www.gorocketoffers.com Open in urlscan Pro
70.32.23.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://confirmationcenterz.com/redirect?target=BASE64aHR0cHM6Ly9zd3BzaGRubWt0Mi5jb20vP2E9MTA1NzYmYz0xNDM2MjQmczE9MGVjZjFjYTEtYz...
Effective URL:
https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=57072813...
Submission: On January 09 via manual (January 9th 2023, 6:24:57 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 70.32.23.104, located in United States and belongs to A2HOSTING, US. The main domain is www.gorocketoffers.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 27th 2022. Valid for: 3 months.

This is the only time www.gorocketoffers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.195.174.160 18.195.174.160	16509 (AMAZON-02) (AMAZON-02)
1 1	52.0.212.192 52.0.212.192	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.102.180.111 34.102.180.111	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	70.32.23.104 70.32.23.104	55293 (A2HOSTING) (A2HOSTING)
2	169.150.247.35 169.150.247.35	60068 (CDN77 ^_^) (CDN77 ^_^)
1	13.32.110.89 13.32.110.89	16509 (AMAZON-02) (AMAZON-02)
12	4

1 18.195.174.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com

confirmationcenterz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.212.192 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-212-192.compute-1.amazonaws.com

swpshdnmkt2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.180.111 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.180.102.34.bc.googleusercontent.com

www.piahja3k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 70.32.23.104 (United States)

ASN55293 (A2HOSTING, US)
PTR: mi3-ts12.a2hosting.com

www.gorocketoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.150.247.35 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-35.datapacket.com

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-89.vie50.r.cloudfront.net

openfpcdn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gorocketoffers.com www.gorocketoffers.com	47 KB
2	plausible.io plausible.io — Cisco Umbrella Rank: 21389	2 KB
1	openfpcdn.io openfpcdn.io — Cisco Umbrella Rank: 25553	14 KB
1	piahja3k.com 1 redirects www.piahja3k.com	487 B
1	swpshdnmkt2.com 1 redirects swpshdnmkt2.com	862 B
1	confirmationcenterz.com confirmationcenterz.com	713 B
12	6

	Domain	Requested by
8	www.gorocketoffers.com	confirmationcenterz.com www.gorocketoffers.com
2	plausible.io	www.gorocketoffers.com plausible.io
1	openfpcdn.io	www.gorocketoffers.com
1	www.piahja3k.com	1 redirects
1	swpshdnmkt2.com	1 redirects
1	confirmationcenterz.com
12	6

This site contains no links.

Subject Issuer	Validity	Valid
confirmationcenterz.com R3	`2022-12-23` - `2023-03-23`	3 months	crt.sh
gorocketoffers.com cPanel, Inc. Certification Authority	`2022-12-27` - `2023-03-27`	3 months	crt.sh
plausible.io R3	`2022-12-25` - `2023-03-25`	3 months	crt.sh
openfpcdn.io Amazon	`2022-02-24` - `2023-03-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9
Frame ID: FB81FF4233AC9D15DD1270EFEDD132CF
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Contact

Page URL History Show full URLs

https://confirmationcenterz.com/redirect?target=BASE64aHR0cHM6Ly9zd3BzaGRubWt0Mi5jb20vP2E9MTA1NzYmYz0xNDM2Mj... Page URL
https://swpshdnmkt2.com/?a=10576&c=143624&s1=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&s2=ddpafokrsg6kfip... HTTP 302
https://www.piahja3k.com/8LJN3/2CTPL/?source_id=10576&sub2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&sub3=... HTTP 302
https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101c... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

63 kB
Transfer

191 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://confirmationcenterz.com/redirect?target=BASE64aHR0cHM6Ly9zd3BzaGRubWt0Mi5jb20vP2E9MTA1NzYmYz0xNDM2MjQmczE9MGVjZjFjYTEtYzJjMC00OTE5LThiMmYtMTAxY2U4NGRlMTZjJnMyPWRkcGFmb2tyc2c2a2ZpcGwyYW91cTcyMg&ts=1673288633282&hash=AKkIz5MQhnoSpf-oH3Kf5tajKqhjzrxSH8L6JGsdINo&rm=DJ Page URL
https://swpshdnmkt2.com/?a=10576&c=143624&s1=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&s2=ddpafokrsg6kfipl2aouq722 HTTP 302
https://www.piahja3k.com/8LJN3/2CTPL/?source_id=10576&sub2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&sub3=570728136 HTTP 302
https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 redirect Show response
confirmationcenterz.com/ 556 B
713 B 166ms
23ms Document
text/html 18.195.174.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://confirmationcenterz.com/redirect?target=BASE64aHR0cHM6Ly9zd3BzaGRubWt0Mi5jb20vP2E9MTA1NzYmYz0xNDM2MjQmczE9MGVjZjFjYTEtYzJjMC00OTE5LThiMmYtMTAxY2U4NGRlMTZjJnMyPWRkcGFmb2tyc2c2a2ZpcGwyYW91cTcyMg&ts=1673288633282&hash=AKkIz5MQhnoSpf-oH3Kf5tajKqhjzrxSH8L6JGsdINo&rm=DJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.195.174.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 22d08db9bd118a248472e66bb4a6597f4feadc9cb391e1551c8048e1b679a2bd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-type: text/html;charset=UTF-8
date: Mon, 09 Jan 2023 18:24:51 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx

GET
H2

200

Primary Request / Show response
www.gorocketoffers.com/100905113a1/55R/
Redirect Chain

https://swpshdnmkt2.com/?a=10576&c=143624&s1=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&s2=ddpafokrsg6kfipl2aouq722
https://www.piahja3k.com/8LJN3/2CTPL/?source_id=10576&sub2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&sub3=570728136
https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9

9 KB
4 KB

561ms
129ms

Document
text/html

70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9

Requested by

Host: confirmationcenterz.com
URL: https://confirmationcenterz.com/redirect?target=BASE64aHR0cHM6Ly9zd3BzaGRubWt0Mi5jb20vP2E9MTA1NzYmYz0xNDM2MjQmczE9MGVjZjFjYTEtYzJjMC00OTE5LThiMmYtMTAxY2U4NGRlMTZjJnMyPWRkcGFmb2tyc2c2a2ZpcGwyYW91cTcyMg&ts=1673288633282&hash=AKkIz5MQhnoSpf-oH3Kf5tajKqhjzrxSH8L6JGsdINo&rm=DJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed / PHP/7.3.33

Resource Hash

67a126f453c0e0778da80425fc8832907239889c51f13435f9c453bceb031703

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://confirmationcenterz.com/redirect?target=BASE64aHR0cHM6Ly9zd3BzaGRubWt0Mi5jb20vP2E9MTA1NzYmYz0xNDM2MjQmczE9MGVjZjFjYTEtYzJjMC00OTE5LThiMmYtMTAxY2U4NGRlMTZjJnMyPWRkcGFmb2tyc2c2a2ZpcGwyYW91cTcyMg&ts=1673288633282&hash=AKkIz5MQhnoSpf-oH3Kf5tajKqhjzrxSH8L6JGsdINo&rm=DJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 09 Jan 2023 18:24:53 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.3.33

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212
content-type: text/html; charset=utf-8
date: Mon, 09 Jan 2023 18:24:52 GMT
location: https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 26d52e6d-d1fb-4e0b-9e9a-d73f21328d1c

GET
H2 200 styles.css
www.gorocketoffers.com/100905113a1/55R/css/ 40 KB
7 KB 128ms
126ms Stylesheet
text/css 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gorocketoffers.com/100905113a1/55R/css/styles.css

Requested by

Host: www.gorocketoffers.com
URL: https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

f540e72ac4d3c994a2652d81f949c3bc540daee8c743bbc355c3ce8a47318b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Thu, 01 Dec 2022 17:42:01 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7183
expires: Mon, 16 Jan 2023 18:24:53 GMT

GET
H2 200 lander.min.css
www.gorocketoffers.com/100905113a1/55R/css/ 12 KB
3 KB 129ms
127ms Stylesheet
text/css 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gorocketoffers.com/100905113a1/55R/css/lander.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

c10e335622da61877858fca2c349a9cc8edfc095994a7a9c894192395c89cdc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Thu, 01 Dec 2022 17:42:00 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2855
expires: Mon, 16 Jan 2023 18:24:53 GMT

GET
H2 200 error_handler.css
www.gorocketoffers.com/100905113a1/55R/css/ 3 KB
835 B 253ms
251ms Stylesheet
text/css 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gorocketoffers.com/100905113a1/55R/css/error_handler.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

06211caf6663c728740a01618bf087f7104cecd9df2a7870956d2fa757f9807a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Thu, 01 Dec 2022 17:41:59 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 776
expires: Mon, 16 Jan 2023 18:24:53 GMT

GET
H2 200 sha1.js Show response
www.gorocketoffers.com/100905113a1/55R/FP/ 4 KB
2 KB 254ms
253ms Script
application/javascript 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gorocketoffers.com/100905113a1/55R/FP/sha1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

26ddfeba7a963dd4607fd593782de6b8e9e623145b86fb9f0e4214235d98e0a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Thu, 01 Dec 2022 17:42:03 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1782
expires: Mon, 16 Jan 2023 18:24:53 GMT

GET
H2 200 main.js Show response
www.gorocketoffers.com/100905113a1/55R/FP/ 4 KB
1 KB 255ms
254ms Script
application/javascript 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gorocketoffers.com/100905113a1/55R/FP/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

1a096ecdfda2bb9a47390fb3d8ef187890c8f65f0c845a0b666300adee3e4735

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Thu, 01 Dec 2022 17:42:04 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1208
expires: Mon, 16 Jan 2023 18:24:53 GMT

GET
H2 404 jquery.min.js
www.gorocketoffers.com/100905113a1/55R/assets/js/ 0
0 255ms
254ms Script
text/html 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gorocketoffers.com/100905113a1/55R/assets/js/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 18:24:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 708

GET
H2 200 script.js Show response
plausible.io/js/ 1 KB
1 KB 81ms
21ms Script
application/javascript 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-169-150-247-35.datapacket.com

Software

BunnyCDN-DE1-1078 /

Resource Hash

ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 755
cdn-cachedat: 01/09/2023 13:17:41
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.0.8
server: BunnyCDN-DE1-1078
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, must-revalidate, max-age=86400
permissions-policy: interest-cohort=()
cdn-requestid: 7ce1bf59777780a0da331d197497bddc
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.4.1.min.js Show response
www.gorocketoffers.com/100905113a1/55R/js/ 86 KB
29 KB 256ms
255ms Script
application/javascript 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gorocketoffers.com/100905113a1/55R/js/jquery-3.4.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Thu, 01 Dec 2022 17:42:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 30047
expires: Mon, 16 Jan 2023 18:24:53 GMT

GET
H2 200 v3 Show response
openfpcdn.io/fingerprintjs/ 33 KB
14 KB 121ms
37ms Script
text/javascript 13.32.110.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://openfpcdn.io/fingerprintjs/v3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-89.vie50.r.cloudfront.net

Software

CloudFront /

Resource Hash

39e7df866301d63dc9f83e811a64576ae52f47c259f147b34e58d692d67a8d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gorocketoffers.com/
Origin: https://www.gorocketoffers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 17:55:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1775
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"iGPd/qM5rvpVhWvx3vVSNedX/OA"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=583801, s-maxage=11052
x-amz-cf-id: X50-ee53ZS9At92dowhTecN2u_iHnYU77bXEkBD2zv4FiL5qeuKvLA==

POST
H2 202 event Show response
plausible.io/api/ 2 B
489 B 76ms
31ms XHR
text/plain 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.gorocketoffers.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Jan 2023 18:24:53 GMT
cdn-edgestorageid: 1054
cdn-cachedat: 01/09/2023 18:24:53
cdn-pullzone: 682664
application: 10.0.0.8
content-length: 2
x-request-id: Fzi3M52bM1nxmFFu0kQH
server: BunnyCDN-DE1-1078
cdn-proxyver: 1.03
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: f6994b946675f38bc5a488a40ff23644
cdn-requestcountrycode: DE
cdn-status: 202
cdn-requestpullsuccess: True

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.swpshdnmkt2.com/	1969-12-31 23:59:59	Name: sid Value: u81bG6UepPunyX90lEN0yw/ihh9uosxuWlgf9CG+gbQH0RdPZXv6GQ==
.swpshdnmkt2.com/	1970-01-20 18:24:08	Name: trk Value: ZsW8RanUeBHQREDRkLO09w/ihh9uosxuWlgf9CG+gbQH0RdPZXv6GQ==
.swpshdnmkt2.com/	1970-01-20 09:31:20	Name: c28613 Value: u81bG6UepPtExwS45iNYMCbFKZP5t6/bzatPVkf40Xdy8t+S7rUWXQ==
www.piahja3k.com/	1970-01-20 08:49:35	Name: uniqueClick_2CTPL Value: a0480bbe-bea9-4eb3-8370-3adeb63db2dc:1673288692
www.piahja3k.com/	1970-01-20 10:57:44	Name: transaction_id Value: ae483c33ace84dde90bd0bc9923946a9
www.gorocketoffers.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 70e76264b491c934f86968924d8d2c50

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gorocketoffers.com/100905113a1/55R/assets/js/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.gorocketoffers.com/100905113a1/55R/?affid=6&source_id=10576&c1=&c2=0ecf1ca1-c2c0-4919-8b2f-101ce84de16c&c3=570728136&transid=ae483c33ace84dde90bd0bc9923946a9 Message: Refused to execute script from 'https://www.gorocketoffers.com/100905113a1/55R/assets/js/jquery.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

confirmationcenterz.com
openfpcdn.io
plausible.io
swpshdnmkt2.com
www.gorocketoffers.com
www.piahja3k.com
13.32.110.89
169.150.247.35
18.195.174.160
34.102.180.111
52.0.212.192
70.32.23.104
06211caf6663c728740a01618bf087f7104cecd9df2a7870956d2fa757f9807a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1a096ecdfda2bb9a47390fb3d8ef187890c8f65f0c845a0b666300adee3e4735
22d08db9bd118a248472e66bb4a6597f4feadc9cb391e1551c8048e1b679a2bd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26ddfeba7a963dd4607fd593782de6b8e9e623145b86fb9f0e4214235d98e0a4
39e7df866301d63dc9f83e811a64576ae52f47c259f147b34e58d692d67a8d59
67a126f453c0e0778da80425fc8832907239889c51f13435f9c453bceb031703
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
c10e335622da61877858fca2c349a9cc8edfc095994a7a9c894192395c89cdc5
f540e72ac4d3c994a2652d81f949c3bc540daee8c743bbc355c3ce8a47318b2e

www.gorocketoffers.com Open in urlscan Pro 70.32.23.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

4 IPs

2 Countries

63 kBTransfer

191 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

6 Cookies

2 Console Messages

Indicators

www.gorocketoffers.com Open in urlscan Pro
70.32.23.104 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

63 kB
Transfer

191 kB
Size

6
Cookies

12 HTTP transactions
0 data transactions