www.safeofferz.com Open in urlscan Pro
54.77.207.240 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ad1.adspaces.ero-advertising.com/
Effective URL:
https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=...
Submission: On September 13 via manual (September 13th 2018, 10:19:11 pm UTC) from US

Summary HTTP 14 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 54.77.207.240, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.safeofferz.com.
TLS certificate: Issued by Amazon on March 27th 2018. Valid for: a year.

This is the only time www.safeofferz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2001:1aa8:185... 2001:1aa8:185::212:100	24642 (NL-CAVEO) (NL-CAVEO)
1	2001:1aa8:185... 2001:1aa8:185::212:101	24642 (NL-CAVEO) (NL-CAVEO)
1	52.208.172.46 52.208.172.46	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
12	54.77.207.240 54.77.207.240	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
14	3

2 2001:1aa8:185::212:100 (Netherlands) 2 redirects

ASN24642 (NL-CAVEO, NL)

ad1.adspaces.ero-advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
speedclicks.ero-advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:1aa8:185::212:101 (Netherlands)

ASN24642 (NL-CAVEO, NL)

speedclicks.ero-advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.172.46 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-172-46.eu-west-1.compute.amazonaws.com

1d5dcb2107f.fbbdrtp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.77.207.240 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com

www.safeofferz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	safeofferz.com www.safeofferz.com	120 KB
3	ero-advertising.com 2 redirects ad1.adspaces.ero-advertising.com speedclicks.ero-advertising.com	51 KB
1	fbbdrtp.com 1d5dcb2107f.fbbdrtp.com	1 KB
14	3

	Domain	Requested by
12	www.safeofferz.com	www.safeofferz.com
2	speedclicks.ero-advertising.com	1 redirects
1	1d5dcb2107f.fbbdrtp.com	speedclicks.ero-advertising.com
1	ad1.adspaces.ero-advertising.com	1 redirects
14	4

This site contains links to these domains. Also see Links.

Domain
www.wasfickt.com

Subject Issuer	Validity	Valid
fbbdrtp.com Let's Encrypt Authority X3	`2018-08-30` - `2018-11-28`	3 months	crt.sh
safeofferz.com Amazon	`2018-03-27` - `2019-04-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Frame ID: 6423BEA2557704C9BBEBCBD982728334
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ad1.adspaces.ero-advertising.com/ HTTP 302
http://speedclicks.ero-advertising.com/speedclicks/in.php?pid=1&siteid=2&spaceid=9544 Page URL
http://speedclicks.ero-advertising.com/speedclicks/out.php?1=1&pid=1&siteid=2&spaceid=9544&xcheck=yOWW0D7cg0ABKtZ9n... HTTP 302
https://1d5dcb2107f.fbbdrtp.com/?p=9389&media_type=adult&click_id=6|48763|1|de|106267|94490|9544|0|0|61|0|0|... Page URL
https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,130... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

14
Requests

93 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

172 kB
Transfer

247 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wasfickt.com/terms
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://www.wasfickt.com/privacy
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://www.wasfickt.com/terms#guidelines
Title: Unterhaltungsrichtlinien

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ad1.adspaces.ero-advertising.com/ HTTP 302
http://speedclicks.ero-advertising.com/speedclicks/in.php?pid=1&siteid=2&spaceid=9544 Page URL
http://speedclicks.ero-advertising.com/speedclicks/out.php?1=1&pid=1&siteid=2&spaceid=9544&xcheck=yOWW0D7cg0ABKtZ9ndi8CmoMTqlojims2mytuj5sWXI6Otv5B0rsXwE5vDMCeStAVRXLPvZYgrSJCrRcVaQL5f1CspQQ20%2B75J95pYBaTy7ONjUUO36NvhrgWwBOf3JCMK30xLf4aft2WguUtTpW2g%3D%3D&tz=0000&sh=1200&sw=1600&wh=1200&ww=1600&fprint=c1771541cd5b2ef338acce970ad0c099 HTTP 302
https://1d5dcb2107f.fbbdrtp.com/?p=9389&media_type=adult&click_id=6|48763|1|de|106267|94490|9544|0|0|61|0|0|2|0|0&source_type=redirect Page URL
https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ad1.adspaces.ero-advertising.com/ HTTP 302
http://speedclicks.ero-advertising.com/speedclicks/in.php?pid=1&siteid=2&spaceid=9544

Request Chain 1

http://speedclicks.ero-advertising.com/speedclicks/out.php?1=1&pid=1&siteid=2&spaceid=9544&xcheck=yOWW0D7cg0ABKtZ9ndi8CmoMTqlojims2mytuj5sWXI6Otv5B0rsXwE5vDMCeStAVRXLPvZYgrSJCrRcVaQL5f1CspQQ20%2B75J95pYBaTy7ONjUUO36NvhrgWwBOf3JCMK30xLf4aft2WguUtTpW2g%3D%3D&tz=0000&sh=1200&sw=1600&wh=1200&ww=1600&fprint=c1771541cd5b2ef338acce970ad0c099 HTTP 302
https://1d5dcb2107f.fbbdrtp.com/?p=9389&media_type=adult&click_id=6|48763|1|de|106267|94490|9544|0|0|61|0|0|2|0|0&source_type=redirect

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set in.php Show response
speedclicks.ero-advertising.com/speedclicks/
Redirect Chain

http://ad1.adspaces.ero-advertising.com/
http://speedclicks.ero-advertising.com/speedclicks/in.php?pid=1&siteid=2&spaceid=9544

116 KB
50 KB

33ms
18ms

Document
text/html

2001:1aa8:185::212:101
NL-CAVEO

General

Check archive.org

Show headers Download Go to

Full URL

http://speedclicks.ero-advertising.com/speedclicks/in.php?pid=1&siteid=2&spaceid=9544

Protocol

HTTP/1.1

Server

2001:1aa8:185::212:101 , Netherlands, ASN24642 (NL-CAVEO, NL),

Reverse DNS

Software

nginx /

Resource Hash

2bc562d4b199d8fc6ce9e7b7e7ab4aef4d3f07733aa597c38e7a6c23398dba2a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Host: speedclicks.ero-advertising.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 6423BEA2557704C9BBEBCBD982728334

Response headers

Server: nginx
Date: Thu, 13 Sep 2018 22:19:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
P3P: CP="NOI DSP COR TAIa SAMa NOR"
Set-Cookie: uvid=ae574754f5f1ca9f434ece04fdfccebb; expires=Fri, 13-Sep-2019 22:19:00 GMT; Max-Age=31536000; path=/; domain=.ero-advertising.com uvid=ae574754f5f1ca9f434ece04fdfccebb; expires=Fri, 13-Sep-2019 22:19:00 GMT; Max-Age=31536000; path=/; domain=.eroadvertising.com spcheck=1; expires=Thu, 13-Sep-2018 22:20:00 GMT; Max-Age=60; path=/; domain=.ero-advertising.com
X-Frame-Options: DENY
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
X-Backend-Server: nl1-web213-21
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 13 Sep 2018 22:19:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
location: http://speedclicks.ero-advertising.com/speedclicks/in.php?pid=1&siteid=2&spaceid=9544
X-Backend-Server: nl1-web213-24

GET
H2

200

/ Show response
1d5dcb2107f.fbbdrtp.com/
Redirect Chain

http://speedclicks.ero-advertising.com/speedclicks/out.php?1=1&pid=1&siteid=2&spaceid=9544&xcheck=yOWW0D7cg0ABKtZ9ndi8CmoMTqlojims2mytuj5sWXI6Otv5B0rsXwE5vDMCeStAVRXLPvZYgrSJCrRcVaQL5f1CspQQ20%2B75...
https://1d5dcb2107f.fbbdrtp.com/?p=9389&media_type=adult&click_id=6|48763|1|de|106267|94490|9544|0|0|61|0|0|2|0|0&source_type=redirect

748 B
1 KB

89ms
33ms

Document
text/html

52.208.172.46
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://1d5dcb2107f.fbbdrtp.com/?p=9389&media_type=adult&click_id=6|48763|1|de|106267|94490|9544|0|0|61|0|0|2|0|0&source_type=redirect
Requested by: Host: speedclicks.ero-advertising.com
URL: http://speedclicks.ero-advertising.com/speedclicks/in.php?pid=1&siteid=2&spaceid=9544
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.208.172.46 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-172-46.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ec780dc692bfc5e0d3466918c05ec2867eda6e798083c6f6b2937a921caf3625

Request headers

:method: GET
:authority: 1d5dcb2107f.fbbdrtp.com
:scheme: https
:path: /?p=9389&media_type=adult&click_id=6|48763|1|de|106267|94490|9544|0|0|61|0|0|2|0|0&source_type=redirect
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://speedclicks.ero-advertising.com/speedclicks/in.php?pid=1&siteid=2&spaceid=9544
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 6423BEA2557704C9BBEBCBD982728334
Referer: http://speedclicks.ero-advertising.com/speedclicks/in.php?pid=1&siteid=2&spaceid=9544

Response headers

status: 200
server: nginx
date: Thu, 13 Sep 2018 22:19:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: traffic-back=ok; expires=Thu, 13-Sep-2018 22:19:31 GMT; Max-Age=30; path=/; domain=1d5dcb2107f.fbbdrtp.com traffic-visited-offers=%7C%7C29156%7Credirect; expires=Fri, 14-Sep-2018 22:19:01 GMT; Max-Age=86400; path=/; domain=1d5dcb2107f.fbbdrtp.com traffic-visited-domain=safeofferz.com; expires=Sat, 13-Oct-2018 22:19:01 GMT; Max-Age=2592000; path=/; domain=1d5dcb2107f.fbbdrtp.com rts-trck=1; expires=Thu, 13-Sep-2018 22:29:01 GMT; Max-Age=600; path=/; domain=1d5dcb2107f.fbbdrtp.com
last-modified: Thu, 13 Sep 2018 22:19:01 GMT
expires: Thu, 13 Sep 2018 22:19:01 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow
content-encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 13 Sep 2018 22:19:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
P3P: CP="NOI DSP COR TAIa SAMa NOR"
Expires: Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified: Thu, 13 Sep 2018 22:19:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
Pragma: no-cache
location: https://1d5dcb2107f.fbbdrtp.com/?p=9389&media_type=adult&click_id=6|48763|1|de|106267|94490|9544|0|0|61|0|0|2|0|0&source_type=redirect
X-Backend-Server: nl1-web213-65

GET
H2 200 Primary Request / Show response
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/ 8 KB
2 KB 104ms
29ms Document
text/html 54.77.207.240
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2c7627057a3fdc0a5fcd553ef813cda9811d6323f2dbc09f57c187db24acd24b

Request headers

:method: GET
:authority: www.safeofferz.com
:scheme: https
:path: /landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://1d5dcb2107f.fbbdrtp.com/?p=9389&media_type=adult&click_id=6|48763|1|de|106267|94490|9544|0|0|61|0|0|2|0|0&source_type=redirect
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 6423BEA2557704C9BBEBCBD982728334
Referer: https://1d5dcb2107f.fbbdrtp.com/?p=9389&media_type=adult&click_id=6|48763|1|de|106267|94490|9544|0|0|61|0|0|2|0|0&source_type=redirect

Response headers

status: 200
date: Thu, 13 Sep 2018 22:19:01 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=LGIshWGvlIyCp9DykMtVLb9oDPjWUYTW1/P2aeYwKRNHYMu3KatvWIOYyyqgrhSihkSDHDStnAY3BxThn/7O3b3rhPnk0il1nWnr8cH9+DIppi1rP6Ik3Hz0QtVL; Expires=Thu, 20 Sep 2018 22:19:01 GMT; Path=/
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-encoding: gzip

GET
H2 200 style.css
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/ 8 KB
2 KB 27ms
26ms Stylesheet
text/css 54.77.207.240
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
Requested by: Host: www.safeofferz.com
URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 37a955a56b089fef390511155ad8efd228b58d04d8236a9138fe2901470b4f36

Request headers

:path: /landing/de/all/revhunters/wasfickt/2/desk/css/style.css
pragma: no-cache
cookie: AWSALB=LGIshWGvlIyCp9DykMtVLb9oDPjWUYTW1/P2aeYwKRNHYMu3KatvWIOYyyqgrhSihkSDHDStnAY3BxThn/7O3b3rhPnk0il1nWnr8cH9+DIppi1rP6Ik3Hz0QtVL
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.safeofferz.com
referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
:scheme: https
:method: GET
Referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Sep 2018 22:19:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Aug 2018 11:33:24 GMT
server: nginx
etag: W/"5b72be04-1eb6"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000 public
set-cookie: AWSALB=h8RBpy7JwF/0EA0obUtVpaWbYPSKll26xxhXgRqisOvIaiZkCa5L4jldD4yIguKGX/SOISOwnmu3UDdomUbfQAqpLeIbmOtKBvDYEkdMI5igj5lHmgpOb53CufIX; Expires=Thu, 20 Sep 2018 22:19:01 GMT; Path=/
expires: Fri, 13 Sep 2019 22:19:01 GMT

GET
H2 200 flag.png
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ 98 B
480 B 28ms
27ms Image
image/png 54.77.207.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/flag.png
Requested by: Host: www.safeofferz.com
URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: be3276d34484cfcbf27ec9548b2203655b6c8b8393cf2c5098a1b1dc66811386

Request headers

:path: /landing/de/all/revhunters/wasfickt/2/desk/images/flag.png
pragma: no-cache
cookie: AWSALB=LGIshWGvlIyCp9DykMtVLb9oDPjWUYTW1/P2aeYwKRNHYMu3KatvWIOYyyqgrhSihkSDHDStnAY3BxThn/7O3b3rhPnk0il1nWnr8cH9+DIppi1rP6Ik3Hz0QtVL
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.safeofferz.com
referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
:scheme: https
:method: GET
Referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Sep 2018 22:19:01 GMT
last-modified: Tue, 14 Aug 2018 11:33:24 GMT
server: nginx
etag: "5b72be04-62"
content-type: image/png
status: 200
cache-control: max-age=31536000 public
set-cookie: AWSALB=qSTNBbQgiWfkBngMVViH3Tw5/HMrjGL1q9+3MHhCsqOuSbkYRIcxXiVfjsIgzmtS9bsfvLRlLVRpG2xD3XYIgBUyOCDfPikAK+8psOeU/mEYwydpPTypro79h65P; Expires=Thu, 20 Sep 2018 22:19:01 GMT; Path=/
accept-ranges: bytes
content-length: 98
expires: Fri, 13 Sep 2019 22:19:01 GMT

GET
H2 200 script.js Show response
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/js/ 4 KB
1 KB 27ms
27ms Script
application/javascript 54.77.207.240
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/js/script.js
Requested by: Host: www.safeofferz.com
URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dd8326dd1e2932295026589131c860fcbfd8b3b32f9e1399f6bce6d9178fe7bc

Request headers

:path: /landing/de/all/revhunters/wasfickt/2/desk/js/script.js
pragma: no-cache
cookie: AWSALB=LGIshWGvlIyCp9DykMtVLb9oDPjWUYTW1/P2aeYwKRNHYMu3KatvWIOYyyqgrhSihkSDHDStnAY3BxThn/7O3b3rhPnk0il1nWnr8cH9+DIppi1rP6Ik3Hz0QtVL
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.safeofferz.com
referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
:scheme: https
:method: GET
Referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Sep 2018 22:19:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Aug 2018 11:33:24 GMT
server: nginx
etag: W/"5b72be04-e0e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=31536000 public
set-cookie: AWSALB=xbkB+Pn+FawbT85WJe76BjwyPlnh1qv4a8SWOU5pxy5HRR+OT/qaFKuKCC09JEU5aXaHyEyBsnzvEM5MZGuLjhBzb0mT2pUMR6XFy+KFu84gOj3ZA1+MyR++pEfl; Expires=Thu, 20 Sep 2018 22:19:01 GMT; Path=/
expires: Fri, 13 Sep 2019 22:19:01 GMT

GET
H2 200 yes.png
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ 6 KB
6 KB 27ms
26ms Image
image/png 54.77.207.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/yes.png
Requested by: Host: www.safeofferz.com
URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9156b926e7e67473a02898f9cd9c28627cfa4d88503e3826078fdda3a1a0e47e

Request headers

:path: /landing/de/all/revhunters/wasfickt/2/desk/images/yes.png
pragma: no-cache
cookie: AWSALB=qSTNBbQgiWfkBngMVViH3Tw5/HMrjGL1q9+3MHhCsqOuSbkYRIcxXiVfjsIgzmtS9bsfvLRlLVRpG2xD3XYIgBUyOCDfPikAK+8psOeU/mEYwydpPTypro79h65P
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.safeofferz.com
referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
:scheme: https
:method: GET
Referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Sep 2018 22:19:01 GMT
last-modified: Tue, 14 Aug 2018 11:33:24 GMT
server: nginx
etag: "5b72be04-1858"
content-type: image/png
status: 200
cache-control: max-age=31536000 public
set-cookie: AWSALB=ShE+cOzV/JDyZWNI24y5mJ5xRiprSNq76PdDiexTy0tLWZ1d+/ayvCeSh3RTSg/QRAXihnacYpaz5IkeqP8pbt4p+POWF10umAYKSdJAGkzMYqkk5kXaiKZmMQCT; Expires=Thu, 20 Sep 2018 22:19:01 GMT; Path=/
accept-ranges: bytes
content-length: 6232
expires: Fri, 13 Sep 2019 22:19:01 GMT

GET
H2 200 no.png
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ 4 KB
5 KB 27ms
26ms Image
image/png 54.77.207.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/no.png
Requested by: Host: www.safeofferz.com
URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eb78afe5bde5d281e2b3229ba9f38b9f57cda9fc85e40a2f78b292938826e895

Request headers

:path: /landing/de/all/revhunters/wasfickt/2/desk/images/no.png
pragma: no-cache
cookie: AWSALB=qSTNBbQgiWfkBngMVViH3Tw5/HMrjGL1q9+3MHhCsqOuSbkYRIcxXiVfjsIgzmtS9bsfvLRlLVRpG2xD3XYIgBUyOCDfPikAK+8psOeU/mEYwydpPTypro79h65P
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.safeofferz.com
referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
:scheme: https
:method: GET
Referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Sep 2018 22:19:01 GMT
last-modified: Tue, 14 Aug 2018 11:33:24 GMT
server: nginx
etag: "5b72be04-10d4"
content-type: image/png
status: 200
cache-control: max-age=31536000 public
set-cookie: AWSALB=vufy9lC7PjdndV9ZXcAIfBgpxsSYS/c3cBPUT8BF4b3sCkNBA44MJYB/l47ZApqb5ADTMq34jAKxA9a4vh0bTtjj7QQA0lj+F8eb/S3SYVkvCuhei67eJLkPLQWI; Expires=Thu, 20 Sep 2018 22:19:01 GMT; Path=/
accept-ranges: bytes
content-length: 4308
expires: Fri, 13 Sep 2019 22:19:01 GMT

GET
H2 200 bg5.jpg
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ 17 KB
17 KB 52ms
51ms Image
image/jpeg 54.77.207.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/bg5.jpg
Requested by: Host: www.safeofferz.com
URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cc7242b21c18e8b225f84daced3b19175b556d9940cb2287beedef81ca2c2844

Request headers

:path: /landing/de/all/revhunters/wasfickt/2/desk/images/bg5.jpg
pragma: no-cache
cookie: AWSALB=qSTNBbQgiWfkBngMVViH3Tw5/HMrjGL1q9+3MHhCsqOuSbkYRIcxXiVfjsIgzmtS9bsfvLRlLVRpG2xD3XYIgBUyOCDfPikAK+8psOeU/mEYwydpPTypro79h65P
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.safeofferz.com
referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
:scheme: https
:method: GET
Referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Sep 2018 22:19:01 GMT
last-modified: Tue, 14 Aug 2018 11:33:24 GMT
server: nginx
etag: "5b72be04-435e"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000 public
set-cookie: AWSALB=e7jjzTNxqfBvYWfKJ68QWUHM88LCAFPcqWe/pwtaBw8cwDMeXXw9S0NqQPsKHzE+O2jxHWD4hnbbZPqjOGkLTnCpFg8CEJz5h5zFl+qnV9iqGJmArpRE+9TkGHLW; Expires=Thu, 20 Sep 2018 22:19:01 GMT; Path=/
accept-ranges: bytes
content-length: 17246
expires: Fri, 13 Sep 2019 22:19:01 GMT

GET
H2 200 bg4.jpg
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ 39 KB
39 KB 53ms
52ms Image
image/jpeg 54.77.207.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/bg4.jpg
Requested by: Host: www.safeofferz.com
URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4ac73b5fb1aa8856748701c9b57b06415a0003257eaba2abdc3bc599e4f8dbf9

Request headers

:path: /landing/de/all/revhunters/wasfickt/2/desk/images/bg4.jpg
pragma: no-cache
cookie: AWSALB=qSTNBbQgiWfkBngMVViH3Tw5/HMrjGL1q9+3MHhCsqOuSbkYRIcxXiVfjsIgzmtS9bsfvLRlLVRpG2xD3XYIgBUyOCDfPikAK+8psOeU/mEYwydpPTypro79h65P
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.safeofferz.com
referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
:scheme: https
:method: GET
Referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Sep 2018 22:19:01 GMT
last-modified: Tue, 14 Aug 2018 11:33:24 GMT
server: nginx
etag: "5b72be04-9a37"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000 public
set-cookie: AWSALB=U7GvSx0mOsOoc1MXpNffOBwjbpcT3W/rdpXXEkOXWwAHqFqF2uY60hs6g4zk0wLjM31GB9dLo59SaYIIiwFkadzzmsuCrCFWyYTAGF3o10OOHCu1R0vhvmN5ff+8; Expires=Thu, 20 Sep 2018 22:19:01 GMT; Path=/
accept-ranges: bytes
content-length: 39479
expires: Fri, 13 Sep 2019 22:19:01 GMT

GET
H2 200 bg3.jpg
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ 7 KB
8 KB 78ms
77ms Image
image/jpeg 54.77.207.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/bg3.jpg
Requested by: Host: www.safeofferz.com
URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 104d4fee220906282bf8eb0e07076462c6ed5c2173aa93ca4aa4ab4e2c4d5fe4

Request headers

:path: /landing/de/all/revhunters/wasfickt/2/desk/images/bg3.jpg
pragma: no-cache
cookie: AWSALB=qSTNBbQgiWfkBngMVViH3Tw5/HMrjGL1q9+3MHhCsqOuSbkYRIcxXiVfjsIgzmtS9bsfvLRlLVRpG2xD3XYIgBUyOCDfPikAK+8psOeU/mEYwydpPTypro79h65P
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.safeofferz.com
referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
:scheme: https
:method: GET
Referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Sep 2018 22:19:01 GMT
last-modified: Tue, 14 Aug 2018 11:33:24 GMT
server: nginx
etag: "5b72be04-1de2"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000 public
set-cookie: AWSALB=qYNU6DVOFDcFwLnW5JVS0E8bgNsEulkA73URH0z1j6iqEGDJk/5cq2d+yf+Pi2Lgt8Si93RnL0G3E9U1Nb1pogSP8w206i5ZadYJohfRjrtd16POP+Jhf39vL4lT; Expires=Thu, 20 Sep 2018 22:19:01 GMT; Path=/
accept-ranges: bytes
content-length: 7650
expires: Fri, 13 Sep 2019 22:19:01 GMT

GET
H2 200 bg2.jpg
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ 16 KB
17 KB 78ms
77ms Image
image/jpeg 54.77.207.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/bg2.jpg
Requested by: Host: www.safeofferz.com
URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6f4069abc47427473df37030cff9be0f0fabe9ad9588c3457ded727945e94ce

Request headers

:path: /landing/de/all/revhunters/wasfickt/2/desk/images/bg2.jpg
pragma: no-cache
cookie: AWSALB=qSTNBbQgiWfkBngMVViH3Tw5/HMrjGL1q9+3MHhCsqOuSbkYRIcxXiVfjsIgzmtS9bsfvLRlLVRpG2xD3XYIgBUyOCDfPikAK+8psOeU/mEYwydpPTypro79h65P
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.safeofferz.com
referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
:scheme: https
:method: GET
Referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Sep 2018 22:19:01 GMT
last-modified: Tue, 14 Aug 2018 11:33:24 GMT
server: nginx
etag: "5b72be04-40bf"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000 public
set-cookie: AWSALB=K8dilwkfKNAAvrZdT0q9+pF5ctFtZrD3WlH2CiimXDdUIPqJ3ez2IJgZqB2SSF1gTUEU5eWLdHALa7ZFj3SfPUmNdSQfd407w7W0Pyy9GJx/X6+p9iMOYiYky4PA; Expires=Thu, 20 Sep 2018 22:19:01 GMT; Path=/
accept-ranges: bytes
content-length: 16575
expires: Fri, 13 Sep 2019 22:19:01 GMT

GET
H2 200 bg1.jpg
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ 22 KB
22 KB 78ms
78ms Image
image/jpeg 54.77.207.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/bg1.jpg
Requested by: Host: www.safeofferz.com
URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1e758b2adbfa6106a13b0977a81108b4e65d0c5ac6218203b78c9442cb9d8931

Request headers

:path: /landing/de/all/revhunters/wasfickt/2/desk/images/bg1.jpg
pragma: no-cache
cookie: AWSALB=qSTNBbQgiWfkBngMVViH3Tw5/HMrjGL1q9+3MHhCsqOuSbkYRIcxXiVfjsIgzmtS9bsfvLRlLVRpG2xD3XYIgBUyOCDfPikAK+8psOeU/mEYwydpPTypro79h65P
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.safeofferz.com
referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
:scheme: https
:method: GET
Referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Sep 2018 22:19:01 GMT
last-modified: Tue, 14 Aug 2018 11:33:24 GMT
server: nginx
etag: "5b72be04-5733"
content-type: image/jpeg
status: 200
cache-control: max-age=31536000 public
set-cookie: AWSALB=l/7kkvW3iHPrjNslz8cvDF49jphPBxw8/+7ghcnwG9Y5X5AKCl8jJ9THEtbFxMba49nuOEYu/lD0anExczKWGB/KF0gP8FXTox/YYBsBL61V/ML2jofY03R5bFmD; Expires=Thu, 20 Sep 2018 22:19:01 GMT; Path=/
accept-ranges: bytes
content-length: 22323
expires: Fri, 13 Sep 2019 22:19:01 GMT

GET
H2 200 foto.png
www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/ 260 B
643 B 78ms
78ms Image
image/png 54.77.207.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/images/foto.png
Requested by: Host: www.safeofferz.com
URL: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/?tid=4re6ftguj7ggokoo0kscok0c0,13042958,5,9389&ctrack=1536877141.3095725493
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.207.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-207-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f9ab7383272a5c0ae1d3d7ca12cd6943e23a36741f267752466ab196e291beb1

Request headers

:path: /landing/de/all/revhunters/wasfickt/2/desk/images/foto.png
pragma: no-cache
cookie: AWSALB=qSTNBbQgiWfkBngMVViH3Tw5/HMrjGL1q9+3MHhCsqOuSbkYRIcxXiVfjsIgzmtS9bsfvLRlLVRpG2xD3XYIgBUyOCDfPikAK+8psOeU/mEYwydpPTypro79h65P
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.safeofferz.com
referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
:scheme: https
:method: GET
Referer: https://www.safeofferz.com/landing/de/all/revhunters/wasfickt/2/desk/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Sep 2018 22:19:01 GMT
last-modified: Tue, 14 Aug 2018 11:33:24 GMT
server: nginx
etag: "5b72be04-104"
content-type: image/png
status: 200
cache-control: max-age=31536000 public
set-cookie: AWSALB=B55fjjBb9+YU3BGwFyPCJ1dqV/kndrGNF9FsxNdTies3Hb97D9nepMpYLsl67EVM2lFBnzogxNpLZ/WZlaRSxpPYWvryVk+OJ3/SAe6ramg42+vzn+qtY8aBzzOR; Expires=Thu, 20 Sep 2018 22:19:01 GMT; Path=/
accept-ranges: bytes
content-length: 260
expires: Fri, 13 Sep 2019 22:19:01 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.safeofferz.com/	1970-01-18 19:04:41	Name: AWSALB Value: B55fjjBb9+YU3BGwFyPCJ1dqV/kndrGNF9FsxNdTies3Hb97D9nepMpYLsl67EVM2lFBnzogxNpLZ/WZlaRSxpPYWvryVk+OJ3/SAe6ramg42+vzn+qtY8aBzzOR

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: Skipping WebGL fingerprinting because it is not supported in this browser

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d5dcb2107f.fbbdrtp.com
ad1.adspaces.ero-advertising.com
speedclicks.ero-advertising.com
www.safeofferz.com
2001:1aa8:185::212:100
2001:1aa8:185::212:101
52.208.172.46
54.77.207.240
104d4fee220906282bf8eb0e07076462c6ed5c2173aa93ca4aa4ab4e2c4d5fe4
1e758b2adbfa6106a13b0977a81108b4e65d0c5ac6218203b78c9442cb9d8931
2bc562d4b199d8fc6ce9e7b7e7ab4aef4d3f07733aa597c38e7a6c23398dba2a
2c7627057a3fdc0a5fcd553ef813cda9811d6323f2dbc09f57c187db24acd24b
37a955a56b089fef390511155ad8efd228b58d04d8236a9138fe2901470b4f36
4ac73b5fb1aa8856748701c9b57b06415a0003257eaba2abdc3bc599e4f8dbf9
9156b926e7e67473a02898f9cd9c28627cfa4d88503e3826078fdda3a1a0e47e
b6f4069abc47427473df37030cff9be0f0fabe9ad9588c3457ded727945e94ce
be3276d34484cfcbf27ec9548b2203655b6c8b8393cf2c5098a1b1dc66811386
cc7242b21c18e8b225f84daced3b19175b556d9940cb2287beedef81ca2c2844
dd8326dd1e2932295026589131c860fcbfd8b3b32f9e1399f6bce6d9178fe7bc
eb78afe5bde5d281e2b3229ba9f38b9f57cda9fc85e40a2f78b292938826e895
ec780dc692bfc5e0d3466918c05ec2867eda6e798083c6f6b2937a921caf3625
f9ab7383272a5c0ae1d3d7ca12cd6943e23a36741f267752466ab196e291beb1

www.safeofferz.com Open in urlscan Pro 54.77.207.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

172 kBTransfer

247 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

www.safeofferz.com Open in urlscan Pro
54.77.207.240 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

172 kB
Transfer

247 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions