www.gorocketoffers.com Open in urlscan Pro
70.32.23.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://confirmationcenterz.com/redirect?target=BASE64aHR0cHM6Ly9zd3BzaGRubWt0Mi5jb20vP2E9MTA1NzYmYz0xNDQwNTEmczE9ZWU1NmM0YTEtZj...
Effective URL:
https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=56943...
Submission: On January 08 via manual (January 8th 2023, 12:32:38 am UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 70.32.23.104, located in United States and belongs to A2HOSTING, US. The main domain is www.gorocketoffers.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 27th 2022. Valid for: 3 months.

This is the only time www.gorocketoffers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.56.134.54 13.56.134.54	16509 (AMAZON-02) (AMAZON-02)
1 1	52.0.212.192 52.0.212.192	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.102.180.111 34.102.180.111	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 13	70.32.23.104 70.32.23.104	55293 (A2HOSTING) (A2HOSTING)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
14	4

1 13.56.134.54 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-134-54.us-west-1.compute.amazonaws.com

confirmationcenterz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.212.192 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-212-192.compute-1.amazonaws.com

swpshdnmkt2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.180.111 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.180.102.34.bc.googleusercontent.com

www.piahja3k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 70.32.23.104 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: mi3-ts12.a2hosting.com

www.gorocketoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	gorocketoffers.com 1 redirects www.gorocketoffers.com	435 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 520	31 KB
1	piahja3k.com 1 redirects www.piahja3k.com	491 B
1	swpshdnmkt2.com 1 redirects swpshdnmkt2.com	863 B
1	confirmationcenterz.com confirmationcenterz.com	713 B
14	5

	Domain	Requested by
13	www.gorocketoffers.com	1 redirects confirmationcenterz.com www.gorocketoffers.com
1	ajax.googleapis.com	www.gorocketoffers.com
1	www.piahja3k.com	1 redirects
1	swpshdnmkt2.com	1 redirects
1	confirmationcenterz.com
14	5

This site contains no links.

Subject Issuer	Validity	Valid
confirmationcenterz.com R3	`2022-12-23` - `2023-03-23`	3 months	crt.sh
gorocketoffers.com cPanel, Inc. Certification Authority	`2022-12-27` - `2023-03-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
Frame ID: 66BD411C5835B20B19B47CB179C1BE49
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PRIZE WINNER CONFIRMATION.

Page URL History Show full URLs

https://confirmationcenterz.com/redirect?target=BASE64aHR0cHM6Ly9zd3BzaGRubWt0Mi5jb20vP2E9MTA1NzYmYz0xNDQwNT... Page URL
https://swpshdnmkt2.com/?a=10576&c=144051&s1=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&s2=d4lge951hbd1l8o... HTTP 302
https://www.piahja3k.com/8LJN3/37GQ4B/?source_id=10576&sub2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&sub3... HTTP 302
https://www.gorocketoffers.com/9978/blankCheckout?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5... HTTP 301
https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

466 kB
Transfer

758 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://confirmationcenterz.com/redirect?target=BASE64aHR0cHM6Ly9zd3BzaGRubWt0Mi5jb20vP2E9MTA1NzYmYz0xNDQwNTEmczE9ZWU1NmM0YTEtZjhiOS00NjA2LWI4YTktYjVhOWRjNWFhYzYwJnMyPWQ0bGdlOTUxaGJkMWw4b2xpNmZuNzQxNA&ts=1673137926617&hash=3wyW89Agv9gSUHAb9mv-oQfBXa2Gw37fffubcFvaU9Y&rm=DJ Page URL
https://swpshdnmkt2.com/?a=10576&c=144051&s1=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&s2=d4lge951hbd1l8oli6fn7414 HTTP 302
https://www.piahja3k.com/8LJN3/37GQ4B/?source_id=10576&sub2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&sub3=569435498 HTTP 302
https://www.gorocketoffers.com/9978/blankCheckout?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425 HTTP 301
https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 redirect Show response
confirmationcenterz.com/ 556 B
713 B 552ms
173ms Document
text/html 13.56.134.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://confirmationcenterz.com/redirect?target=BASE64aHR0cHM6Ly9zd3BzaGRubWt0Mi5jb20vP2E9MTA1NzYmYz0xNDQwNTEmczE9ZWU1NmM0YTEtZjhiOS00NjA2LWI4YTktYjVhOWRjNWFhYzYwJnMyPWQ0bGdlOTUxaGJkMWw4b2xpNmZuNzQxNA&ts=1673137926617&hash=3wyW89Agv9gSUHAb9mv-oQfBXa2Gw37fffubcFvaU9Y&rm=DJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.56.134.54 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-56-134-54.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 38ace55418356b565305951a11af5536dc14a4a416a26130fe76844640108489

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-type: text/html;charset=UTF-8
date: Sun, 08 Jan 2023 00:32:31 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx

GET
H2

200

Primary Request / Show response
www.gorocketoffers.com/9978/blankCheckout/
Redirect Chain

https://swpshdnmkt2.com/?a=10576&c=144051&s1=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&s2=d4lge951hbd1l8oli6fn7414
https://www.piahja3k.com/8LJN3/37GQ4B/?source_id=10576&sub2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&sub3=569435498
https://www.gorocketoffers.com/9978/blankCheckout?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425

17 KB
4 KB

124ms
124ms

Document
text/html

70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425

Requested by

Host: confirmationcenterz.com
URL: https://confirmationcenterz.com/redirect?target=BASE64aHR0cHM6Ly9zd3BzaGRubWt0Mi5jb20vP2E9MTA1NzYmYz0xNDQwNTEmczE9ZWU1NmM0YTEtZjhiOS00NjA2LWI4YTktYjVhOWRjNWFhYzYwJnMyPWQ0bGdlOTUxaGJkMWw4b2xpNmZuNzQxNA&ts=1673137926617&hash=3wyW89Agv9gSUHAb9mv-oQfBXa2Gw37fffubcFvaU9Y&rm=DJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed / PHP/7.3.33

Resource Hash

d92227e901c7f5ac527fb582a09f0647429afad018c055754fa4de1330727498

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://confirmationcenterz.com/redirect?target=BASE64aHR0cHM6Ly9zd3BzaGRubWt0Mi5jb20vP2E9MTA1NzYmYz0xNDQwNTEmczE9ZWU1NmM0YTEtZjhiOS00NjA2LWI4YTktYjVhOWRjNWFhYzYwJnMyPWQ0bGdlOTUxaGJkMWw4b2xpNmZuNzQxNA&ts=1673137926617&hash=3wyW89Agv9gSUHAb9mv-oQfBXa2Gw37fffubcFvaU9Y&rm=DJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 08 Jan 2023 00:32:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.3.33

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 707
content-type: text/html
date: Sun, 08 Jan 2023 00:32:33 GMT
location: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 bootstrap.min.css
www.gorocketoffers.com/9978/blankCheckout/npm/bootstrap_5.2.0/dist/css/ 190 KB
24 KB 133ms
132ms Stylesheet
text/css 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gorocketoffers.com/9978/blankCheckout/npm/bootstrap_5.2.0/dist/css/bootstrap.min.css

Requested by

Host: www.gorocketoffers.com
URL: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 00:32:33 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Thu, 10 Nov 2022 11:33:56 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 24644
expires: Sun, 15 Jan 2023 00:32:33 GMT

GET
H2 200 error_handler.css
www.gorocketoffers.com/9978/blankCheckout/css/ 3 KB
835 B 270ms
269ms Stylesheet
text/css 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gorocketoffers.com/9978/blankCheckout/css/error_handler.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

06211caf6663c728740a01618bf087f7104cecd9df2a7870956d2fa757f9807a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 00:32:33 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Thu, 10 Nov 2022 11:42:01 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 776
expires: Sun, 15 Jan 2023 00:32:33 GMT

GET
H2 200 postage.png
www.gorocketoffers.com/9978/blankCheckout/images/ 18 KB
18 KB 375ms
372ms Image
image/png 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gorocketoffers.com/9978/blankCheckout/images/postage.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

b4c22b8e20798cd6d3345a21ea7da5c37750efa3a70941d04d0a2d579927f121

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 00:32:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 11:33:39 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 18520
expires: Sun, 15 Jan 2023 00:32:33 GMT

GET
H2 200 encryption.jpg
www.gorocketoffers.com/9978/blankCheckout/images/ 57 KB
57 KB 378ms
375ms Image
image/jpeg 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gorocketoffers.com/9978/blankCheckout/images/encryption.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

9e6621ae7d51a54a262ab8adc9b339827d3766a4d4b26d9c8f72a1f511ff96e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 00:32:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 11:33:38 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 58631
expires: Sun, 15 Jan 2023 00:32:33 GMT

GET
H2 200 symantec.png
www.gorocketoffers.com/9978/blankCheckout/images/ 54 KB
54 KB 489ms
487ms Image
image/png 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gorocketoffers.com/9978/blankCheckout/images/symantec.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

b1f1ea72ec45e07040d1675e8ea0540e5ba6ffdad09c11456ce5525cbd6eb50f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 00:32:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 11:33:41 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 55368
expires: Sun, 15 Jan 2023 00:32:33 GMT

GET
H2 200 top.jpg
www.gorocketoffers.com/9978/blankCheckout/images/ 63 KB
63 KB 489ms
487ms Image
image/jpeg 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gorocketoffers.com/9978/blankCheckout/images/top.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

b972b9f87a13f863641413a9b7790c16d4c42eda85034e787642d592bc8222ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 00:32:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 11:33:42 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 64264
expires: Sun, 15 Jan 2023 00:32:33 GMT

GET
H2 200 a1d81f564eeb1468aefbcfd54d1571b8_w200.gif
www.gorocketoffers.com/9978/blankCheckout/origin/a1/ 51 KB
51 KB 489ms
487ms Image
image/gif 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gorocketoffers.com/9978/blankCheckout/origin/a1/a1d81f564eeb1468aefbcfd54d1571b8_w200.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

8253c2a22a5c0e787e760ff78f2944272e356b77e0d0455d8a97bfdf0c48b3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 00:32:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 11:33:52 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 52222
expires: Sun, 15 Jan 2023 00:32:33 GMT

GET
H2 200 safe.png
www.gorocketoffers.com/9978/blankCheckout/images/ 6 KB
6 KB 738ms
736ms Image
image/png 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gorocketoffers.com/9978/blankCheckout/images/safe.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

1863aeac960241f31a99530249b8716d375468d6c6a6e1624630699eba2a87a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 00:32:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 11:33:41 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 6587
expires: Sun, 15 Jan 2023 00:32:33 GMT

GET
H2 200 pinpng.com-linkedin-logo-png-598451.png
www.gorocketoffers.com/9978/blankCheckout/images/ 101 KB
101 KB 750ms
748ms Image
image/png 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gorocketoffers.com/9978/blankCheckout/images/pinpng.com-linkedin-logo-png-598451.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

9d5fb43638da498439103d863e4aeb523714e4e491aeddb3d16989336da3361a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 00:32:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 11:33:40 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 103014
expires: Sun, 15 Jan 2023 00:32:33 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
www.gorocketoffers.com/9978/blankCheckout/npm/bootstrap_5.2.0/dist/js/ 78 KB
22 KB 255ms
252ms Script
application/javascript 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gorocketoffers.com/9978/blankCheckout/npm/bootstrap_5.2.0/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 00:32:33 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Thu, 10 Nov 2022 11:33:57 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 22281
expires: Sun, 15 Jan 2023 00:32:33 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 40ms
14ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 12:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 12:26:48 GMT

GET
H3 200 iStock-944453634-750x450.jpg
www.gorocketoffers.com/9978/blankCheckout/images/ 32 KB
32 KB 123ms
123ms Image
image/jpeg 70.32.23.104
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gorocketoffers.com/9978/blankCheckout/images/iStock-944453634-750x450.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

70.32.23.104 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts12.a2hosting.com

Software

LiteSpeed /

Resource Hash

ce2a2a91faf416d4e170da5fb7a5e102455791dac656f9cf99acbd04c8d500c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gorocketoffers.com/9978/blankCheckout/?affid=6&source_id=10576&c1=&c2=ee56c4a1-f8b9-4606-b8a9-b5a9dc5aac60&c3=569435498&transid=942ce9bdea5846c19c264be80869b425
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 00:32:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 11:33:38 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 32664
expires: Sun, 15 Jan 2023 00:32:33 GMT

GET
DATA 200
OK truncated
/ 183 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8c89b0459ec4d6069037002ff5d824395ff37dbf866bc4298fce22d336b182a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 859790d507acd06e12295953099b5025fc6d49d41683e0af085c5f8513f3c3c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.swpshdnmkt2.com/	1969-12-31 23:59:59	Name: sid Value: MTAohThxerUrSmhdGRF46+DUGfJ4kfhxd9aG00m0rSTT/lfWiLDi3w==
.swpshdnmkt2.com/	1970-01-20 18:21:37	Name: trk Value: /DisRy8jEnfQREDRkLO09+DUGfJ4kfhxd9aG00m0rSTT/lfWiLDi3w==
.swpshdnmkt2.com/	1970-01-20 09:28:49	Name: c28722 Value: MTAohThxerW1s+mrFr0DbShdGK7zPdFlh/B+ldqIlVty8t+S7rUWXQ==
www.piahja3k.com/	1970-01-20 08:47:04	Name: uniqueClick_37GQ4B Value: 10b56d0d-4364-47c4-b4cb-34603d71a5d5:1673137952
www.piahja3k.com/	1970-01-20 10:55:13	Name: transaction_id Value: 942ce9bdea5846c19c264be80869b425
www.gorocketoffers.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: c8592b312d0fa29cafb814f63f96220d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
confirmationcenterz.com
swpshdnmkt2.com
www.gorocketoffers.com
www.piahja3k.com
13.56.134.54
2a00:1450:4001:812::200a
34.102.180.111
52.0.212.192
70.32.23.104
06211caf6663c728740a01618bf087f7104cecd9df2a7870956d2fa757f9807a
1863aeac960241f31a99530249b8716d375468d6c6a6e1624630699eba2a87a5
38ace55418356b565305951a11af5536dc14a4a416a26130fe76844640108489
8253c2a22a5c0e787e760ff78f2944272e356b77e0d0455d8a97bfdf0c48b3f2
859790d507acd06e12295953099b5025fc6d49d41683e0af085c5f8513f3c3c7
9d5fb43638da498439103d863e4aeb523714e4e491aeddb3d16989336da3361a
9e6621ae7d51a54a262ab8adc9b339827d3766a4d4b26d9c8f72a1f511ff96e3
b1f1ea72ec45e07040d1675e8ea0540e5ba6ffdad09c11456ce5525cbd6eb50f
b4c22b8e20798cd6d3345a21ea7da5c37750efa3a70941d04d0a2d579927f121
b972b9f87a13f863641413a9b7790c16d4c42eda85034e787642d592bc8222ea
c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f
ce2a2a91faf416d4e170da5fb7a5e102455791dac656f9cf99acbd04c8d500c1
d8c89b0459ec4d6069037002ff5d824395ff37dbf866bc4298fce22d336b182a
d92227e901c7f5ac527fb582a09f0647429afad018c055754fa4de1330727498
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.gorocketoffers.com Open in urlscan Pro 70.32.23.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

466 kBTransfer

758 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

6 Cookies

Indicators

www.gorocketoffers.com Open in urlscan Pro
70.32.23.104 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

466 kB
Transfer

758 kB
Size

6
Cookies

14 HTTP transactions
2 data transactions