offersmarketplace.com Open in urlscan Pro
18.164.96.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://world.vardhj.com/2640682gK7013006gH0Yx0FC39vkr172766ZY
Effective URL:
https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0
Submission: On June 07 via manual (June 7th 2023, 2:07:52 pm UTC) from SE — Scanned from CA

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 18.164.96.10, located in United States and belongs to AMAZON-02, US. The main domain is offersmarketplace.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 27th 2023. Valid for: a year.

This is the only time offersmarketplace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	209.200.252.79 209.200.252.79	44486 (SYNLINQ s...) (SYNLINQ synlinq.de)
1	172.105.7.152 172.105.7.152	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3	172.67.75.53 172.67.75.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	18.164.96.10 18.164.96.10	16509 (AMAZON-02) (AMAZON-02)
14	3

1 209.200.252.79 (Canada) 1 redirects

ASN44486 (SYNLINQ synlinq.de, DE)
PTR: ssr79.udabee.org

world.vardhj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.7.152 (Toronto, Canada)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-105-7-152.ip.linodeusercontent.com

www.affluencetous.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.75.53 (United States)

ASN13335 (CLOUDFLARENET, US)

adsurf.truest.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.164.96.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-10.jfk50.r.cloudfront.net

offersmarketplace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	offersmarketplace.com offersmarketplace.com	728 KB
3	truest.at adsurf.truest.at	17 KB
1	affluencetous.com www.affluencetous.com	458 B
1	vardhj.com 1 redirects world.vardhj.com	370 B
14	4

	Domain	Requested by
10	offersmarketplace.com	adsurf.truest.at offersmarketplace.com
3	adsurf.truest.at	www.affluencetous.com adsurf.truest.at
1	www.affluencetous.com
1	world.vardhj.com	1 redirects
14	4

This site contains no links.

Subject Issuer	Validity	Valid
www.affluencetous.com R3	`2023-06-05` - `2023-09-03`	3 months	crt.sh
truest.at E1	`2023-04-21` - `2023-07-20`	3 months	crt.sh
offersmarketplace.com Amazon RSA 2048 M02	`2023-04-27` - `2024-05-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0
Frame ID: DD81FDC977FFF93BAB807426DB68691C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top Offers - US

Page URL History Show full URLs

http://world.vardhj.com/2640682gK7013006gH0Yx0FC39vkr172766ZY HTTP 302
https://www.affluencetous.com/Wny2dN450rdXxsfEnaWP2n7ShKN8zCl_NcI0TtmCxeB_WDxFbvdD9Sgwyv5LMxhnznnstHpDemEH... Page URL
https://adsurf.truest.at/link/geo-redirect?subid_1=650068&subid_2=328&subid_3=336818534 Page URL
https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

746 kB
Transfer

1043 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://world.vardhj.com/2640682gK7013006gH0Yx0FC39vkr172766ZY HTTP 302
https://www.affluencetous.com/Wny2dN450rdXxsfEnaWP2n7ShKN8zCl_NcI0TtmCxeB_WDxFbvdD9Sgwyv5LMxhnznnstHpDemEHrs4-hwazIw~~/8b-2640682-7013006-172766-0-/03134 Page URL
https://adsurf.truest.at/link/geo-redirect?subid_1=650068&subid_2=328&subid_3=336818534 Page URL
https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://world.vardhj.com/2640682gK7013006gH0Yx0FC39vkr172766ZY HTTP 302
https://www.affluencetous.com/Wny2dN450rdXxsfEnaWP2n7ShKN8zCl_NcI0TtmCxeB_WDxFbvdD9Sgwyv5LMxhnznnstHpDemEHrs4-hwazIw~~/8b-2640682-7013006-172766-0-/03134

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	03134 www.affluencetous.com/Wny2dN450rdXxsfEnaWP2n7ShKN8zCl_NcI0TtmCxeB_WDxFbvdD9Sgwyv5LMxhnznnstHpDemEHrs4-hwazIw~~/8b-2640682-7013006-172766-0-/ Redirect Chain http://world.vardhj.com/2640682gK7013006gH0Yx0FC39vkr172766ZY https://www.affluencetous.com/Wny2dN450rdXxsfEnaWP2n7ShKN8zCl_NcI0TtmCxeB_WDxFbvdD9Sgwyv5LMxhnznnstHpDemEHrs4-hwazIw~~/8b-2640682-7013006-172766-0-/03134	150 B 458 B	243ms 171ms	Document text/html	172.105.7.152 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://www.affluencetous.com/Wny2dN450rdXxsfEnaWP2n7ShKN8zCl_NcI0TtmCxeB_WDxFbvdD9Sgwyv5LMxhnznnstHpDemEHrs4-hwazIw~~/8b-2640682-7013006-172766-0-/03134 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.105.7.152 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-105-7-152.ip.linodeusercontent.com Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Content-Length 150 Content-Type text/html; charset=UTF-8 Date Wed, 07 Jun 2023 14:07:47 GMT Server Apache Redirect headers Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Wed, 07 Jun 2023 14:07:46 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.6 (CentOS) location https://www.affluencetous.com/Wny2dN450rdXxsfEnaWP2n7ShKN8zCl_NcI0TtmCxeB_WDxFbvdD9Sgwyv5LMxhnznnstHpDemEHrs4-hwazIw~~/8b-2640682-7013006-172766-0-/03134
GET H2	200	geo-redirect Show response adsurf.truest.at/link/	1 KB 1 KB	418ms 334ms	Document text/html	172.67.75.53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsurf.truest.at/link/geo-redirect?subid_1=650068&subid_2=328&subid_3=336818534 Requested by Host: www.affluencetous.com URL: https://www.affluencetous.com/Wny2dN450rdXxsfEnaWP2n7ShKN8zCl_NcI0TtmCxeB_WDxFbvdD9Sgwyv5LMxhnznnstHpDemEHrs4-hwazIw~~/8b-2640682-7013006-172766-0-/03134 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.75.53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6594893ccc08fd344fad5f7cb207889022b7900c291ffa9f0e2510b89bc4861e` Request headers Referer https://www.affluencetous.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control no-store, private cf-cache-status DYNAMIC cf-ray 7d3976a20acd5a51-IAD content-encoding br content-type text/html; charset=UTF-8 date Wed, 07 Jun 2023 14:07:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B79nNAISR4GyFDSErsdJ6uetFjtKpuZJLNozIHCut1iUgPQUFkQVzW9TrWT6IsnS6iWKWRZeCOqaVw83fK6MwGZorD%2F0ztXpoeIh0wpKk7CxTFWdN1HLv41lFevvddyiVGQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	event.js Show response adsurf.truest.at/lib/	37 KB 16 KB	37ms 36ms	Script application/javascript	172.67.75.53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsurf.truest.at/lib/event.js Requested by Host: adsurf.truest.at URL: https://adsurf.truest.at/link/geo-redirect?subid_1=650068&subid_2=328&subid_3=336818534 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.75.53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `64381c924dc2fd0448efd6c12c4a471d98073b64eef4347574070855e9de5c17` Request headers accept-language en-CA,en;q=0.9 Referer https://adsurf.truest.at/link/geo-redirect?subid_1=650068&subid_2=328&subid_3=336818534 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 14:07:47 GMT content-encoding br cf-cache-status HIT last-modified Wed, 31 May 2023 21:16:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5319 etag W/"6477b913-9434" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNLI0L2AonO2f%2BDPAaPnYEVYIPZ3jIvlPE2nII65hOTipiymUCJg%2BHefHuCXFCve%2BXyj%2B6IzmYwEJKXdjG7gEBRKkTZtC3v0Eb8KOfcnGW6y5EHN9YyLDN8EjETTNrEsDsk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7d3976a43c9b5a51-IAD
PUT H2	200	a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 adsurf.truest.at/event/	55 B 383 B	167ms 166ms	Fetch application/json	172.67.75.53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsurf.truest.at/event/a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Requested by Host: adsurf.truest.at URL: https://adsurf.truest.at/lib/event.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.75.53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Access-Control-Allow-Origin * Referer https://adsurf.truest.at/link/geo-redirect?subid_1=650068&subid_2=328&subid_3=336818534 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers date Wed, 07 Jun 2023 14:07:48 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wm%2BLE4oqDfItDJhV6eKwSfUizY%2FiVvbzVDkJrHZjeB%2FaUbXGGLLxTnExxhNIsiXiSIqvCzzLyUAtoFTKh%2FCfrl8n3dPPe%2BuwCARM41iwXOcVJsPB3uA%2BL9%2BRnGMQ7BK7jH4%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control no-cache, private cf-ray 7d3976a50d435a51-IAD
GET H2	200	Primary Request index.html Show response offersmarketplace.com/us/	5 KB 5 KB	88ms 20ms	Document text/html	18.164.96.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Requested by Host: adsurf.truest.at URL: https://adsurf.truest.at/lib/event.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-10.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `74aaf64b91d7afdadd7ee04fb01af8f2e1a1eb2aa48ee1c4750b36493d1bd229` Request headers Referer https://adsurf.truest.at/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 900 content-length 4868 content-type text/html date Wed, 07 Jun 2023 13:52:49 GMT etag "02f121d1a4da0ed57fbf42e332c96b5c" last-modified Thu, 18 May 2023 19:48:56 GMT server AmazonS3 vary Accept-Encoding via 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront) x-amz-cf-id RujTX-dKoDlIeXr6Rsn4A3QSqgwrrbt2eAIfYEqPZ559aXlMPZDoAQ== x-amz-cf-pop JFK50-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	bootstrap.min.css offersmarketplace.com/us/assets/bootstrap/css/	190 KB 24 KB	22ms 21ms	Stylesheet text/css	18.164.96.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://offersmarketplace.com/us/assets/bootstrap/css/bootstrap.min.css Requested by Host: offersmarketplace.com URL: https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-10.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `600b588354f9e17a356c8beb56a909eeb070ec2502ca2b0bc4abd4d44631848f` Request headers accept-language en-CA,en;q=0.9 Referer https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 06 Jun 2023 17:39:21 GMT content-encoding br via 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront) last-modified Mon, 01 May 2023 20:22:06 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 73708 etag W/"6f8f87b21199594514509e39a66403f0" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id Jg42e3K5HPDRnZQHVaJGRSRy01hueCJ1DHy26qBes2Z16nC-lRbxqw==
GET H2	200	Features-Cards-icons.css offersmarketplace.com/us/assets/css/	967 B 1 KB	22ms 21ms	Stylesheet text/css	18.164.96.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://offersmarketplace.com/us/assets/css/Features-Cards-icons.css Requested by Host: offersmarketplace.com URL: https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-10.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `e70b03eec37d9c4ba1bcdac4af99a47e0281860c88f015c2902e0b0949445b27` Request headers accept-language en-CA,en;q=0.9 Referer https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 06 Jun 2023 19:57:43 GMT via 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront) last-modified Mon, 01 May 2023 20:22:05 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 65406 etag "befd8a398792e305b7ffd4a176b5b585" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type text/css accept-ranges bytes content-length 967 x-amz-cf-id OJ5N9MU6BV27JUd5KnP_9zW3w7XCoW1g2b1uSauwwpw7WUe0zdB3gQ==
GET H2	403	styles.css offersmarketplace.com/us/assets/css/	0 0	108ms 107ms	Stylesheet application/xml	18.164.96.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://offersmarketplace.com/us/assets/css/styles.css Requested by Host: offersmarketplace.com URL: https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-10.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Wed, 07 Jun 2023 14:07:47 GMT via 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront) server AmazonS3 x-amz-cf-pop JFK50-P5 x-amz-cf-id YMwkktBLPHw5Ys86tiVvrCxtxmCLFqSB586P6_FweedyOmxkCk7UuA== x-cache Error from cloudfront content-type application/xml
GET H2	200	untitled-1.css offersmarketplace.com/us/assets/css/	181 B 534 B	23ms 22ms	Stylesheet text/css	18.164.96.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://offersmarketplace.com/us/assets/css/untitled-1.css Requested by Host: offersmarketplace.com URL: https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-10.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `502aaf6a0d59131dc0b4848e3aed09c6e0a562a1413eec80027dc2efbb9bc83a` Request headers accept-language en-CA,en;q=0.9 Referer https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 06 Jun 2023 19:57:43 GMT via 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront) last-modified Mon, 01 May 2023 20:22:04 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 65406 etag "b20c9912543f4fd4f1bf60956b97d99d" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type text/css accept-ranges bytes content-length 181 x-amz-cf-id GdjS_d32JklTFNsmkgH82rFUwFbaXL0fie1fU_gehVTJq59hf8dpnA==
GET H2	200	untitled.css offersmarketplace.com/us/assets/css/	171 B 523 B	26ms 25ms	Stylesheet text/css	18.164.96.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://offersmarketplace.com/us/assets/css/untitled.css Requested by Host: offersmarketplace.com URL: https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-10.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `5dd80f7adf6a71d3285fd76a308773af58f228c909d301e90776a86b8d9d4ddb` Request headers accept-language en-CA,en;q=0.9 Referer https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 06 Jun 2023 16:57:49 GMT via 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront) last-modified Mon, 01 May 2023 20:22:05 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 76200 etag "d3e0add1416d5d12123b685bca1517fe" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type text/css accept-ranges bytes content-length 171 x-amz-cf-id VQPhIb5udqa_gG6bln9cLRHxi_nl0kgJIzCi751cgvRqMB530H8VdQ==
GET H2	200	clean.png offersmarketplace.com/us/assets/img/	204 KB 205 KB	34ms 33ms	Image image/png	18.164.96.10 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://offersmarketplace.com/us/assets/img/clean.png Requested by Host: offersmarketplace.com URL: https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-10.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `2d7e840af526169798b3d248a9c33ba2953d67d19dcef60f2ac4ac0cbb7c48a6` Request headers accept-language en-CA,en;q=0.9 Referer https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 06 Jun 2023 17:56:40 GMT via 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront) last-modified Thu, 11 May 2023 23:21:01 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 72669 etag "2f5dc64af54af2dbe3c1820c5df1bb3f" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 208988 x-amz-cf-id 7NuuVAoxwmXdvZ8nzZ-KDx4OFpNVnHXY9ZlJKEKDDztK0Co1RciJCg==
GET H2	200	25039_10000271.gif offersmarketplace.com/us/assets/img/	440 KB 441 KB	40ms 39ms	Image image/gif	18.164.96.10 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://offersmarketplace.com/us/assets/img/25039_10000271.gif Requested by Host: offersmarketplace.com URL: https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-10.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `e4f6253b8255af8e704d774ed831ee6c2c6e30a3d4f13a04062f9b4850162da1` Request headers accept-language en-CA,en;q=0.9 Referer https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 06 Jun 2023 20:01:53 GMT via 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront) last-modified Thu, 11 May 2023 23:21:03 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 65156 etag "bec135cdb891869e1b31e78ba5ee42c9" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/gif accept-ranges bytes content-length 450507 x-amz-cf-id TL74eDmgEKePRo-rz_c59uuTstYKqifW6geCloM6A1WmFvg-3S0C3A==
GET H2	200	bootstrap.min.js Show response offersmarketplace.com/us/assets/bootstrap/js/	78 KB 22 KB	37ms 36ms	Script application/javascript	18.164.96.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://offersmarketplace.com/us/assets/bootstrap/js/bootstrap.min.js Requested by Host: offersmarketplace.com URL: https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-10.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `0ff3cadb509482ccb23bb600c5c01eb721877a5cd7187d96c8b0af2135c29ca7` Request headers accept-language en-CA,en;q=0.9 Referer https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 06 Jun 2023 17:38:41 GMT content-encoding br via 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront) last-modified Mon, 01 May 2023 20:22:06 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 73748 etag W/"7d3cf48f5bba5db5258a2ff0f65ef00f" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id TSRM6qoDMUQTIlAGTwh91n3N-0ZnZ6MF8-LOT4oSMBJcvgCR1j6vmg==
GET H2	200	jquery-3.7.0.min.js Show response offersmarketplace.com/us/assets/js/	85 KB 29 KB	35ms 34ms	Script application/javascript	18.164.96.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://offersmarketplace.com/us/assets/js/jquery-3.7.0.min.js Requested by Host: offersmarketplace.com URL: https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-10.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash `d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8` Request headers accept-language en-CA,en;q=0.9 Referer https://offersmarketplace.com/us/index.html?source=328&event_id=a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Tue, 06 Jun 2023 16:57:49 GMT content-encoding br via 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront) last-modified Thu, 11 May 2023 23:20:38 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 76200 etag W/"e6c2415c0ace414e5153670314ce99a9" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id rM3xxGSQfX_EfriK5ghwiAQKaP95aiqkdsstReRtbunAC9JX_msdRg==

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.affluencetous.com/	1970-01-20 13:05:38	Name: uid550 Value: 336818534-20230607100747-d7d35bbe01796abe471523f374eeb04a-
			.adsurf.truest.at/	1970-01-20 21:58:26	Name: TSEvent Value: ["a7dbf1bc-e4b9-46e3-a430-69bfe5c2dfe0"]

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://offersmarketplace.com/us/assets/css/styles.css Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsurf.truest.at
offersmarketplace.com
world.vardhj.com
www.affluencetous.com
172.105.7.152
172.67.75.53
18.164.96.10
209.200.252.79
0ff3cadb509482ccb23bb600c5c01eb721877a5cd7187d96c8b0af2135c29ca7
2d7e840af526169798b3d248a9c33ba2953d67d19dcef60f2ac4ac0cbb7c48a6
502aaf6a0d59131dc0b4848e3aed09c6e0a562a1413eec80027dc2efbb9bc83a
5dd80f7adf6a71d3285fd76a308773af58f228c909d301e90776a86b8d9d4ddb
600b588354f9e17a356c8beb56a909eeb070ec2502ca2b0bc4abd4d44631848f
64381c924dc2fd0448efd6c12c4a471d98073b64eef4347574070855e9de5c17
6594893ccc08fd344fad5f7cb207889022b7900c291ffa9f0e2510b89bc4861e
74aaf64b91d7afdadd7ee04fb01af8f2e1a1eb2aa48ee1c4750b36493d1bd229
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
e4f6253b8255af8e704d774ed831ee6c2c6e30a3d4f13a04062f9b4850162da1
e70b03eec37d9c4ba1bcdac4af99a47e0281860c88f015c2902e0b0949445b27

offersmarketplace.com Open in urlscan Pro 18.164.96.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

746 kBTransfer

1043 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

offersmarketplace.com Open in urlscan Pro
18.164.96.10 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

746 kB
Transfer

1043 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions