topofferley.com Open in urlscan Pro
185.142.239.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://topofferley.com/
Effective URL:
https://topofferley.com/
Submission: On February 15 via manual (February 15th 2022, 9:25:39 am UTC) from IL — Scanned from NL

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 12 HTTP transactions. The main IP is 185.142.239.27, located in Amsterdam, Netherlands and belongs to COGENT-174, US. The main domain is topofferley.com.
TLS certificate: Issued by R3 on December 21st 2021. Valid for: 3 months.

This is the only time topofferley.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	185.142.239.27 185.142.239.27	174 (COGENT-174) (COGENT-174)
4	149.3.170.133 149.3.170.133	213373 (IPCONNECT) (IPCONNECT)
1	2606:4700:303... 2606:4700:3032::ac43:d4fa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	193.34.166.127 193.34.166.127	62370 (SNEL) (SNEL)
2	52.210.183.142 52.210.183.142	16509 (AMAZON-02) (AMAZON-02)
12	6

2 185.142.239.27 (Amsterdam, Netherlands) 1 redirects

ASN174 (COGENT-174, US)
PTR: black.host-27.239.142.185.in-addr.arpa

topofferley.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 149.3.170.133 (Seychelles)

ASN213373 (IPCONNECT, NL)

incrsyrgnstrckr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:d4fa (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plusheroes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.34.166.127 (Netherlands)

ASN62370 (SNEL, NL)
PTR: aliqu

sidtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.183.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-183-142.eu-west-1.compute.amazonaws.com

server-api.push77-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	incrsyrgnstrckr.com incrsyrgnstrckr.com	59 KB
2	push77-api.com server-api.push77-api.com — Cisco Umbrella Rank: 854772	614 B
2	sidtrck.com sidtrck.com	671 B
2	topofferley.com 1 redirects topofferley.com	1 KB
1	plusheroes.com cdn.plusheroes.com	52 KB
12	5

	Domain	Requested by
4	incrsyrgnstrckr.com	topofferley.com incrsyrgnstrckr.com
2	server-api.push77-api.com	cdn.plusheroes.com
2	sidtrck.com	incrsyrgnstrckr.com
2	topofferley.com	1 redirects
1	cdn.plusheroes.com	incrsyrgnstrckr.com
12	5

This site contains no links.

Subject Issuer	Validity	Valid
topofferley.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
incrsyrgnstrckr.com R3	`2022-02-11` - `2022-05-12`	3 months	crt.sh
*.plusheroes.com E1	`2022-01-22` - `2022-04-22`	3 months	crt.sh
sidtrck.com R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
*.push77-api.com Amazon	`2021-09-19` - `2022-10-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://topofferley.com/
Frame ID: 741D0B7D84537A16DDF9DAEB104E3521
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Index

Page URL History Show full URLs

http://topofferley.com/ HTTP 301
https://topofferley.com/ Page URL

Page Statistics

12
Requests

83 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

6
IPs

4
Countries

113 kB
Transfer

653 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://topofferley.com/ HTTP 301
https://topofferley.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
-2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response topofferley.com/ Redirect Chain http://topofferley.com/ https://topofferley.com/	867 B 860 B	148ms 117ms	Document text/html	185.142.239.27 COGENT-174
General Check archive.org Show headers Download Go to Full URL https://topofferley.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.142.239.27 Amsterdam, Netherlands, ASN174 (COGENT-174, US), Reverse DNS black.host-27.239.142.185.in-addr.arpa Software nginx / Resource Hash `f484d7832cc370b799e0b868f8e6509cd03141b27c07dce846c2ea53e675cf41` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language nl-NL,nl;q=0.9 Response headers Server nginx Date Tue, 15 Feb 2022 09:25:35 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Upgrade h2,h2c Last-Modified Thu, 10 Feb 2022 14:05:29 GMT X-Server microso PX-X-Request-Id d996b936147637ed8dc3fe9872392d9f Content-Encoding gzip Redirect headers Server nginx Date Tue, 15 Feb 2022 09:25:35 GMT Content-Type text/html Content-Length 178 Connection keep-alive Location https://topofferley.com/ Strict-Transport-Security max-age=63072000
GET H/1.1	200 OK	sdk.js Show response incrsyrgnstrckr.com/api/v1/integration/	377 KB 40 KB	130ms 80ms	Script application/javascript	149.3.170.133 IPCONNECT
General Check archive.org Show headers Download Go to Full URL https://incrsyrgnstrckr.com/api/v1/integration/sdk.js?v=22022129 Requested by Host: topofferley.com URL: https://topofferley.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.3.170.133 , Seychelles, ASN213373 (IPCONNECT, NL), Reverse DNS Software nginx / Resource Hash `167cb05f516b7c65c0455896a5853f4ae31a9789f1a04b52d7df15c540b03a12` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://topofferley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Tue, 15 Feb 2022 09:25:35 GMT Content-Encoding gzip Last-Modified Tue, 15 Feb 2022 07:57:29 GMT Server nginx ETag W/"620b5ce9-5e5e1" Vary Accept-Encoding Connection keep-alive Content-Type application/javascript Cache-Control max-age=31536000 Transfer-Encoding chunked PX-X-Request-Id b0d88e15ce841db871e448eb90fa2494 X-Server neque Expires Wed, 15 Feb 2023 09:25:35 GMT
GET H/1.1	200 OK	sdk.css incrsyrgnstrckr.com/api/v1/integration/	77 KB 8 KB	40ms 39ms	Stylesheet text/css	149.3.170.133 IPCONNECT
General Check archive.org Show headers Download Go to Full URL https://incrsyrgnstrckr.com/api/v1/integration/sdk.css?v=2.62.3 Requested by Host: incrsyrgnstrckr.com URL: https://incrsyrgnstrckr.com/api/v1/integration/sdk.js?v=22022129 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.3.170.133 , Seychelles, ASN213373 (IPCONNECT, NL), Reverse DNS Software nginx / Resource Hash `4b12e07b3d6fdf2b05612abdf6ed07924adafff2122e90eabab481f6ab4ee9c4` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://topofferley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Tue, 15 Feb 2022 09:25:36 GMT Content-Encoding gzip Last-Modified Tue, 15 Feb 2022 07:59:16 GMT Server nginx ETag W/"620b5d54-1344e" Vary Accept-Encoding Connection keep-alive Content-Type text/css Cache-Control max-age=31536000 Transfer-Encoding chunked PX-X-Request-Id 60d7b78b644f2a116226055734d597eb X-Server neque Expires Wed, 15 Feb 2023 09:25:36 GMT
GET H/1.1	200 OK	details.php Show response incrsyrgnstrckr.com/api/v1/projects/	50 KB 10 KB	110ms 110ms	XHR application/json	149.3.170.133 IPCONNECT
General Check archive.org Show headers Download Go to Full URL https://incrsyrgnstrckr.com/api/v1/projects/details.php?&locale=en-US Requested by Host: incrsyrgnstrckr.com URL: https://incrsyrgnstrckr.com/api/v1/integration/sdk.js?v=22022129 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.3.170.133 , Seychelles, ASN213373 (IPCONNECT, NL), Reverse DNS Software nginx / Resource Hash `94cbaef3f3280b9053956ea3ad7e58a78196ddd641c8bcd435d13668eba4f7ec` Request headers Referer https://topofferley.com/ Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Intgrtn-Referer https://topofferley.com/ Content-Type application/json Response headers Date Tue, 15 Feb 2022 09:25:36 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type application/json Access-Control-Allow-Origin https://topofferley.com Connection keep-alive Transfer-Encoding chunked PX-X-Request-Id c5afdb35cc770a897c39d7951731ff2a X-Server neque Access-Control-Allow-Headers accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
OPTIONS H/1.1	200 OK	details.php incrsyrgnstrckr.com/api/v1/projects/	0 0	75ms 46ms	Preflight text/html	149.3.170.133 IPCONNECT
General Check archive.org Show headers Download Go to Full URL https://incrsyrgnstrckr.com/api/v1/projects/details.php?&locale=en-US Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.3.170.133 , Seychelles, ASN213373 (IPCONNECT, NL), Reverse DNS Software nginx / Resource Hash Request headers Accept / Access-Control-Request-Method GET Access-Control-Request-Headers content-type,intgrtn-referer Origin https://topofferley.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Date Tue, 15 Feb 2022 09:25:36 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Access-Control-Allow-Origin https://topofferley.com Access-Control-Allow-Headers accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer Access-Control-Allow-Methods POST, GET, OPTIONS Content-Encoding gzip X-Server neque PX-X-Request-Id 7d891a57748e2c137e309623b2db1de9
GET H2	200	lib.min.js Show response cdn.plusheroes.com/v1/	148 KB 52 KB	104ms 34ms	Script application/javascript	2606:4700:3032::ac43:d4fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.plusheroes.com/v1/lib.min.js Requested by Host: incrsyrgnstrckr.com URL: https://incrsyrgnstrckr.com/api/v1/integration/sdk.js?v=22022129 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:d4fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `185599b7df5e8e2e2405e84f96f5d3d0c0d33d44ac514d4d12b01d394351a2d8` Request headers Accept-Language nl-NL,nl;q=0.9 Referer https://topofferley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 09:25:36 GMT via 1.1 a6a3dd57ba679f45d1542b145be0ec18.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4144 x-cache Hit from cloudfront content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 02 Dec 2021 16:27:50 GMT server cloudflare etag W/"89dfcfe36396093bc7bb764686cbb017" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaKEmjz%2BAhAWGsPW4PHUjeS9QllL6uID0d85RKI7GtnISO%2FiT3G9nMEJO6TOBFgw4DjD4PpSqpCUntr7rO%2FUs5f53CZ7l%2FNZ%2FUkBorRoY3%2B35t7mPoYaGmliKBtcu9%2F2R2aYGko1FkM9rpG8%2FkiDp9g%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-cf-pop MSP50-C2 cf-ray 6ddd7d65bd6d9018-FRA x-amz-cf-id jr971h48nhfp2RYnDdo_hRmAJr7M57H5i4Lj1DvDmzYd2SLiaH50Sw==
POST H/1.1	200 OK	add.php Show response sidtrck.com/api/v1/events/	171 B 671 B	76ms 76ms	XHR application/json	193.34.166.127 SNEL
General Check archive.org Show headers Download Go to Full URL https://sidtrck.com/api/v1/events/add.php Requested by Host: incrsyrgnstrckr.com URL: https://incrsyrgnstrckr.com/api/v1/integration/sdk.js?v=22022129 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.34.166.127 , Netherlands, ASN62370 (SNEL, NL), Reverse DNS aliqu Software nginx / Resource Hash `2a0a3c2a5818cc402a242e116e8475c7cc27db5d2de5faaaaac430235b293d54` Request headers Referer https://topofferley.com/ Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Intgrtn-Referer https://topofferley.com/ Content-Type application/json Response headers Date Tue, 15 Feb 2022 09:25:36 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type application/json Access-Control-Allow-Origin https://topofferley.com Connection keep-alive Transfer-Encoding chunked PX-X-Request-Id 3291ca740de3730c5ace1aef8594399e X-Server aliqu Access-Control-Allow-Headers accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
OPTIONS H/1.1	200 OK	add.php sidtrck.com/api/v1/events/	0 0	113ms 51ms	Preflight text/html	193.34.166.127 SNEL
General Check archive.org Show headers Download Go to Full URL https://sidtrck.com/api/v1/events/add.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.34.166.127 , Netherlands, ASN62370 (SNEL, NL), Reverse DNS aliqu Software nginx / Resource Hash Request headers Accept / Access-Control-Request-Method POST Access-Control-Request-Headers content-type,intgrtn-referer Origin https://topofferley.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Date Tue, 15 Feb 2022 09:25:36 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Access-Control-Allow-Origin https://topofferley.com Access-Control-Allow-Headers accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer Access-Control-Allow-Methods POST, GET, OPTIONS Content-Encoding gzip X-Server aliqu PX-X-Request-Id 77472d079f18e2ea078c7e5f6ff2fd68
OPTIONS H2	200	d6f10921-bf94-46f2-a420-e5bba92cf631 server-api.push77-api.com/v1_0/applications/	0 0	117ms 33ms	Preflight text/html	52.210.183.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://server-api.push77-api.com/v1_0/applications/d6f10921-bf94-46f2-a420-e5bba92cf631 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.210.183.142 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-210-183-142.eu-west-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Accept / Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://topofferley.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 15 Feb 2022 09:25:37 GMT content-type text/html; charset=UTF-8 server nginx/1.14.0 (Ubuntu) access-control-allow-origin * access-control-allow-methods POST, GET, OPTIONS, PUT, PATCH, DELETE access-control-allow-headers Content-Type, X-Auth-Token, Origin, Authorization cache-control no-cache, private content-encoding gzip
GET H2	200	d6f10921-bf94-46f2-a420-e5bba92cf631 Show response server-api.push77-api.com/v1_0/applications/	323 B 614 B	46ms 46ms	Fetch application/json	52.210.183.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://server-api.push77-api.com/v1_0/applications/d6f10921-bf94-46f2-a420-e5bba92cf631 Requested by Host: cdn.plusheroes.com URL: https://cdn.plusheroes.com/v1/lib.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.210.183.142 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-210-183-142.eu-west-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash `291f30964fec34bc3a95a2e1744257aa77ac7b5d0a9c1ae13f78f1cb18592763` Request headers Accept application/json Referer https://topofferley.com/ Accept-Language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/json Response headers date Tue, 15 Feb 2022 09:25:37 GMT server nginx/1.14.0 (Ubuntu) x-ratelimit-remaining 59 access-control-allow-methods POST, GET, OPTIONS, PUT, PATCH, DELETE content-type application/json access-control-allow-origin * cache-control no-cache, private x-ratelimit-limit 60 access-control-allow-headers Content-Type, X-Auth-Token, Origin, Authorization

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
topofferley.com/	1970-01-20 09:40:53	Name: intgrtn_locale Value: en-US
topofferley.com/	1970-01-20 09:40:53	Name: intgrtn_intgrtn.options.server.endpoint Value: https://sidtrck.com
topofferley.com/	1970-01-20 09:40:53	Name: intgrtn_intgrtn.options.server.host Value: sidtrck.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.plusheroes.com
incrsyrgnstrckr.com
server-api.push77-api.com
sidtrck.com
topofferley.com
149.3.170.133
185.142.239.27
193.34.166.127
2606:4700:3032::ac43:d4fa
52.210.183.142
167cb05f516b7c65c0455896a5853f4ae31a9789f1a04b52d7df15c540b03a12
185599b7df5e8e2e2405e84f96f5d3d0c0d33d44ac514d4d12b01d394351a2d8
291f30964fec34bc3a95a2e1744257aa77ac7b5d0a9c1ae13f78f1cb18592763
2a0a3c2a5818cc402a242e116e8475c7cc27db5d2de5faaaaac430235b293d54
4b12e07b3d6fdf2b05612abdf6ed07924adafff2122e90eabab481f6ab4ee9c4
94cbaef3f3280b9053956ea3ad7e58a78196ddd641c8bcd435d13668eba4f7ec
f484d7832cc370b799e0b868f8e6509cd03141b27c07dce846c2ea53e675cf41

topofferley.com Open in urlscan Pro 185.142.239.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

83 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

6 IPs

4 Countries

113 kBTransfer

653 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

3 Cookies

Indicators

topofferley.com Open in urlscan Pro
185.142.239.27 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

83 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

6
IPs

4
Countries

113 kB
Transfer

653 kB
Size

3
Cookies

12 HTTP transactions
-2 data transactions