn=2.17141029309337
www.paypal-www.calidad.com/
42 B
269 B
Image
General
Full URL
https://www.paypal-www.calidad.com/px.gif?ch=2&rn=2.17141029309337
Requested by
Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path
/px.gif?ch=2&rn=2.17141029309337
pragma
no-cache
cookie
parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.paypal-www.calidad.com
referer
https://www.paypal-www.calidad.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paypal-www.calidad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 20:17:33 GMT
last-modified
Thu, 06 Aug 2020 15:09:01 GMT
server
openresty
content-type
image/gif
cache-control
no-cache no-store, must-revalidate post-check=0, pre-check=0
accept-ranges
bytes
content-length
42
expires
Thu, 01 Jan 1970 00:00:01 GMT
_tr
www.paypal-www.calidad.com/
2 B
0
Fetch
General
Full URL
https://www.paypal-www.calidad.com/_tr
Requested by
Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/js/parking.2.69.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

sec-fetch-mode
cors
origin
https://www.paypal-www.calidad.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3
content-length
1773
:path
/_tr
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json
accept
application/json
cache-control
no-cache
:authority
www.paypal-www.calidad.com
referer
https://www.paypal-www.calidad.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json
Referer
https://www.paypal-www.calidad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 20:17:33 GMT
content-encoding
gzip
server
openresty
content-type
text/html; charset=UTF-8
cache-control
no-cache no-store, must-revalidate post-check=0, pre-check=0
set-cookie
parking_session=7f79c4ac-1dcb-27eb-5834-e7328362f4b3; expires=Sun, 05-Sep-2021 20:32:33 GMT; Max-Age=900; path=/; httponly
x-version
2.69.0
expires
Thu, 01 Jan 1970 00:00:01 GMT
Primary Request /
www.securedoffers.com/
Redirect Chain
  • http://www.securedoffers.com/
  • https://www.securedoffers.com/
12 KB
4 KB
Document
General
Full URL
https://www.securedoffers.com/
Requested by
Host: www.paypal-www.calidad.com
URL: https://www.paypal-www.calidad.com/js/parking.2.69.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
f77125f25da4f281b6986f854c20ef974a74d8b98cda78d8dbeea22d367f1bf6

Request headers

:method
GET
:authority
www.securedoffers.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.paypal-www.calidad.com/

Response headers

date
Sun, 05 Sep 2021 20:17:35 GMT
server
Apache
vary
Accept-Encoding,Cookie
content-encoding
gzip
link
<https://www.securedoffers.com/wp-json/>; rel="https://api.w.org/"
content-length
3887
cache-control
max-age=604800
expires
Sun, 12 Sep 2021 20:17:35 GMT
content-type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 05 Sep 2021 20:17:34 GMT
Server
Apache
Location
https://www.securedoffers.com/
Cache-Control
max-age=604800
Expires
Sun, 12 Sep 2021 20:17:34 GMT
Content-Length
238
Keep-Alive
timeout=5, max=75
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
autoptimize_fallback.css
www.securedoffers.com/wp-content/cache/autoptimize/css/
Redirect Chain
  • https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_d7d2851d6157854953801792a5388c06.css
  • https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_fallback.css
89 KB
26 KB
Stylesheet
General
Full URL
https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_fallback.css
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
f290b66f4e3852eb929757bcf5ee9a7c9b90487a89c5052634961b1ab8c10888

Request headers

:path
/wp-content/cache/autoptimize/css/autoptimize_fallback.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:36 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 09:13:01 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=30672000, public, immutable
accept-ranges
bytes
expires
Fri, 26 Aug 2022 20:17:36 GMT

Redirect headers

date
Sun, 05 Sep 2021 20:17:35 GMT
content-encoding
gzip
server
Apache
x-redirect-by
WordPress
vary
Accept-Encoding,Cookie
content-type
text/html; charset=UTF-8
location
/wp-content/cache/autoptimize/css/autoptimize_fallback.css
cache-control
no-cache, must-revalidate, max-age=0
link
<https://www.securedoffers.com/wp-json/>; rel="https://api.w.org/"
content-length
3612
expires
Wed, 11 Jan 1984 05:00:00 GMT
autoptimize_b8f9a0cccff8e785b5bd607356649a3f.css
www.securedoffers.com/wp-content/cache/autoptimize/css/
210 KB
158 KB
Stylesheet
General
Full URL
https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_b8f9a0cccff8e785b5bd607356649a3f.css
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
47d75557a51564b5fdc449966ba0f23d165c0a7751f9df537ba4b0db84d2efad

Request headers

:path
/wp-content/cache/autoptimize/css/autoptimize_b8f9a0cccff8e785b5bd607356649a3f.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:35 GMT
content-encoding
gzip
last-modified
Sun, 18 Jul 2021 09:38:15 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=30672000, public, immutable
accept-ranges
bytes
expires
Fri, 26 Aug 2022 20:17:35 GMT
logo.png
www.securedoffers.com/wp-content/themes/rttheme7/images/theme1/color8/
7 KB
8 KB
Image
General
Full URL
https://www.securedoffers.com/wp-content/themes/rttheme7/images/theme1/color8/logo.png
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
9e26b3ac63d0e966faaf22c089b8e1fbee0480702e28bd688fb97440911f7cc5

Request headers

:path
/wp-content/themes/rttheme7/images/theme1/color8/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:37 GMT
last-modified
Wed, 24 Jul 2013 10:12:02 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7659
expires
Mon, 05 Sep 2022 20:17:37 GMT
home-page-cta.png
www.securedoffers.com/
68 KB
68 KB
Image
General
Full URL
https://www.securedoffers.com/home-page-cta.png
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
c4d78d462fa91ba52ca61ab21ad2770c6801d7a8366b42149662c18427a9a4a1

Request headers

:path
/home-page-cta.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:37 GMT
last-modified
Mon, 08 Jul 2019 07:58:04 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
69212
expires
Mon, 05 Sep 2022 20:17:37 GMT
welcome-image.png
www.securedoffers.com/wp-content/uploads/2010/04/
31 KB
32 KB
Image
General
Full URL
https://www.securedoffers.com/wp-content/uploads/2010/04/welcome-image.png
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
83edd2617ecf1095bde5aa7919c44bf44c528c846daf70e76dcfa7ad839d9a78

Request headers

:path
/wp-content/uploads/2010/04/welcome-image.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:37 GMT
last-modified
Fri, 16 Apr 2010 14:05:28 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
32179
expires
Mon, 05 Sep 2022 20:17:37 GMT
tornado-alley.jpg
www.securedoffers.com/wp-content/uploads/2016/05/
7 KB
8 KB
Image
General
Full URL
https://www.securedoffers.com/wp-content/uploads/2016/05/tornado-alley.jpg
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
9f52ef4fce5447e3dc2948cafd81167bb94acb9efae2124160f1a328ee111605

Request headers

:path
/wp-content/uploads/2016/05/tornado-alley.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:37 GMT
last-modified
Mon, 16 May 2016 10:07:14 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7603
expires
Mon, 05 Sep 2022 20:17:37 GMT
make-an-offer.png
www.securedoffers.com/wp-content/uploads/2010/04/
32 KB
32 KB
Image
General
Full URL
https://www.securedoffers.com/wp-content/uploads/2010/04/make-an-offer.png
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
ebb8ad6bf5d3a5d146aa179287efef8e5954562f989f5189bb0bd47d48bca9c9

Request headers

:path
/wp-content/uploads/2010/04/make-an-offer.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:37 GMT
last-modified
Fri, 16 Apr 2010 14:04:34 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
32697
expires
Mon, 05 Sep 2022 20:17:37 GMT
wp-polyfill.min.js?ver=7.4.4
www.securedoffers.com/wp-includes/js/dist/vendor/
97 KB
41 KB
Script
General
Full URL
https://www.securedoffers.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

:path
/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:36 GMT
content-encoding
gzip
last-modified
Sat, 05 Sep 2020 09:18:25 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
expires
Tue, 05 Oct 2021 20:17:36 GMT
hooks.min.js?ver=50e23bed88bcb9e6e14023e9961698c1
www.securedoffers.com/wp-includes/js/dist/
7 KB
2 KB
Script
General
Full URL
https://www.securedoffers.com/wp-includes/js/dist/hooks.min.js?ver=50e23bed88bcb9e6e14023e9961698c1
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b

Request headers

:path
/wp-includes/js/dist/hooks.min.js?ver=50e23bed88bcb9e6e14023e9961698c1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:36 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 09:11:35 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2434
expires
Tue, 05 Oct 2021 20:17:36 GMT
i18n.min.js?ver=db9a9a37da262883343e941c3731bc67
www.securedoffers.com/wp-includes/js/dist/
10 KB
4 KB
Script
General
Full URL
https://www.securedoffers.com/wp-includes/js/dist/i18n.min.js?ver=db9a9a37da262883343e941c3731bc67
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef

Request headers

:path
/wp-includes/js/dist/i18n.min.js?ver=db9a9a37da262883343e941c3731bc67
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:37 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 09:11:35 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4226
expires
Tue, 05 Oct 2021 20:17:37 GMT
lodash.min.js?ver=4.17.19
www.securedoffers.com/wp-includes/js/dist/vendor/
71 KB
29 KB
Script
General
Full URL
https://www.securedoffers.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8

Request headers

:path
/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:37 GMT
content-encoding
gzip
last-modified
Sat, 05 Sep 2020 09:18:25 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
expires
Tue, 05 Oct 2021 20:17:37 GMT
url.min.js?ver=0ac7e0472c46121366e7ce07244be1ac
www.securedoffers.com/wp-includes/js/dist/
8 KB
4 KB
Script
General
Full URL
https://www.securedoffers.com/wp-includes/js/dist/url.min.js?ver=0ac7e0472c46121366e7ce07244be1ac
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
bec20adaf53a0573ead4dd69e2360e7a78341073cceb950949a64d60ef0a67e1

Request headers

:path
/wp-includes/js/dist/url.min.js?ver=0ac7e0472c46121366e7ce07244be1ac
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:37 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 09:11:35 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3629
expires
Tue, 05 Oct 2021 20:17:37 GMT
api-fetch.min.js?ver=a783d1f442d2abefc7d6dbd156a44561
www.securedoffers.com/wp-includes/js/dist/
12 KB
5 KB
Script
General
Full URL
https://www.securedoffers.com/wp-includes/js/dist/api-fetch.min.js?ver=a783d1f442d2abefc7d6dbd156a44561
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
d9ff36d920672b4076a5d58283d7a4332d094bbfcb2a8c146bc9311150e5c43c

Request headers

:path
/wp-includes/js/dist/api-fetch.min.js?ver=a783d1f442d2abefc7d6dbd156a44561
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:37 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 09:11:35 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4907
expires
Tue, 05 Oct 2021 20:17:37 GMT
autoptimize_32d98098aba59f3963cfd3548e734c40.js
www.securedoffers.com/wp-content/cache/autoptimize/js/
206 KB
80 KB
Script
General
Full URL
https://www.securedoffers.com/wp-content/cache/autoptimize/js/autoptimize_32d98098aba59f3963cfd3548e734c40.js
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
e89a0e79c3ef917b39154d8b5a2f417ca203a9fee4efd52e20f862ca1244825d

Request headers

:path
/wp-content/cache/autoptimize/js/autoptimize_32d98098aba59f3963cfd3548e734c40.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:37 GMT
content-encoding
gzip
last-modified
Sun, 18 Jul 2021 09:38:15 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=30672000, public, immutable
accept-ranges
bytes
expires
Fri, 26 Aug 2022 20:17:37 GMT
wp-emoji-release.min.js?ver=5.7
www.securedoffers.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://www.securedoffers.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:37 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 02:01:44 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4942
expires
Tue, 05 Oct 2021 20:17:37 GMT
background.png
www.securedoffers.com/wp-content/themes/rttheme7/images/theme1/
54 KB
55 KB
Image
General
Full URL
https://www.securedoffers.com/wp-content/themes/rttheme7/images/theme1/background.png
Requested by
Host: www.securedoffers.com
URL: https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_fallback.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.188.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-188-6.unifiedlayer.com
Software
Apache /
Resource Hash
4254dee4c8e42bb9d4d4125e911aeaeb191b7b022d10e9be5fff20ec46adf860

Request headers

:path
/wp-content/themes/rttheme7/images/theme1/background.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.securedoffers.com
referer
https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_fallback.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.securedoffers.com/wp-content/cache/autoptimize/css/autoptimize_fallback.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 20:17:37 GMT
last-modified
Wed, 24 Jul 2013 10:11:06 GMT
server
Apache
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55457
expires
Mon, 05 Sep 2022 20:17:37 GMT
data:truncated
data:truncated
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6442be51226656071aef2d39e5d69150c5d4465f6e4adf419beffb7523c1933

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
data:truncated
data:truncated
249 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9a4d8852002172cb937f91cf58710856005ffc54b58ce405cb6c8e17e67d20f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
data:truncated
data:truncated
244 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
989a4503ca5b959b99e698a26521f90e54d1e03284d82eda0bfc4a857d9e844d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
data:truncated
data:truncated
355 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39ac468ad6d12e5702f6de452bc738636f6648f9575866f63dc457b3b8ea0901

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
data:truncated
data:truncated
262 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f2c7f3c5dc307acc68a51b841eca1b0c3c4c9e5bf9ef19992088eaaeba90a7a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wp function| sprintf function| vsprintf undefined| _ function| lodash object| wpcf7 object| twemoji object| ddsmoothmenu string| rttheme_disable_cufon function| Cufon function| $ function| jQuery string| toInject boolean| hasDuplicate number| scrollTop number| scrollLeft function| _showContent

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.securedoffers.com/wp-content/cache/autoptimize/js/autoptimize_32d98098aba59f3963cfd3548e734c40.js(Line 10)
Message:
[cycle] terminating; too few slides: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.google.com
www.paypal-www.calidad.com
www.securedoffers.com
192.254.188.6
199.59.242.153
2a00:1450:4001:831::2004
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
196e399ec6921b7b482f3c12cc3030872df4741a6f1e97e0abf5aa258626931d
1f2c7f3c5dc307acc68a51b841eca1b0c3c4c9e5bf9ef19992088eaaeba90a7a
1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef
21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
393ef61ede79218273b04edff7d8a27d222185409bffd0b93c1de5ea3d5febb7
39ac468ad6d12e5702f6de452bc738636f6648f9575866f63dc457b3b8ea0901
4254dee4c8e42bb9d4d4125e911aeaeb191b7b022d10e9be5fff20ec46adf860
47d75557a51564b5fdc449966ba0f23d165c0a7751f9df537ba4b0db84d2efad
7db4b4c88f45aac8042e49c8d60d9588d59724dddbb5692975e4217e79a82368
83edd2617ecf1095bde5aa7919c44bf44c528c846daf70e76dcfa7ad839d9a78
989a4503ca5b959b99e698a26521f90e54d1e03284d82eda0bfc4a857d9e844d
9e26b3ac63d0e966faaf22c089b8e1fbee0480702e28bd688fb97440911f7cc5
9f52ef4fce5447e3dc2948cafd81167bb94acb9efae2124160f1a328ee111605
b6442be51226656071aef2d39e5d69150c5d4465f6e4adf419beffb7523c1933
bec20adaf53a0573ead4dd69e2360e7a78341073cceb950949a64d60ef0a67e1
c4d78d462fa91ba52ca61ab21ad2770c6801d7a8366b42149662c18427a9a4a1
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d9ff36d920672b4076a5d58283d7a4332d094bbfcb2a8c146bc9311150e5c43c
e70e19c7c2e866e4c361dc840a758fe256b2edcbbaae823366eb2277dd73743a
e89a0e79c3ef917b39154d8b5a2f417ca203a9fee4efd52e20f862ca1244825d
e9a4d8852002172cb937f91cf58710856005ffc54b58ce405cb6c8e17e67d20f
ebb8ad6bf5d3a5d146aa179287efef8e5954562f989f5189bb0bd47d48bca9c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f290b66f4e3852eb929757bcf5ee9a7c9b90487a89c5052634961b1ab8c10888
f77125f25da4f281b6986f854c20ef974a74d8b98cda78d8dbeea22d367f1bf6