usafreeoffers.freeleads.site

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 217.70.184.50, located in France and belongs to GANDI-AS Domain name registrar - http://www.gandi.net, FR. The main domain is usafreeoffers.freeleads.site.

This is the only time usafreeoffers.freeleads.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.55.72.95 45.55.72.95	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1	217.70.184.50 217.70.184.50	29169 (GANDI-AS ...) (GANDI-AS Domain name registrar - http://www.gandi.net)
1	2606:4700:20:... 2606:4700:20::6819:9321	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2

1 45.55.72.95 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: redirect.name

freestuff.giveawaysusa.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.70.184.50 (France)

ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR)
PTR: webredir.vip.gandi.net

usafreeoffers.freeleads.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:9321 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.cpagrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	cpagrip.com www.cpagrip.com
1	freeleads.site usafreeoffers.freeleads.site	602 B
1	giveawaysusa.xyz 1 redirects freestuff.giveawaysusa.xyz	166 B
2	3

	Domain	Requested by
1	www.cpagrip.com	usafreeoffers.freeleads.site
1	usafreeoffers.freeleads.site
1	freestuff.giveawaysusa.xyz	1 redirects
2	3

This site contains no links.

Subject Issuer	Validity	Valid
ssl380556.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-11` - `2020-03-19`	6 months	crt.sh

This page contains 2 frames:

Primary Page: http://usafreeoffers.freeleads.site/
Frame ID: CD5EE582FED966ABB57BD05AA20D78AA
Requests: 1 HTTP requests in this frame

Frame: https://www.cpagrip.com/show.php?l=0&u=230775&id=23656
Frame ID: D8E1C4BEAE11DB7DD926D03FDA999866
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://freestuff.giveawaysusa.xyz/ HTTP 302
http://usafreeoffers.freeleads.site/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

2
Requests

50 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freestuff.giveawaysusa.xyz/ HTTP 302
http://usafreeoffers.freeleads.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response usafreeoffers.freeleads.site/ Redirect Chain http://freestuff.giveawaysusa.xyz/ http://usafreeoffers.freeleads.site/	556 B 602 B	302ms 30ms	Document text/html	217.70.184.50 http://www.gandi.net
General Check archive.org Show headers Download Go to Full URL http://usafreeoffers.freeleads.site/ Protocol HTTP/1.1 Server 217.70.184.50 , France, ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR), Reverse DNS webredir.vip.gandi.net Software nginx / Resource Hash `832d9519e36acc012adddec532b41a2b4ad72c7d4cf2e37c4c2a5d539222c45c` Request headers Host usafreeoffers.freeleads.site Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Thu, 24 Oct 2019 07:33:43 GMT Content-Type text/html Transfer-Encoding chunked Connection close Vary Accept-Encoding Accept-Language X-Location https://www.cpagrip.com/show.php?l=0&u=230775&id=23656 Content-Encoding gzip Redirect headers Location http://usafreeoffers.freeleads.site Date Thu, 24 Oct 2019 07:43:07 GMT Content-Length 58 Content-Type text/html; charset=utf-8
GET H2	200	show.php www.cpagrip.com/ Frame D8E1	0 0	455ms 420ms	Document text/html	2606:4700:20::6819:9321 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.cpagrip.com/show.php?l=0&u=230775&id=23656 Requested by Host: usafreeoffers.freeleads.site URL: http://usafreeoffers.freeleads.site/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::6819:9321 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority www.cpagrip.com :scheme https :path /show.php?l=0&u=230775&id=23656 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer http://usafreeoffers.freeleads.site/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer http://usafreeoffers.freeleads.site/ Response headers status 200 date Thu, 24 Oct 2019 07:33:43 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d0efad0049e1c46173d049cf4d4ace3641571902423; expires=Fri, 23-Oct-20 07:33:43 GMT; path=/; domain=.cpagrip.com; HttpOnly cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 52aa43a2ea165a06-VIE content-encoding br

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			t.trackingrace.online/	1970-01-20 06:03:58	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3Ny4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IFg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgSGVhZGxlc3NDaHJvbWUvNzcuMC4zODY1Ljc1IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
			t.trackingrace.online/	1970-01-19 05:23:00	Name: enc_aff_session_635818 Value: ENC03a26c7cd49a31089538d90d302d15a80c79dc40ed44d4dcaa841ba09dded6bdbcc530849fb2e1695a5ae9dc64659e7fdd47264e5b049258102160705f8f30e1da96280cc6e11b6229efddae60f848b9339db199f76f74ece4b2e902f081c4677ce64a118728727cb90f0f97be0b867ccfa93e0aa782678a2f3ad9c58f03c22a5023ec3afc65b9c650468577b6e5120b6168493e7a004f0afe0425217bd6c4ecb2a765c38b195471895e156174145f753aa00a7d1310112e92a5831b26e6e6bf2a097152cc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

freestuff.giveawaysusa.xyz
usafreeoffers.freeleads.site
www.cpagrip.com
217.70.184.50
2606:4700:20::6819:9321
45.55.72.95
832d9519e36acc012adddec532b41a2b4ad72c7d4cf2e37c4c2a5d539222c45c

usafreeoffers.freeleads.site Open in urlscan Pro 217.70.184.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

2 Requests

50 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

1 kBTransfer

1 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Indicators

usafreeoffers.freeleads.site Open in urlscan Pro
217.70.184.50 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

2
Cookies

2 HTTP transactions
0 data transactions