offergeos.com
Open in
urlscan Pro
2606:4700:3035::6815:309f
Public Scan
Effective URL: https://offergeos.com/?s1=remy.franquinet@telenet.be
Submission: On June 27 via api from BE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 12th 2021. Valid for: a year.
This is the only time offergeos.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.111.71.11 13.111.71.11 | 22606 (EXACT-7) (EXACT-7) | |
1 1 | 2606:4700:303... 2606:4700:3035::ac43:9e02 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 50.97.244.203 50.97.244.203 | 36351 (SOFTLAYER) (SOFTLAYER) | |
1 | 2606:4700:303... 2606:4700:3035::6815:309f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.22.53.65 104.22.53.65 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 35.202.21.90 35.202.21.90 | 15169 (GOOGLE) (GOOGLE) | |
1 | 34.107.203.240 34.107.203.240 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:812::2013 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:829::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 35.192.151.63 35.192.151.63 | 15169 (GOOGLE) (GOOGLE) | |
14 | 9 |
ASN22606 (EXACT-7, US)
PTR: click.s11.exacttarget.com
click.email-dailymoneyreports.com |
ASN15169 (GOOGLE, US)
PTR: 90.21.202.35.bc.googleusercontent.com
leadpages.live |
ASN15169 (GOOGLE, US)
PTR: 240.203.107.34.bc.googleusercontent.com
static.leadpages.net |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
ASN15169 (GOOGLE, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
leadpages.io
api.leadpages.io |
1 KB |
2 |
gstatic.com
fonts.gstatic.com |
46 KB |
2 |
center.io
js.center.io |
8 KB |
2 |
statcounter.com
www.statcounter.com c.statcounter.com |
13 KB |
1 |
googleusercontent.com
lh3.googleusercontent.com |
6 KB |
1 |
googleapis.com
fonts.googleapis.com |
510 B |
1 |
leadpages.net
static.leadpages.net |
14 KB |
1 |
leadpages.live
leadpages.live |
15 KB |
1 |
offergeos.com
offergeos.com |
1 KB |
1 |
clkmg.com
1 redirects
www.clkmg.com |
641 B |
1 |
todaynewsamerica.com
1 redirects
todaynewsamerica.com |
816 B |
1 |
email-dailymoneyreports.com
1 redirects
click.email-dailymoneyreports.com |
266 B |
14 | 12 |
Domain | Requested by | |
---|---|---|
3 | api.leadpages.io |
js.center.io
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | js.center.io |
leadpages.live
js.center.io |
1 | lh3.googleusercontent.com |
leadpages.live
|
1 | fonts.googleapis.com |
leadpages.live
|
1 | static.leadpages.net |
leadpages.live
|
1 | c.statcounter.com |
www.statcounter.com
|
1 | leadpages.live |
offergeos.com
|
1 | www.statcounter.com |
offergeos.com
|
1 | offergeos.com | |
1 | www.clkmg.com | 1 redirects |
1 | todaynewsamerica.com | 1 redirects |
1 | click.email-dailymoneyreports.com | 1 redirects |
14 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-01-12 - 2022-01-11 |
a year | crt.sh |
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA |
2020-10-13 - 2021-11-13 |
a year | crt.sh |
leadpages.live R3 |
2021-05-22 - 2021-08-20 |
3 months | crt.sh |
static.leadpages.net GTS CA 1D4 |
2021-05-13 - 2021-08-11 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-05-31 - 2021-08-23 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2021-05-31 - 2021-08-23 |
3 months | crt.sh |
*.center.io Go Daddy Secure Certificate Authority - G2 |
2020-01-21 - 2022-01-21 |
2 years | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-05-31 - 2021-08-23 |
3 months | crt.sh |
*.leadpages.io Go Daddy Secure Certificate Authority - G2 |
2019-11-12 - 2021-11-12 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
https://offergeos.com/?s1=remy.franquinet@telenet.be
Frame ID: 510030EE17DA0E1BF867643F33E46D2B
Requests: 3 HTTP requests in this frame
Frame:
https://leadpages.live/offergeoscom/
Frame ID: D11557C7BFA7B4C710FD9AB529DBA390
Requests: 10 HTTP requests in this frame
Frame:
https://js.center.io/identify.html
Frame ID: F4200CF401EDA2912C0D041E993FD60D
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://click.email-dailymoneyreports.com/?qs=a78f32f130d3331de7bc67fe1b9a50846ac29db995654948027bd8c964e2ab9bc9ed3a90...
HTTP 302
https://todaynewsamerica.com/americareborn05/remy.franquinet@telenet.be/exacttarget/ad6/ASH HTTP 302
https://www.clkmg.com/clicksonclicks/americareborn05/remy.franquinet@telenet.be/exacttarget/ad6/ASH HTTP 302
https://offergeos.com/?s1=remy.franquinet@telenet.be Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Statcounter (Analytics) Expand
Detected patterns
- script /statcounter\.com\/counter\/counter/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://click.email-dailymoneyreports.com/?qs=a78f32f130d3331de7bc67fe1b9a50846ac29db995654948027bd8c964e2ab9bc9ed3a906c7ec1d7a227189b6f08c20558a7a321157997037fca0cf1c60e1f12
HTTP 302
https://todaynewsamerica.com/americareborn05/remy.franquinet@telenet.be/exacttarget/ad6/ASH HTTP 302
https://www.clkmg.com/clicksonclicks/americareborn05/remy.franquinet@telenet.be/exacttarget/ad6/ASH HTTP 302
https://offergeos.com/?s1=remy.franquinet@telenet.be Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
offergeos.com/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
counter.js
www.statcounter.com/counter/ |
38 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
leadpages.live/offergeoscom/ Frame D115 |
76 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t.php
c.statcounter.com/ |
192 B 584 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame D115 |
58 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame D115 |
2 KB 510 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l1drZo3VHqqDYHF-d4garLdWVUrEHBFtZBGrpCcUTgfbDZNINzb3JVPI3vDDaLLJHhNrn5GreGbjlDTlXGDwxaKuqSQnvG0RggY=s0
lh3.googleusercontent.com/ Frame D115 |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
center.js
js.center.io/ Frame D115 |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame D115 |
22 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame D115 |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify.html
js.center.io/ Frame F420 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
capture
api.leadpages.io/analytics/v1/events/ Frame D115 |
35 B 673 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
capture
api.leadpages.io/analytics/v1/observations/ Frame D115 |
35 B 353 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
capture
api.leadpages.io/analytics/v1/observations/ Frame D115 |
35 B 435 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| run number| sc_project number| sc_invisible string| sc_security number| sc_https number| sc_remove_link function| _statcounter1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.offergeos.com/ | Name: sc_is_visitor_unique Value: rx12462612.1624769949.D9906D9A1A764FD313693FB7ACB8476F.1.1.1.1.1.1.1.1.1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.leadpages.io
c.statcounter.com
click.email-dailymoneyreports.com
fonts.googleapis.com
fonts.gstatic.com
js.center.io
leadpages.live
lh3.googleusercontent.com
offergeos.com
static.leadpages.net
todaynewsamerica.com
www.clkmg.com
www.statcounter.com
104.22.53.65
13.111.71.11
2606:4700:3035::6815:309f
2606:4700:3035::ac43:9e02
2a00:1450:4001:812::2013
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2001
34.107.203.240
35.192.151.63
35.202.21.90
50.97.244.203
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
407ffbf711b741efda61512408e773b84dd99b413fb4c6621717a4d8548b547a
4b30269952526f70a3e544c07993bbe191e214805c820da9108770e712812333
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7a2dd21532e68bb69249e38f9f22315cd53843f618a78b6169c3ae64ac02294f
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9bd4667051083414e6918c646422069fdd0292fb55aff0e8b807ec4fbb496c09
c0f14378bbdaf4f748b59cf0e5c5850a7db2358101312438091a047cc7252e46
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415