www.safeofferz.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 52.209.130.239, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.safeofferz.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 14th 2018. Valid for: 3 months.

This is the only time www.safeofferz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.175.217.160 66.175.217.160	63949 (LINODE-AP...) (LINODE-AP Linode)
1	52.215.113.202 52.215.113.202	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	52.209.130.239 52.209.130.239	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	2

1 66.175.217.160 (Fremont, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li512-160.members.linode.com

m.mobplus.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.113.202 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-113-202.eu-west-1.compute.amazonaws.com

go.traffic-c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.209.130.239 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-209-130-239.eu-west-1.compute.amazonaws.com

www.safeofferz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	safeofferz.com www.safeofferz.com	274 KB
1	traffic-c.com go.traffic-c.com	1 KB
1	mobplus.net 1 redirects m.mobplus.net	353 B
5	3

	Domain	Requested by
4	www.safeofferz.com	www.safeofferz.com
1	go.traffic-c.com
1	m.mobplus.net	1 redirects
5	3

This site contains links to these domains. Also see Links.

Domain
www.fremdfickzone.com

Subject Issuer	Validity	Valid
traffic-c.com Let's Encrypt Authority X3	`2018-08-10` - `2018-11-08`	3 months	crt.sh
safeofferz.com Let's Encrypt Authority X3	`2018-09-14` - `2018-12-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/?tid=2hegjj6dw9mo44w8cowcs0o4w,13043025,5,6587&ctrack=1539148932.1807259889
Frame ID: 9AB0852B26E4D8E0F0A0045B1E2B023A
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://m.mobplus.net/c/c/75/76?__m2888__=1&sc=71037_76&__ot__=1&s1=liao_10080&s2=liao HTTP 302
https://go.traffic-c.com/?p=6587&media_type=adult&click_id=cd99b49f668d414c8a646814a01a7cfd Page URL
https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/?tid=2hegjj6dw9mo44w8cowcs0o4... Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

275 kB
Transfer

283 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fremdfickzone.com/terms
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://www.fremdfickzone.com/privacy
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://www.fremdfickzone.com/terms#guidelines
Title: Unterhaltungsrichtlinien

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.mobplus.net/c/c/75/76?__m2888__=1&sc=71037_76&__ot__=1&s1=liao_10080&s2=liao HTTP 302
https://go.traffic-c.com/?p=6587&media_type=adult&click_id=cd99b49f668d414c8a646814a01a7cfd Page URL
https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/?tid=2hegjj6dw9mo44w8cowcs0o4w,13043025,5,6587&ctrack=1539148932.1807259889 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://m.mobplus.net/c/c/75/76?__m2888__=1&sc=71037_76&__ot__=1&s1=liao_10080&s2=liao HTTP 302
https://go.traffic-c.com/?p=6587&media_type=adult&click_id=cd99b49f668d414c8a646814a01a7cfd

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response go.traffic-c.com/ Redirect Chain http://m.mobplus.net/c/c/75/76?__m2888__=1&sc=71037_76&__ot__=1&s1=liao_10080&s2=liao https://go.traffic-c.com/?p=6587&media_type=adult&click_id=cd99b49f668d414c8a646814a01a7cfd	715 B 1 KB	111ms 36ms	Document text/html	52.215.113.202 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://go.traffic-c.com/?p=6587&media_type=adult&click_id=cd99b49f668d414c8a646814a01a7cfd Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.215.113.202 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-215-113-202.eu-west-1.compute.amazonaws.com Software / Resource Hash `32dd217a1bafe01146b3d6f8449a49ecf1d24994b38bb38208646034014474af` Request headers :method GET :authority go.traffic-c.com :scheme https :path /?p=6587&media_type=adult&click_id=cd99b49f668d414c8a646814a01a7cfd pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 date Wed, 10 Oct 2018 05:22:12 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding set-cookie traffic-back=ok; expires=Wed, 10-Oct-2018 05:22:42 GMT; Max-Age=30; path=/; domain=go.traffic-c.com traffic-visited-offers=%7C%7C29154%7Cunspecified; expires=Thu, 11-Oct-2018 05:22:12 GMT; Max-Age=86400; path=/; domain=go.traffic-c.com traffic-visited-domain=safeofferz.com; expires=Fri, 09-Nov-2018 06:22:12 GMT; Max-Age=2595600; path=/; domain=go.traffic-c.com rts-trck=1; expires=Wed, 10-Oct-2018 05:32:12 GMT; Max-Age=600; path=/; domain=go.traffic-c.com last-modified Wed, 10 Oct 2018 05:22:12 GMT expires Wed, 10 Oct 2018 05:22:12 GMT cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 pragma no-cache x-robots-tag noindex, nofollow content-encoding gzip Redirect headers Server nginx/1.8.0 Date Wed, 10 Oct 2018 05:22:12 GMT Content-Length 0 Connection keep-alive Set-Cookie uk=4262973dd146418f967d27774d5dbeed; Domain=.mobplus.net; Expires=Mon, 28-Oct-2086 08:36:19 GMT; Path=/; HttpOnly Location https://go.traffic-c.com/?p=6587&media_type=adult&click_id=cd99b49f668d414c8a646814a01a7cfd
GET H2	200	Primary Request / Show response www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/	7 KB 2 KB	109ms 32ms	Document text/html	52.209.130.239 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/?tid=2hegjj6dw9mo44w8cowcs0o4w,13043025,5,6587&ctrack=1539148932.1807259889 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.209.130.239 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-209-130-239.eu-west-1.compute.amazonaws.com Software / Resource Hash `052a56969560c6ab22193fb1357edf1c2fe40505b6b26e8ce1d40136dc4e06c4` Request headers :method GET :authority www.safeofferz.com :scheme https :path /landing/de/all/revhunters/fremdfickzone/1/desk/?tid=2hegjj6dw9mo44w8cowcs0o4w,13043025,5,6587&ctrack=1539148932.1807259889 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 referer https://go.traffic-c.com/?p=6587&media_type=adult&click_id=cd99b49f668d414c8a646814a01a7cfd accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://go.traffic-c.com/?p=6587&media_type=adult&click_id=cd99b49f668d414c8a646814a01a7cfd Response headers status 200 content-type text/html; charset=UTF-8 vary Accept-Encoding cache-control no-cache, private date Wed, 10 Oct 2018 05:22:12 GMT content-encoding gzip
GET H2	200	style.css www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/css/	3 KB 1 KB	28ms 28ms	Stylesheet text/css	52.209.130.239 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/css/style.css Requested by Host: www.safeofferz.com URL: https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/?tid=2hegjj6dw9mo44w8cowcs0o4w,13043025,5,6587&ctrack=1539148932.1807259889 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.209.130.239 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-209-130-239.eu-west-1.compute.amazonaws.com Software / Resource Hash `078bd1d78eeaf6a057bd22113a95de3f24798e6a311732bafe153a6ede394899` Request headers :path /landing/de/all/revhunters/fremdfickzone/1/desk/css/style.css pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority www.safeofferz.com referer https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/?tid=2hegjj6dw9mo44w8cowcs0o4w,13043025,5,6587&ctrack=1539148932.1807259889 :scheme https :method GET Referer https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/?tid=2hegjj6dw9mo44w8cowcs0o4w,13043025,5,6587&ctrack=1539148932.1807259889 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma public date Wed, 10 Oct 2018 05:22:12 GMT content-encoding gzip last-modified Wed, 15 Aug 2018 14:54:41 GMT etag W/"5b743eb1-cd0" vary Accept-Encoding content-type text/css status 200 cache-control max-age=31536000 public expires Thu, 10 Oct 2019 05:22:12 GMT
GET H2	200	script.js Show response www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/js/	2 KB 780 B	26ms 26ms	Script application/javascript	52.209.130.239 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/js/script.js Requested by Host: www.safeofferz.com URL: https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/?tid=2hegjj6dw9mo44w8cowcs0o4w,13043025,5,6587&ctrack=1539148932.1807259889 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.209.130.239 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-209-130-239.eu-west-1.compute.amazonaws.com Software / Resource Hash `08b86701822156373a17443e1f830e215a243383534b46ac8cf24dca7feffca0` Request headers :path /landing/de/all/revhunters/fremdfickzone/1/desk/js/script.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority www.safeofferz.com referer https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/?tid=2hegjj6dw9mo44w8cowcs0o4w,13043025,5,6587&ctrack=1539148932.1807259889 :scheme https :method GET Referer https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/?tid=2hegjj6dw9mo44w8cowcs0o4w,13043025,5,6587&ctrack=1539148932.1807259889 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma public date Wed, 10 Oct 2018 05:22:12 GMT content-encoding gzip last-modified Wed, 15 Aug 2018 14:54:42 GMT etag W/"5b743eb2-73c" vary Accept-Encoding content-type application/javascript; charset=utf-8 status 200 cache-control max-age=31536000 public expires Thu, 10 Oct 2019 05:22:12 GMT
GET H2	200	bg-one.jpg www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/images/	270 KB 270 KB	52ms 51ms	Image image/jpeg	52.209.130.239 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/images/bg-one.jpg Requested by Host: www.safeofferz.com URL: https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/?tid=2hegjj6dw9mo44w8cowcs0o4w,13043025,5,6587&ctrack=1539148932.1807259889 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.209.130.239 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-209-130-239.eu-west-1.compute.amazonaws.com Software / Resource Hash `375f53b689c7cfba095bf103126a62c47e4c04beed3b856a75fdc3925ec3f1c7` Request headers :path /landing/de/all/revhunters/fremdfickzone/1/desk/images/bg-one.jpg pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.safeofferz.com referer https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/css/style.css :scheme https :method GET Referer https://www.safeofferz.com/landing/de/all/revhunters/fremdfickzone/1/desk/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma public date Wed, 10 Oct 2018 05:22:12 GMT last-modified Thu, 16 Aug 2018 09:04:46 GMT accept-language bytes etag "5b753e2e-4379c" content-type image/jpeg status 200 cache-control max-age=31536000 public content-length 276380 expires Thu, 10 Oct 2019 05:22:12 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.traffic-c.com
m.mobplus.net
www.safeofferz.com
52.209.130.239
52.215.113.202
66.175.217.160
052a56969560c6ab22193fb1357edf1c2fe40505b6b26e8ce1d40136dc4e06c4
078bd1d78eeaf6a057bd22113a95de3f24798e6a311732bafe153a6ede394899
08b86701822156373a17443e1f830e215a243383534b46ac8cf24dca7feffca0
32dd217a1bafe01146b3d6f8449a49ecf1d24994b38bb38208646034014474af
375f53b689c7cfba095bf103126a62c47e4c04beed3b856a75fdc3925ec3f1c7

www.safeofferz.com Open in urlscan Pro 52.209.130.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

275 kBTransfer

283 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

www.safeofferz.com Open in urlscan Pro
52.209.130.239 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

275 kB
Transfer

283 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions