urlscan.io logo urlscan.io
SecurityTrails logo

offergeos.com Open in urlscan Pro
2606:4700:3035::6815:309f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.email-dailymoneyreports.com/?qs=a78f32f130d3331de7bc67fe1b9a50846ac29db995654948027bd8c964e2ab9bc9ed3a906c7ec1d7a227189b6f08...
Effective URL: https://offergeos.com/?s1=remy.franquinet@telenet.be
Submission: On June 27 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 12 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3035::6815:309f, located in United States and belongs to CLOUDFLARENET, US. The main domain is offergeos.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 12th 2021. Valid for: a year.
This is the only time offergeos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.71.11 22606 (EXACT-7)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 50.97.244.203 36351 (SOFTLAYER)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 104.22.53.65 13335 (CLOUDFLAR...)
1 35.202.21.90 15169 (GOOGLE)
1 34.107.203.240 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 35.192.151.63 15169 (GOOGLE)
14 9
1    13.111.71.11 (United States)

ASN22606 (EXACT-7, US)
PTR: click.s11.exacttarget.com
click.email-dailymoneyreports.com
1    2606:4700:3035::ac43:9e02 (United States)

ASN13335 (CLOUDFLARENET, US)
todaynewsamerica.com
1    50.97.244.203 (San Jose, United States)

ASN36351 (SOFTLAYER, US)
PTR: clkmg.com
www.clkmg.com
1    2606:4700:3035::6815:309f (United States)

ASN13335 (CLOUDFLARENET, US)
offergeos.com
2    104.22.53.65 (United States)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
1    35.202.21.90 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 90.21.202.35.bc.googleusercontent.com
leadpages.live
1    34.107.203.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.203.107.34.bc.googleusercontent.com
static.leadpages.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2a00:1450:4001:812::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
js.center.io
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    35.192.151.63 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io
Domain Requested by
3 api.leadpages.io js.center.io
2 fonts.gstatic.com fonts.googleapis.com
2 js.center.io leadpages.live
js.center.io
1 lh3.googleusercontent.com leadpages.live
1 fonts.googleapis.com leadpages.live
1 static.leadpages.net leadpages.live
1 c.statcounter.com www.statcounter.com
1 leadpages.live offergeos.com
1 www.statcounter.com offergeos.com
1 offergeos.com
1 www.clkmg.com 1 redirects
1 todaynewsamerica.com 1 redirects
1 click.email-dailymoneyreports.com 1 redirects
14 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-12 -
2022-01-11		 a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-11-13		 a year crt.sh
leadpages.live
R3		 2021-05-22 -
2021-08-20		 3 months crt.sh
static.leadpages.net
GTS CA 1D4		 2021-05-13 -
2021-08-11		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.center.io
Go Daddy Secure Certificate Authority - G2		 2020-01-21 -
2022-01-21		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.leadpages.io
Go Daddy Secure Certificate Authority - G2		 2019-11-12 -
2021-11-12		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://offergeos.com/?s1=remy.franquinet@telenet.be
Frame ID: 510030EE17DA0E1BF867643F33E46D2B
Requests: 3 HTTP requests in this frame

Frame: https://leadpages.live/offergeoscom/
Frame ID: D11557C7BFA7B4C710FD9AB529DBA390
Requests: 10 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: F4200CF401EDA2912C0D041E993FD60D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://click.email-dailymoneyreports.com/?qs=a78f32f130d3331de7bc67fe1b9a50846ac29db995654948027bd8c964e2ab9bc9ed3a90... HTTP 302
    https://todaynewsamerica.com/americareborn05/remy.franquinet@telenet.be/exacttarget/ad6/ASH HTTP 302
    https://www.clkmg.com/clicksonclicks/americareborn05/remy.franquinet@telenet.be/exacttarget/ad6/ASH HTTP 302
    https://offergeos.com/?s1=remy.franquinet@telenet.be Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /statcounter\.com\/counter\/counter/i

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

12
Domains

13
Subdomains

9
IPs

2
Countries

104 kB
Transfer

243 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.email-dailymoneyreports.com/?qs=a78f32f130d3331de7bc67fe1b9a50846ac29db995654948027bd8c964e2ab9bc9ed3a906c7ec1d7a227189b6f08c20558a7a321157997037fca0cf1c60e1f12 HTTP 302
    https://todaynewsamerica.com/americareborn05/remy.franquinet@telenet.be/exacttarget/ad6/ASH HTTP 302
    https://www.clkmg.com/clicksonclicks/americareborn05/remy.franquinet@telenet.be/exacttarget/ad6/ASH HTTP 302
    https://offergeos.com/?s1=remy.franquinet@telenet.be Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offergeos.com/
Redirect Chain
  • http://click.email-dailymoneyreports.com/?qs=a78f32f130d3331de7bc67fe1b9a50846ac29db995654948027bd8c964e2ab9bc9ed3a906c7ec1d7a227189b6f08c20558a7a321157997037fca0cf1c60e1f12
  • https://todaynewsamerica.com/americareborn05/remy.franquinet@telenet.be/exacttarget/ad6/ASH
  • https://www.clkmg.com/clicksonclicks/americareborn05/remy.franquinet@telenet.be/exacttarget/ad6/ASH
  • https://offergeos.com/?s1=remy.franquinet@telenet.be
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offergeos.com/?s1=remy.franquinet@telenet.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:309f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0f14378bbdaf4f748b59cf0e5c5850a7db2358101312438091a047cc7252e46

Request headers

:method
GET
:authority
offergeos.com
:scheme
https
:path
/?s1=remy.franquinet@telenet.be
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 04:59:08 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=600
expires
Sun, 27 Jun 2021 05:09:09 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
cf-request-id
0aed6f01d1000053734a13e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nrq340jF%2BOBHuj%2BPCtBTZ%2FkCUvkBHmacnebs3nfYZmVJ8J7B9a01RFkeveTEPAeVhBxSZsuec9wMr%2FfgxcuK2rYjeY6rLi6Hcbzx%2BzLTorzTKxXg%2FT%2FhBoaqClNnrzdrn0CBysg2JA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
665c1aafbea65373-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date
Sun, 27 Jun 2021 04:59:07 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
235
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Set-Cookie
alc=1; domain=.clkmg.com; expires=Sun Jun 27 04:59:12 2021; path=/; vid=633599732; domain=.clkmg.com; expires=Mon Jun 27 04:59:07 2022; path=/; SameSite=None; Secure;
Location
https://offergeos.com?s1=remy.franquinet@telenet.be
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-CM-FE
httpfe-02.clickmagick.com
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
counter.js
www.statcounter.com/counter/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: offergeos.com
URL: https://offergeos.com/?s1=remy.franquinet@telenet.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd4667051083414e6918c646422069fdd0292fb55aff0e8b807ec4fbb496c09

Request headers

Referer
https://offergeos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 04:59:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Jun 2021 08:51:42 GMT
server
cloudflare
age
28354
etag
W/"60bf2f9e-9987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
665c1ab288324c38-AMS
cf-request-id
0aed6f039400004c38d320c000000001
expires
Sun, 27 Jun 2021 09:06:34 GMT
/
leadpages.live/offergeoscom/ Frame D115 		76 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leadpages.live/offergeoscom/
Requested by
Host: offergeos.com
URL: https://offergeos.com/?s1=remy.franquinet@telenet.be
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
4b30269952526f70a3e544c07993bbe191e214805c820da9108770e712812333
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
leadpages.live
:scheme
https
:path
/offergeoscom/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://offergeos.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://offergeos.com/

Response headers

date
Sun, 27 Jun 2021 04:59:08 GMT
content-type
text/html
vary
Accept-Encoding
etag
W/"ae2615bbfe682e409c3622892238433e"
last-modified
Tue, 12 Jan 2021 19:10:55 GMT
x-cache
MISS, HIT
cache-control
no-cache
server
Leadpages
strict-transport-security
max-age=15768000
content-encoding
br
t.php
c.statcounter.com/ 		192 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12462612&u1=D9906D9A1A764FD313693FB7ACB8476F&java=1&security=562c1ae0&sc_snum=1&sess=8987a3&p=0&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//offergeos.com/%3Fs1%3Dremy.franquinet@telenet.be&t=Offer%20Not%20Available&invisible=1&sc_rum_e_s=2016&sc_rum_e_e=2021&sc_rum_f_s=0&sc_rum_f_e=2014&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Referer
https://offergeos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 04:59:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
665c1ab2d8884c38-AMS
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
https://offergeos.com
access-control-allow-credentials
true
content-type
application/json
cf-request-id
0aed6f03c700004c38c4b07000000001
expires
Mon, 26 Jul 1997 05:00:00 GMT
all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame D115 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by
Host: leadpages.live
URL: https://leadpages.live/offergeoscom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 19:24:28 GMT
content-encoding
gzip
server
Google Frontend
age
1244081
etag
"WBcxNA"
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
28e318396a3bce4907b5d346ecf2355a
cache-control
public, max-age=31536000
alt-svc
clear
content-length
14628
via
1.1 google
expires
Sun, 12 Jun 2022 19:24:28 GMT
css
fonts.googleapis.com/ Frame D115 		2 KB
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,500,700
Requested by
Host: leadpages.live
URL: https://leadpages.live/offergeoscom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a2dd21532e68bb69249e38f9f22315cd53843f618a78b6169c3ae64ac02294f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Jun 2021 03:14:17 GMT
server
ESF
date
Sun, 27 Jun 2021 04:59:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Jun 2021 04:59:09 GMT
l1drZo3VHqqDYHF-d4garLdWVUrEHBFtZBGrpCcUTgfbDZNINzb3JVPI3vDDaLLJHhNrn5GreGbjlDTlXGDwxaKuqSQnvG0RggY=s0
lh3.googleusercontent.com/ Frame D115 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/l1drZo3VHqqDYHF-d4garLdWVUrEHBFtZBGrpCcUTgfbDZNINzb3JVPI3vDDaLLJHhNrn5GreGbjlDTlXGDwxaKuqSQnvG0RggY=s0
Requested by
Host: leadpages.live
URL: https://leadpages.live/offergeoscom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
407ffbf711b741efda61512408e773b84dd99b413fb4c6621717a4d8548b547a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://leadpages.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 04:44:52 GMT
x-content-type-options
nosniff
age
857
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5680
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 25 Jun 2021 04:10:26 GMT
center.js
js.center.io/ Frame D115 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: leadpages.live
URL: https://leadpages.live/offergeoscom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

Referer
https://leadpages.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 04:55:46 GMT
content-encoding
gzip
server
Google Frontend
age
203
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
1d54229cf1d441e9ea4c0f28e5a5215b
cache-control
public, max-age=300
content-length
5417
expires
Sun, 27 Jun 2021 05:00:46 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame D115 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://leadpages.live
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 13:10:17 GMT
x-content-type-options
nosniff
age
402532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 13:10:17 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame D115 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://leadpages.live
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 06:21:47 GMT
x-content-type-options
nosniff
age
340642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 06:21:47 GMT
identify.html
js.center.io/ Frame F420 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

:method
GET
:authority
js.center.io
:scheme
https
:path
/identify.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://leadpages.live/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://leadpages.live/

Response headers

date
Sun, 27 Jun 2021 04:57:24 GMT
expires
Sun, 27 Jun 2021 05:02:24 GMT
etag
"OMWYXg"
x-cloud-trace-context
f423bf8e1c5a6e996760d4da3e3c8d5d
content-type
text/html
content-encoding
gzip
server
Google Frontend
content-length
2016
age
105
cache-control
public, max-age=300
capture
api.leadpages.io/analytics/v1/events/ Frame D115 		35 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=Lo8CuvfEA7jQ8zKUxEnNrW&v=&e=&st=&lc=en-US&pid=No663a88vUTPKZwjxyNcZB-default-prop&uid=YwiM4Ut92Qxeph4Q5SABvi&sid=WFZV4vEdg84NqpqoRYXAYH&cid=lp-Lo8CuvfEA7jQ8zKUxEnNrW&uri=https%3A%2F%2Fleadpages.live%2Foffergeoscom%2F&rf=https%3A%2F%2Foffergeos.com%2F&rx=1600&ry=1200&tz=%2B02%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://leadpages.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Jun 2021 04:59:09 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
159.48.55.6
Content-Type
image/gif
access-control-allow-origin
https://leadpages.live
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
access-control-max-age
600
Connection
keep-alive
x-request-id
00g9s5btsjg1aig0g1kg
capture
api.leadpages.io/analytics/v1/observations/ Frame D115 		35 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=15,255,228,499,1,503,638,638,672,672
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://leadpages.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Jun 2021 04:59:09 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
159.48.55.6
Content-Type
image/gif
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00g9gbchsjgc73r8j9g0
capture
api.leadpages.io/analytics/v1/observations/ Frame D115 		35 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=ZwvR7QzriKXVdsa9iBTBAB&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=34,25.100000381469727,1,395.5
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://leadpages.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Jun 2021 04:59:13 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
159.48.55.6
Content-Type
image/gif
access-control-allow-origin
https://leadpages.live
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
access-control-max-age
600
Connection
keep-alive
x-request-id
00g9s6c7oer0ltsu8i10

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| run number| sc_project number| sc_invisible string| sc_security number| sc_https number| sc_remove_link function| _statcounter

1 Cookies

Domain/Path Name / Value
.offergeos.com/ Name: sc_is_visitor_unique
Value: rx12462612.1624769949.D9906D9A1A764FD313693FB7ACB8476F.1.1.1.1.1.1.1.1.1