www.safeofferz.com
Open in
urlscan Pro
54.77.207.240
Public Scan
Effective URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=...
Submission: On September 13 via manual from US
Summary
TLS certificate: Issued by Amazon on March 27th 2018. Valid for: a year.
This is the only time www.safeofferz.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2001:1aa8:185... 2001:1aa8:185::212:100 | 24642 (NL-CAVEO) (NL-CAVEO) | |
1 | 2001:1aa8:185... 2001:1aa8:185::212:101 | 24642 (NL-CAVEO) (NL-CAVEO) | |
1 | 52.208.172.46 52.208.172.46 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
12 | 54.77.207.240 54.77.207.240 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
14 | 3 |
ASN24642 (NL-CAVEO, NL)
ad1.adspaces.ero-advertising.com | |
speedclicks.ero-advertising.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-172-46.eu-west-1.compute.amazonaws.com
1d5dcb2107f.fbbdrtp.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
www.safeofferz.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
safeofferz.com
www.safeofferz.com |
120 KB |
3 |
ero-advertising.com
2 redirects
ad1.adspaces.ero-advertising.com speedclicks.ero-advertising.com |
51 KB |
1 |
fbbdrtp.com
1d5dcb2107f.fbbdrtp.com |
1 KB |
14 | 3 |
Domain | Requested by | |
---|---|---|
12 | www.safeofferz.com |
www.safeofferz.com
|
2 | speedclicks.ero-advertising.com | 1 redirects |
1 | 1d5dcb2107f.fbbdrtp.com |
speedclicks.ero-advertising.com
|
1 | ad1.adspaces.ero-advertising.com | 1 redirects |
14 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.wasfickt.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
fbbdrtp.com Let's Encrypt Authority X3 |
2018-08-30 - 2018-11-28 |
3 months | crt.sh |
safeofferz.com Amazon |
2018-03-27 - 2019-04-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Frame ID: 6423BEA2557704C9BBEBCBD982728334
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ad1.adspaces.ero-advertising.com/
HTTP 302
http://speedclicks.ero-advertising.com/speedclicks/in.php?pid=1&siteid=2&spaceid=9544 Page URL
-
http://speedclicks.ero-advertising.com/speedclicks/out.php?1=1&pid=1&siteid=2&spaceid=9544&xcheck=yOWW0D7cg0ABKtZ9n...
HTTP 302
https://1d5dcb2107f.fbbdrtp.com/?p=9389&media_type=adult&click_id=6|48763|1|de|106267|94490|9544|0|0|61|0|0|... Page URL
- https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,130... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutzerklärung
Search URL Search Domain Scan URL
Title: Unterhaltungsrichtlinien
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ad1.adspaces.ero-advertising.com/
HTTP 302
http://speedclicks.ero-advertising.com/speedclicks/in.php?pid=1&siteid=2&spaceid=9544 Page URL
-
http://speedclicks.ero-advertising.com/speedclicks/out.php?1=1&pid=1&siteid=2&spaceid=9544&xcheck=yOWW0D7cg0ABKtZ9ndi8CmoMTqlojims2mytuj5sWXI6Otv5B0rsXwE5vDMCeStAVRXLPvZYgrSJCrRcVaQL5f1CspQQ20%2B75J95pYBaTy7ONjUUO36NvhrgWwBOf3JCMK30xLf4aft2WguUtTpW2g%3D%3D&tz=0000&sh=1200&sw=1600&wh=1200&ww=1600&fprint=c1771541cd5b2ef338acce970ad0c099
HTTP 302
https://1d5dcb2107f.fbbdrtp.com/?p=9389&media_type=adult&click_id=6|48763|1|de|106267|94490|9544|0|0|61|0|0|2|0|0&source_type=redirect Page URL
- https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://ad1.adspaces.ero-advertising.com/ HTTP 302
- http://speedclicks.ero-advertising.com/speedclicks/in.php?pid=1&siteid=2&spaceid=9544
- http://speedclicks.ero-advertising.com/speedclicks/out.php?1=1&pid=1&siteid=2&spaceid=9544&xcheck=yOWW0D7cg0ABKtZ9ndi8CmoMTqlojims2mytuj5sWXI6Otv5B0rsXwE5vDMCeStAVRXLPvZYgrSJCrRcVaQL5f1CspQQ20%2B75J95pYBaTy7ONjUUO36NvhrgWwBOf3JCMK30xLf4aft2WguUtTpW2g%3D%3D&tz=0000&sh=1200&sw=1600&wh=1200&ww=1600&fprint=c1771541cd5b2ef338acce970ad0c099 HTTP 302
- https://1d5dcb2107f.fbbdrtp.com/?p=9389&media_type=adult&click_id=6|48763|1|de|106267|94490|9544|0|0|61|0|0|2|0|0&source_type=redirect
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
in.php
speedclicks.ero-advertising.com/speedclicks/ Redirect Chain
|
116 KB 50 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
1d5dcb2107f.fbbdrtp.com/ Redirect Chain
|
748 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/ |
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag.png
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ |
98 B 480 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yes.png
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
no.png
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg5.jpg
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg4.jpg
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ |
39 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg3.jpg
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ |
7 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg2.jpg
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg1.jpg
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foto.png
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ |
260 B 643 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| babes number| babe object| buttonNew object| buttonContinue object| buttonSubmit object| body object| overlay object| username object| finalusername object| inputusername object| inputuserid object| distance object| photocount function| showOverlay function| newBabe function| validateBirthDay1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.safeofferz.com/ | Name: AWSALB Value: B55fjjBb9+YU3BGwFyPCJ1dqV/kndrGNF9FsxNdTies3Hb97D9nepMpYLsl67EVM2lFBnzogxNpLZ/WZlaRSxpPYWvryVk+OJ3/SAe6ramg42+vzn+qtY8aBzzOR |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1d5dcb2107f.fbbdrtp.com
ad1.adspaces.ero-advertising.com
speedclicks.ero-advertising.com
www.safeofferz.com
2001:1aa8:185::212:100
2001:1aa8:185::212:101
52.208.172.46
54.77.207.240
104d4fee220906282bf8eb0e07076462c6ed5c2173aa93ca4aa4ab4e2c4d5fe4
1e758b2adbfa6106a13b0977a81108b4e65d0c5ac6218203b78c9442cb9d8931
2bc562d4b199d8fc6ce9e7b7e7ab4aef4d3f07733aa597c38e7a6c23398dba2a
2c7627057a3fdc0a5fcd553ef813cda9811d6323f2dbc09f57c187db24acd24b
37a955a56b089fef390511155ad8efd228b58d04d8236a9138fe2901470b4f36
4ac73b5fb1aa8856748701c9b57b06415a0003257eaba2abdc3bc599e4f8dbf9
9156b926e7e67473a02898f9cd9c28627cfa4d88503e3826078fdda3a1a0e47e
b6f4069abc47427473df37030cff9be0f0fabe9ad9588c3457ded727945e94ce
be3276d34484cfcbf27ec9548b2203655b6c8b8393cf2c5098a1b1dc66811386
cc7242b21c18e8b225f84daced3b19175b556d9940cb2287beedef81ca2c2844
dd8326dd1e2932295026589131c860fcbfd8b3b32f9e1399f6bce6d9178fe7bc
eb78afe5bde5d281e2b3229ba9f38b9f57cda9fc85e40a2f78b292938826e895
ec780dc692bfc5e0d3466918c05ec2867eda6e798083c6f6b2937a921caf3625
f9ab7383272a5c0ae1d3d7ca12cd6943e23a36741f267752466ab196e291beb1