atedoffer.com Open in urlscan Pro
103.147.122.143 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/7b2d287fd06f472cc43874eecedfae/2295beea9375a9afd67c88bd6c47a9#cl/52447_md/9/112209/7766/2272/46408
Effective URL:
https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=...
Submission: On December 05 via manual (December 5th 2022, 12:02:31 pm UTC) from US — Scanned from US

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 46 HTTP transactions. The main IP is 103.147.122.143, located in Viet Nam and belongs to VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN. The main domain is atedoffer.com.
TLS certificate: Issued by R3 on October 9th 2022. Valid for: 3 months.

This is the only time atedoffer.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online) Customer Survey Spam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	2607:f8b0:400... 2607:f8b0:4004:c08::80	15169 (GOOGLE) (GOOGLE)
1 13	2606:4700:303... 2606:4700:3034::6815:62b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:6ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.95.111.143 34.95.111.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	103.147.122.142 103.147.122.142	135932 (VNDATA-AS...) (VNDATA-AS-VN Viet Storage Technology Joint Stock Company)
28	103.147.122.143 103.147.122.143	135932 (VNDATA-AS...) (VNDATA-AS-VN Viet Storage Technology Joint Stock Company)
2	2600:9000:220... 2600:9000:2209:ec00:b:4623:cac0:21	16509 (AMAZON-02) (AMAZON-02)
46	6

1 2607:f8b0:4004:c08::80 (Ashburn, United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3034::6815:62b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nikolaspub.brandigh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6ad (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.111.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.111.95.34.bc.googleusercontent.com

www.br2ghatrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.147.122.142 (Viet Nam) 1 redirects

ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN)

tpltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 103.147.122.143 (Viet Nam)

ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN)

atedoffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2209:ec00:b:4623:cac0:21 (United States)

ASN16509 (AMAZON-02, US)

d3e1y4kxkqljcb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	atedoffer.com atedoffer.com	560 KB
13	brandigh.com 1 redirects nikolaspub.brandigh.com — Cisco Umbrella Rank: 125743	151 KB
3	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 436 fonts.googleapis.com — Cisco Umbrella Rank: 51	2 KB
2	cloudfront.net d3e1y4kxkqljcb.cloudfront.net	203 KB
1	tpltrk.com 1 redirects tpltrk.com — Cisco Umbrella Rank: 432298	1 KB
1	br2ghatrk.com 1 redirects www.br2ghatrk.com — Cisco Umbrella Rank: 599928	450 B
1	ionicframework.com code.ionicframework.com — Cisco Umbrella Rank: 15545	9 KB
46	7

	Domain	Requested by
28	atedoffer.com	nikolaspub.brandigh.com atedoffer.com
13	nikolaspub.brandigh.com	1 redirects storage.googleapis.com nikolaspub.brandigh.com
2	d3e1y4kxkqljcb.cloudfront.net	atedoffer.com
2	fonts.googleapis.com	nikolaspub.brandigh.com atedoffer.com
1	tpltrk.com	1 redirects
1	www.br2ghatrk.com	1 redirects
1	code.ionicframework.com	nikolaspub.brandigh.com
1	storage.googleapis.com
46	8

This site contains no links.

Subject Issuer	Validity	Valid
storage.googleapis.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.brandigh.com E1	`2022-11-27` - `2023-02-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
ionicframework.com Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
atedoffer.com R3	`2022-10-09` - `2023-01-07`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Frame ID: D1C3A7A152D7D68FAD808751DC529070
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

[1] Reward Pending - We Want Your Opinion!

Page URL History Show full URLs

https://storage.googleapis.com/7b2d287fd06f472cc43874eecedfae/2295beea9375a9afd67c88bd6c47a9 Page URL
https://nikolaspub.brandigh.com/ Page URL
https://nikolaspub.brandigh.com/cl/52447_md/9/112209/7766/2272/46408 HTTP 302
https://www.br2ghatrk.com/4J58SX/RRRCJ9/?sub1=9&sub2=52447_15&sub3=2272_46408_112209_2870647_md HTTP 302
https://tpltrk.com/click.php?key=tox2945u6xrr80t8feau&externalid=ed76316125f24fa79eb24fe60d8909... HTTP 302
https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&c... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

6
IPs

2
Countries

925 kB
Transfer

1576 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/7b2d287fd06f472cc43874eecedfae/2295beea9375a9afd67c88bd6c47a9 Page URL
https://nikolaspub.brandigh.com/ Page URL
https://nikolaspub.brandigh.com/cl/52447_md/9/112209/7766/2272/46408 HTTP 302
https://www.br2ghatrk.com/4J58SX/RRRCJ9/?sub1=9&sub2=52447_15&sub3=2272_46408_112209_2870647_md HTTP 302
https://tpltrk.com/click.php?key=tox2945u6xrr80t8feau&externalid=ed76316125f24fa79eb24fe60d89098d&target=&subid=78 HTTP 302
https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 2295beea9375a9afd67c88bd6c47a9
storage.googleapis.com/7b2d287fd06f472cc43874eecedfae/ 112 B
692 B 176ms
76ms Document
text/html 2607:f8b0:4004:c08::80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/7b2d287fd06f472cc43874eecedfae/2295beea9375a9afd67c88bd6c47a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::80 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-length: 112
content-type: text/html
date: Mon, 05 Dec 2022 12:02:19 GMT
etag: "9e2995a20fcfaed0447620b6eb27f0bd"
expires: Mon, 05 Dec 2022 13:02:19 GMT
last-modified: Fri, 25 Nov 2022 14:32:51 GMT
server: UploadServer
x-goog-generation: 1669386771889300
x-goog-hash: crc32c=k3txuw== md5=nimVog/PrtBEdiC26yfwvQ==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 112
x-guploader-uploadid: ADPycdteKXsZWg0vguJMtux1V_wvEYEKVMAfQRQytK51ICbSFjhIx77txtEMHnMUx7yf2nvL4ylKRh-L4Tr67-TZL7-ekA

GET
H2 200 /
nikolaspub.brandigh.com/ 16 KB
3 KB 281ms
195ms Document
text/html 2606:4700:3034::6815:62b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nikolaspub.brandigh.com/
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/7b2d287fd06f472cc43874eecedfae/2295beea9375a9afd67c88bd6c47a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:62b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash

Request headers

Referer: https://storage.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 774ca1d97df1e73c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 12:02:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSmCr12roFxpqyQ572T3JSRjyZDNFPrVPMXffS0xMvlx74MXbwbqlnZ%2BnUaE8Mu2dSNgOmvOiZ0RRSZSL73A7o9jDWTEdD0itzVTCFojOP4C%2FkkqQGaTyedx8HFJ8%2BtPWumw9k0aOzAjCMJ3omEliZ5%2B3Bl5KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33

GET
H2 200 css
fonts.googleapis.com/ 2 KB
917 B 138ms
37ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,300,700

Requested by

Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 12:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 11:08:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 12:02:20 GMT

GET
H2 200 ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
9 KB 129ms
35ms Stylesheet
text/css 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-fastly-request-id: ae062837ec56f6789e99b58937ff57e12bf7e9af
date: Mon, 05 Dec 2022 12:02:20 GMT
via: 1.1 varnish
content-encoding: br
expires: Sun, 04 Dec 2022 10:32:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71173
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-lga21960-LGA
last-modified: Fri, 28 Oct 2022 02:55:05 GMT
server: cloudflare
x-github-request-id: 4D78:6A23:16ABD2A:1E7F509:638C7628
x-timer: S1670170567.031284,VS0,VE14
etag: W/"635b4489-c854"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMSbpbwQLB2LBWXsn3Jdail1hGpymEEjYM48y7x5sm2fNGn%2BW3ZiZh8AaLJ87ce4%2Fz9WrQ7GQhYx%2Fbx00bhg2uqvodv5Fx%2FtOhMmLBLrOQ2ttsJrYYDQhYNdf%2BQmG1Oiqeg%2BGz3GllPIc7yLqK5lZR31u2jU"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-origin-cache: HIT
cf-ray: 774ca1db68ddefc4-EWR
x-cache-hits: 1

GET
H2 200 bootstrap.min.css
nikolaspub.brandigh.com/css/ 111 KB
19 KB 217ms
182ms Stylesheet
text/css 2606:4700:3034::6815:62b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nikolaspub.brandigh.com/css/bootstrap.min.css
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:62b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:02:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Aug 2016 10:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1bd5b-539c95f33e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fe%2BqwFjOfVDOXcYpwA2qjt6Im9R6wnPCAh3KwPk5tMCfKZZCL6QzC2E2uiQ%2FlEK1junfdIoqQTwj%2FG04jteLx5%2B8FBg0JoWLPPhThOuWTVafdYIQuwPbC5dKnMqPXeVfolqJpYtazQXmAfAE8uHQjy4RfemCgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 774ca1db0eade73c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.min.css
nikolaspub.brandigh.com/css/ 21 KB
5 KB 222ms
188ms Stylesheet
text/css 2606:4700:3034::6815:62b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nikolaspub.brandigh.com/css/font-awesome.min.css
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:62b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:02:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Aug 2016 10:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"55e0-539c95f33e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qfi5PhiWTa7QplWmyPFhexeAqxzpU9Fg5DZNbp9qPEP0DGM1udZMsLuKgGEYJPLebbPL1NC7VAmtWkX0EFQCSY04pFWYOqgOSGZ%2FKuPtRAgHMyWkihkXTtuPwNnR6Momm8YaEQlZ6CaA4MRL67ElSXrjzP7NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 774ca1db0eaee73c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 owl.carousel.css
nikolaspub.brandigh.com/css/ 5 KB
1 KB 211ms
186ms Stylesheet
text/css 2606:4700:3034::6815:62b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nikolaspub.brandigh.com/css/owl.carousel.css
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:62b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:02:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Aug 2016 10:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1206-539c95f33e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15M1BHp%2BcEyg4OcanofUx%2BDoiFW8SAJ5%2FfxfQdpcqWlHbmpS%2FW4BSVfPFx%2BeUyJC5%2Ft9Ia%2F9%2FtHpdW9D25yXEolQrCqw85Myr7VYswWqzugLS1fFyVMxccZQbMDQJSKFGwL8t7e23EbViDIlmJNrAjP%2FjVFZ9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 774ca1db0eafe73c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 animate.css
nikolaspub.brandigh.com/css/ 73 KB
5 KB 215ms
192ms Stylesheet
text/css 2606:4700:3034::6815:62b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nikolaspub.brandigh.com/css/animate.css
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:62b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:02:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Aug 2016 10:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"12279-539c95f33e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qy9TqWEh0a%2FQDkPlO40q2D9nWyjYiLwub2zFloPcQ8oXqBTV5n6XmuVqprweMXeWJHbvG4r6Ku7Bgw6REzCn4e4R3Dt3YR07ROrXJ14ttJqm0JERuF521pU5UDujvjrqawSoCBCJxwD5yU7rd22tqzgiOibuhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 774ca1db1ebde73c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.css
nikolaspub.brandigh.com/css/ 17 KB
4 KB 217ms
193ms Stylesheet
text/css 2606:4700:3034::6815:62b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nikolaspub.brandigh.com/css/main.css
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:62b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:02:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Aug 2016 10:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4452-539c95f33e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jsW8bBb06c0DFekwgBStsvXW%2BYEVnqvdC%2BmmOb2pptyo77xIf25bHqLZTnBiZCBSyY8%2FsTJfyy9C5CnfTqY241ipsdRLyo9RegQywYedwsmqBDO%2BVK%2BgFFNdekHM2W5VntBEg9lurABwFUv4Pmn0vdKIemh3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 774ca1db1ebee73c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 responsive.css
nikolaspub.brandigh.com/css/ 2 KB
838 B 198ms
190ms Stylesheet
text/css 2606:4700:3034::6815:62b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nikolaspub.brandigh.com/css/responsive.css
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:62b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:02:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Aug 2016 10:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"80f-539c95f33e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9UQnEh6Y%2BWBiNS2C%2Fgc8sVOBO4jiiyl94HOzSwxSubbhlK5KmG6anpjRt6o%2FRWH2jLNonrRzRfy%2Bdu9GTLV6ucZFTw8dTeX5YCC%2BQ%2BQiaL2coI6j%2BuLpJEr5b9%2FUwUSz5vBpkoCUTuoJ89tedTRbM6GHPQUJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 774ca1db1ebfe73c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo.png
nikolaspub.brandigh.com/images/ 3 KB
3 KB 204ms
203ms Image
image/png 2606:4700:3034::6815:62b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nikolaspub.brandigh.com/images/logo.png
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:62b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:02:20 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Aug 2016 10:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b67-539c95f33e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ig803lnUB0i60VAYCiELetKtGxV5SW0u6KKyMJwOs8xJF%2FHGGoqV85nIoAtruD%2FZoy0GEf88v8%2BW4ygOUqH1acSzK%2F2cc5vTHfwqL58aowNOB8i%2Bw8vS%2BtLQRLMqUBv%2BJEMf29609frxakj7g2niD%2FqUSQuTJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 774ca1dc5a92c340-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2919

GET
H3 200 logo-2.png
nikolaspub.brandigh.com/images/ 3 KB
4 KB 202ms
201ms Image
image/png 2606:4700:3034::6815:62b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nikolaspub.brandigh.com/images/logo-2.png
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:62b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:02:20 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Aug 2016 10:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c30-539c95f33e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0GzM6T3U98qtspXP2PbZMWDIDUkQ%2FdOAOYGR2Z%2BRd%2BS7aFOnliyljxxlCtaPh7Nm1S1sm7i%2B7M7V4%2FnH9E%2FDJloHVW4ckjovwrclVik1nZaULib8qPkz0beG3eXtj0rDyfkQ4gwrVYugORh4d8E1q5lGlxOkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 774ca1dc5a9cc340-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3120

GET
H3 200 1.jpg
nikolaspub.brandigh.com/images/about/ 50 KB
51 KB 191ms
189ms Image
image/jpeg 2606:4700:3034::6815:62b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nikolaspub.brandigh.com/images/about/1.jpg
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:62b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:02:20 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Aug 2016 10:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c8c7-539c95f33e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JBhirAEUD%2BJvMz87jzkGiuAhn%2Bczc8l6vffav8%2FuotVDK84W2toMZu%2BAoao0yXtQHFLOy5%2Fhkodc1f%2BE6l0edZxo%2BPfZv8k6Tevtp6Qsbk79VWgjCT%2FGEsMieGLpwPd2YUQGbNS0Udv1MXkiORoh5yTv6Wxeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 774ca1ddabdac340-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51399

GET
H3 200 2.jpg
nikolaspub.brandigh.com/images/about/ 34 KB
35 KB 229ms
225ms Image
image/jpeg 2606:4700:3034::6815:62b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nikolaspub.brandigh.com/images/about/2.jpg
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:62b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:02:20 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Aug 2016 10:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "889e-539c95f33e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMaunz%2Bt%2FbypFsiKI8heeXhDtv1eQj8XarH5JILjSqhlV2GMvJmUzDt22km5aE4Ca86giWhiYoRVxLVmpnyDoy3jpTgRNUntqypmLpTDueJIU1gvLbZOM81ripO4KFYjAH%2FnPlfdmpyHla97%2FFG2TIY%2FTaYmNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 774ca1ddbbe8c340-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34974

GET
H3 200 3.jpg
nikolaspub.brandigh.com/images/about/ 19 KB
20 KB 971ms
971ms Image
image/jpeg 2606:4700:3034::6815:62b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nikolaspub.brandigh.com/images/about/3.jpg
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:62b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nikolaspub.brandigh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:02:21 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Aug 2016 10:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4c50-539c95f33e700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFq%2BmanRw6gt4whM%2FIaMjRsl2i66hkWPQO6zJbxZxbJeopeCOHgv3QVWtGhEDTOVktVZ47%2FjAt%2F16WxvfsXfBTNWjU2q8eGpzW%2F2t%2BQia9gOhdhbuMiy1KwFGc6ojupr7I320e4TNndodgzo9u5bYWd31lQmFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 774ca1df2ddbc340-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19536

GET
H/1.1

200
OK

Primary Request index.php Show response
atedoffer.com/sweeps_12/
Redirect Chain

https://nikolaspub.brandigh.com/cl/52447_md/9/112209/7766/2272/46408
https://www.br2ghatrk.com/4J58SX/RRRCJ9/?sub1=9&sub2=52447_15&sub3=2272_46408_112209_2870647_md
https://tpltrk.com/click.php?key=tox2945u6xrr80t8feau&externalid=ed76316125f24fa79eb24fe60d89098d&target=&subid=78
https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=167022374...

63 KB
16 KB

1251ms
555ms

Document
text/html

103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Requested by: Host: nikolaspub.brandigh.com
URL: https://nikolaspub.brandigh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: a3969c386bba5da6d86881d700652443b0c1b1716245b54abdc16c301d418b80

Request headers

Referer: https://nikolaspub.brandigh.com/#cl/52447_md/9/112209/7766/2272/46408
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 15749
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Dec 2022 12:02:23 GMT
Server: nginx
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Dec 2022 12:02:22 GMT
Location: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Server: nginx/1.22.0
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked

GET
H/1.1 200
OK bootstrap.min.css
atedoffer.com/sweeps_12/assets/ 157 KB
24 KB 558ms
557ms Stylesheet
text/css 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://atedoffer.com/sweeps_12/assets/bootstrap.min.css
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 14:50:20 GMT
Server: nginx
ETag: W/"632b24ac-27288"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.css
atedoffer.com/sweeps_12/assets/ 72 KB
13 KB 561ms
560ms Stylesheet
text/css 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://atedoffer.com/sweeps_12/assets/all.css
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 9ab4f4c2fbb7f22fd22e510a5797ecb47fb1c05c60c9c7ddc578d3841adaf33f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 14:50:21 GMT
Server: nginx
ETag: W/"632b24ad-11f2d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK common.css
atedoffer.com/sweeps_12/assets/ 36 KB
8 KB 824ms
276ms Stylesheet
text/css 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://atedoffer.com/sweeps_12/assets/common.css
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 58178551ee451c1c99a6e39db8d069ff05f6ce552efdd07e17bb60a116364fcc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 14:50:29 GMT
Server: nginx
ETag: W/"632b24b5-9139"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK costco_logo.png
atedoffer.com/sweeps_12/assets/ 47 KB
47 KB 276ms
275ms Image
image/png 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/costco_logo.png
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: b13f21eacd41be13daf4cabffd39ef632cb294fa0ae3c4c440a164b227367796

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 15:30:18 GMT
Server: nginx
ETag: "632b2e0a-bab0"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47792
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 02831ab02f02782d9c47fffcfd5eadc4.png
atedoffer.com/sweeps_12/assets/ 18 KB
18 KB 287ms
283ms Image
image/png 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/02831ab02f02782d9c47fffcfd5eadc4.png
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: c0109e9747e94335267d540104b0b256bc507882206be853bfbd6b13ddb1c277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:29 GMT
Server: nginx
ETag: "632b24b5-47fb"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18427
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ninja_withoutbg.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 49 KB
50 KB 134ms
26ms Image
image/png 2600:9000:2209:ec00:b:4623:cac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ninja_withoutbg.png
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:ec00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f3b790aa9cc2b1cd997a334adaeecf7018f0e99a245fcbbae9236cdf6cd94fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: aMkeYZ9co2ctPSKoTS4R7E..zYiBiDeb
date: Mon, 05 Dec 2022 11:48:46 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
last-modified: Wed, 17 Aug 2022 10:15:21 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 819
x-amz-server-side-encryption: AES256
etag: "e7830bc2245754043948b417cd34b4a3"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 50359
x-amz-cf-id: GkbIXi6W5Ny2oG8oBRO1wn6SBHgAewJG9cb-vp4LhcPlI6zNZXlCpg==

GET
H/1.1 200
OK img_comm1.jpg
atedoffer.com/sweeps_12/assets/ 1 KB
2 KB 283ms
279ms Image
image/jpeg 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/img_comm1.jpg
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: e0ac35a4172b76e7bb06fa8e2f4e39527dfe50366252907820e40c8382d8ae32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:26 GMT
Server: nginx
ETag: "632b24b2-5b4"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1460
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img_comm2.jpg
atedoffer.com/sweeps_12/assets/ 2 KB
2 KB 302ms
294ms Image
image/jpeg 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/img_comm2.jpg
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 346beae46335c1357177bab7e5c2e9ab8fc66a6072d01365c07a59d289261239

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:25 GMT
Server: nginx
ETag: "632b24b1-66c"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1644
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ninja_comm1.jpg
atedoffer.com/sweeps_12/assets/ 84 KB
84 KB 558ms
549ms Image
image/jpeg 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/ninja_comm1.jpg
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 6308b664f9c6bf58d0b72156124742a02e9268bb011dcc9c646332b42aa03356

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 15:29:05 GMT
Server: nginx
ETag: "632b2dc1-14fe7"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85991
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img_comm6.jpg
atedoffer.com/sweeps_12/assets/ 2 KB
2 KB 424ms
273ms Image
image/jpeg 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/img_comm6.jpg
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: ac017b6fc02944f15bf393c7c4b1c551a156f82d42263708eb4f04981763f8a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:21 GMT
Server: nginx
ETag: "632b24ad-6df"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1759
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ninja_comm2.jpg
atedoffer.com/sweeps_12/assets/ 32 KB
33 KB 426ms
275ms Image
image/jpeg 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/ninja_comm2.jpg
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 44541f00fc679c328adb59e641d9064d80e0cd3ad234d747d713570f5406b56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 15:29:06 GMT
Server: nginx
ETag: "632b2dc2-80fc"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33020
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img_comm3.jpg
atedoffer.com/sweeps_12/assets/ 2 KB
2 KB 708ms
278ms Image
image/jpeg 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/img_comm3.jpg
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 31dbe4260db7bacf2577cf6e1d5d7a4c8254d7a26fd53d4cba7502f10730ac27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:23 GMT
Server: nginx
ETag: "632b24af-7d5"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2005
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ninja_comm3.jpg
atedoffer.com/sweeps_12/assets/ 62 KB
63 KB 275ms
274ms Image
image/jpeg 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/ninja_comm3.jpg
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: deabde74613977f1e233fecdac868bc6ad667a8def1b5e81e8f2364c0af7c096

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 15:29:07 GMT
Server: nginx
ETag: "632b2dc3-f996"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63894
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img_comm7.jpg
atedoffer.com/sweeps_12/assets/ 2 KB
2 KB 271ms
270ms Image
image/jpeg 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/img_comm7.jpg
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 8c8f35c0b7af4ae45f471c4dc20ad57d350b20af1b105955d3f43feff9f7a8e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:23 GMT
Server: nginx
ETag: "632b24af-693"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1683
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img_comm4.jpg
atedoffer.com/sweeps_12/assets/ 2 KB
2 KB 277ms
276ms Image
image/jpeg 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/img_comm4.jpg
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 0a880cfebad06c367994aa6daf51e526d0fc3383be6c2138099770c4003e823b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:26 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:20 GMT
Server: nginx
ETag: "632b24ac-786"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1926
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img_comm8.jpg
atedoffer.com/sweeps_12/assets/ 2 KB
2 KB 276ms
271ms Image
image/jpeg 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/img_comm8.jpg
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 445ff85d8c6c641533decf757a37daf4e8d8c6cfe3b045e13050c3efc718f546

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:26 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:41 GMT
Server: nginx
ETag: "632b24c1-7bd"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1981
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img_comm5.jpg
atedoffer.com/sweeps_12/assets/ 1 KB
2 KB 277ms
274ms Image
image/jpeg 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/img_comm5.jpg
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5dd133d056cd64224efce98aa435cb2a2d7e0e151b90bbf26c0b2a116a99c66c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:26 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:18 GMT
Server: nginx
ETag: "632b24aa-578"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1400
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK f52dd02fdbe33cb89087dd83d16dc230.png
atedoffer.com/sweeps_12/assets/ 6 KB
7 KB 699ms
269ms Image
image/png 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/f52dd02fdbe33cb89087dd83d16dc230.png
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:22 GMT
Server: nginx
ETag: "632b24ae-18d0"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6352
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK d34bd763d46c8f2ddf09fc415fbc3c06.png
atedoffer.com/sweeps_12/assets/ 10 KB
10 KB 714ms
279ms Image
image/png 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/d34bd763d46c8f2ddf09fc415fbc3c06.png
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:38 GMT
Server: nginx
ETag: "632b24be-2686"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9862
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 279132e34471a44f9e9c889082127894.png
atedoffer.com/sweeps_12/assets/ 5 KB
6 KB 282ms
279ms Image
image/png 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/assets/279132e34471a44f9e9c889082127894.png
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:26 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:32 GMT
Server: nginx
ETag: "632b24b8-150d"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5389
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-3.4.1.min.js Show response
atedoffer.com/sweeps_12/assets/ 86 KB
30 KB 1101ms
554ms Script
application/javascript 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://atedoffer.com/sweeps_12/assets/jquery-3.4.1.min.js
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 14:50:27 GMT
Server: nginx
ETag: W/"632b24b3-15850"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
atedoffer.com/sweeps_12/assets/ 62 KB
15 KB 844ms
291ms Script
application/javascript 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://atedoffer.com/sweeps_12/assets/bootstrap.min.js
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 14:50:29 GMT
Server: nginx
ETag: W/"632b24b5-f708"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK myscript.js Show response
atedoffer.com/sweeps_12/assets/ 2 KB
1 KB 837ms
284ms Script
application/javascript 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://atedoffer.com/sweeps_12/assets/myscript.js
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 0c35383071490c22f288ddc7b6ea796ba1e252b0a02fe73fa456ef5bd5a699bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 15:43:22 GMT
Server: nginx
ETag: W/"632b311a-9f7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK redirect_bin.js Show response
atedoffer.com/ 694 B
1012 B 287ms
286ms Script
application/javascript 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://atedoffer.com/redirect_bin.js
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 24227105813d57c5010e5650280f47c1de73490c3265c54ab7e1952f6aa93e47

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:24 GMT
Last-Modified: Tue, 15 Nov 2022 08:23:06 GMT
Server: nginx
ETag: "63734c6a-2b6"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 694
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK common.js Show response
atedoffer.com/sweeps_12/assets/ 49 KB
12 KB 277ms
277ms Script
application/javascript 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://atedoffer.com/sweeps_12/assets/common.js
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 4437a2d3e5d987d0d58415918abc69503157bf9618a2ed28246bb0f367a006bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Sep 2022 14:50:37 GMT
Server: nginx
ETag: W/"632b24bd-c31d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
644 B 89ms
37ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap

Requested by

Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/assets/common.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 12:02:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 11:53:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 12:02:25 GMT

GET
H/1.1 200
OK index.php
atedoffer.com/sweeps_12/ 63 KB
63 KB 432ms
282ms Image
text/html 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 15749
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK fa-solid-900.woff2
atedoffer.com/sweeps_12/assets/fonts/ 93 KB
93 KB 445ms
275ms Font
application/octet-stream 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://atedoffer.com/sweeps_12/assets/fonts/fa-solid-900.woff2
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/assets/all.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: c889fb1af64cceab36a53b3d6e622710e0880b0ed4b38be7730561105b3c5bcc

Request headers

Referer: https://atedoffer.com/sweeps_12/assets/all.css
Origin: https://atedoffer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Wed, 21 Sep 2022 14:50:50 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
ETag: "172cc-5e931122a8141"
Content-Length: 94924

GET
H/1.1 200
OK halloween_sweeps.css
atedoffer.com/ 441 B
745 B 439ms
274ms Stylesheet
text/css 103.147.122.143
VNDATA-AS-VN Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://atedoffer.com/halloween_sweeps.css
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/sweeps_12/assets/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software: nginx /
Resource Hash: bd95c41c871474a073d79599d3668ccf882edc51ca3c9b7796906976ce542fca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/sweeps_12/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76479qnpmirwj567&campaign=3821&user_id=1&clickcost=0&lander=1731&time=1670223742&browser_version=108.0.5359.94&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.45&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&lpkey=167b708f245d206442&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=qnpmirwj&uclickhash=qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 12:02:25 GMT
Last-Modified: Tue, 29 Nov 2022 11:11:41 GMT
Server: nginx
ETag: "6385e8ed-1b9"
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 441
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 christmas_banner2.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 153 KB
154 KB 30ms
29ms Image
image/jpeg 2600:9000:2209:ec00:b:4623:cac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/christmas_banner2.jpg
Requested by: Host: atedoffer.com
URL: https://atedoffer.com/halloween_sweeps.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:ec00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bb78f8a78bfcb221f40bdcf76a93e3fda7cd8f932f763d4152d7720a3a1bd88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://atedoffer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 03:03:38 GMT
x-amz-version-id: WFUWc2AgDVyWlFiK9fhNTvMg9_WaT.Wz
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
last-modified: Tue, 29 Nov 2022 11:09:15 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 32328
etag: "4ef511dfe21c89356596ceacffa1f049"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 156763
x-amz-cf-id: lrKU9lHHhsgkSjVfCjl8RlpFiz1hicVsHvm-oHUcJHoGQK2mrptE2w==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online) Customer Survey Spam (Consumer)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.br2ghatrk.com/	1970-01-20 07:57:25	Name: uniqueClick_RRRCJ9 Value: 23a6be41-6c9d-4ec6-a0b4-bfe76e5cc968:1670241741
www.br2ghatrk.com/	1970-01-20 10:06:57	Name: transaction_id Value: ed76316125f24fa79eb24fe60d89098d
tpltrk.com/	1970-01-20 07:58:48	Name: uclick Value: qnpmirwj
tpltrk.com/	1970-01-20 07:58:48	Name: uclickhash Value: qnpmirwj-qnpmirwj-gh7v-ghfe-usdv-4kuowj-4kuovr-d2b08b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atedoffer.com
code.ionicframework.com
d3e1y4kxkqljcb.cloudfront.net
fonts.googleapis.com
nikolaspub.brandigh.com
storage.googleapis.com
tpltrk.com
www.br2ghatrk.com
103.147.122.142
103.147.122.143
2600:9000:2209:ec00:b:4623:cac0:21
2606:4700:20::681a:6ad
2606:4700:3034::6815:62b
2607:f8b0:4004:c08::80
2607:f8b0:4006:81d::200a
34.95.111.143
0a880cfebad06c367994aa6daf51e526d0fc3383be6c2138099770c4003e823b
0c35383071490c22f288ddc7b6ea796ba1e252b0a02fe73fa456ef5bd5a699bb
24227105813d57c5010e5650280f47c1de73490c3265c54ab7e1952f6aa93e47
31dbe4260db7bacf2577cf6e1d5d7a4c8254d7a26fd53d4cba7502f10730ac27
346beae46335c1357177bab7e5c2e9ab8fc66a6072d01365c07a59d289261239
4437a2d3e5d987d0d58415918abc69503157bf9618a2ed28246bb0f367a006bc
44541f00fc679c328adb59e641d9064d80e0cd3ad234d747d713570f5406b56b
445ff85d8c6c641533decf757a37daf4e8d8c6cfe3b045e13050c3efc718f546
4bb78f8a78bfcb221f40bdcf76a93e3fda7cd8f932f763d4152d7720a3a1bd88
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
58178551ee451c1c99a6e39db8d069ff05f6ce552efdd07e17bb60a116364fcc
5dd133d056cd64224efce98aa435cb2a2d7e0e151b90bbf26c0b2a116a99c66c
6308b664f9c6bf58d0b72156124742a02e9268bb011dcc9c646332b42aa03356
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
7f3b790aa9cc2b1cd997a334adaeecf7018f0e99a245fcbbae9236cdf6cd94fd
8c8f35c0b7af4ae45f471c4dc20ad57d350b20af1b105955d3f43feff9f7a8e3
9ab4f4c2fbb7f22fd22e510a5797ecb47fb1c05c60c9c7ddc578d3841adaf33f
a3969c386bba5da6d86881d700652443b0c1b1716245b54abdc16c301d418b80
ac017b6fc02944f15bf393c7c4b1c551a156f82d42263708eb4f04981763f8a4
b13f21eacd41be13daf4cabffd39ef632cb294fa0ae3c4c440a164b227367796
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
bd95c41c871474a073d79599d3668ccf882edc51ca3c9b7796906976ce542fca
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c0109e9747e94335267d540104b0b256bc507882206be853bfbd6b13ddb1c277
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
c889fb1af64cceab36a53b3d6e622710e0880b0ed4b38be7730561105b3c5bcc
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
deabde74613977f1e233fecdac868bc6ad667a8def1b5e81e8f2364c0af7c096
e0ac35a4172b76e7bb06fa8e2f4e39527dfe50366252907820e40c8382d8ae32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

atedoffer.com Open in urlscan Pro 103.147.122.143 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

63 %IPv6

7 Domains

8 Subdomains

6 IPs

2 Countries

925 kBTransfer

1576 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

atedoffer.com Open in urlscan Pro
103.147.122.143 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

6
IPs

2
Countries

925 kB
Transfer

1576 kB
Size

4
Cookies

46 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!