urlscan.io logo urlscan.io
SecurityTrails logo

ofoffer.com Open in urlscan Pro
91.220.101.99  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mylinku.com/ratedc
Effective URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=...
Submission: On March 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 7 domains to perform 47 HTTP transactions. The main IP is 91.220.101.99, located in Ukraine and belongs to HIGHLOADSYSTEMS, UA. The main domain is ofoffer.com.
TLS certificate: Issued by R3 on March 11th 2024. Valid for: 3 months.
This is the only time ofoffer.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 2 172.67.138.67 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 34.95.111.143 396982 (GOOGLE-CL...)
2 2 91.220.101.74 34259 (HIGHLOADS...)
28 91.220.101.99 34259 (HIGHLOADS...)
18 2600:9000:220... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
47 3
2    172.67.138.67 (United States)

ASN13335 (CLOUDFLARENET, US)
mylinku.com
2    2606:4700:3031::6815:439e (United States)

ASN13335 (CLOUDFLARENET, US)
eutrack.ing
2    34.95.111.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.111.95.34.bc.googleusercontent.com
www.bdsrvuytrck.com
2    91.220.101.74 (Ukraine)

ASN34259 (HIGHLOADSYSTEMS, UA)
PTR: srv-s74.antiddos.eu
tpktop.com
28    91.220.101.99 (Ukraine)

ASN34259 (HIGHLOADSYSTEMS, UA)
PTR: srv-s99.antiddos.eu
ofoffer.com
18    2600:9000:2209:f800:b:4623:cac0:21 (United States)

ASN16509 (AMAZON-02, US)
d3e1y4kxkqljcb.cloudfront.net
1    2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
28 ofoffer.com
ofoffer.com
283 KB
18 cloudfront.net
d3e1y4kxkqljcb.cloudfront.net
987 KB
2 tpktop.com
tpktop.com
2 KB
2 bdsrvuytrck.com
www.bdsrvuytrck.com
766 B
2 eutrack.ing
eutrack.ing
858 B
2 mylinku.com
mylinku.com
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
47 7
Domain Requested by
28 ofoffer.com ofoffer.com
18 d3e1y4kxkqljcb.cloudfront.net ofoffer.com
2 tpktop.com 2 redirects
2 www.bdsrvuytrck.com 2 redirects
2 eutrack.ing 2 redirects
2 mylinku.com 2 redirects
1 fonts.googleapis.com ofoffer.com
47 7

This site contains no links.

Subject Issuer Validity Valid
ofoffer.com
R3		 2024-03-11 -
2024-06-09		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Frame ID: 27E7A3D02EC84FDDE8D691791390F160
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - We Want Your Opinion!

Page URL History Show full URLs

  1. http://mylinku.com/ratedc HTTP 307
    https://mylinku.com/ratedc HTTP 301
    https://eutrack.ing/SmtPVXRCZUNPTWNYQ1NPa3lRVUhuZmdUdi9JNFgzTmpGK3BsaENXLy9ERWl4ajNpQUVqZFNDNHgz... HTTP 302
    https://www.bdsrvuytrck.com/58GQMR/3TD3216/?sub1=14&sub2=0_0&sub3=0_0_61700_5341435_mt HTTP 302
    https://tpktop.com/click.php?key=ihs3wzo1v6mqbkuk7itx&externalid=1092673026c24007994bad37a99957... HTTP 302
    https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US... HTTP 307
    http://mylinku.com/ratedc HTTP 307
    https://mylinku.com/ratedc HTTP 301
    https://eutrack.ing/SmtPVXRCZUNPTWNYQ1NPa3lRVUhuZmdUdi9JNFgzTmpGK3BsaENXLy9ERWl4ajNpQUVqZFNDNHgz... HTTP 302
    https://www.bdsrvuytrck.com/58GQMR/3TD3216/?sub1=14&sub2=0_0&sub3=0_0_61700_5341437_mt HTTP 302
    https://tpktop.com/click.php?key=ihs3wzo1v6mqbkuk7itx&externalid=a56d47edccde4479b9b84e465e0de6... HTTP 302
    https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US... Page URL
  2. https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

3
IPs

2
Countries

1272 kB
Transfer

1699 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mylinku.com/ratedc HTTP 307
    https://mylinku.com/ratedc HTTP 301
    https://eutrack.ing/SmtPVXRCZUNPTWNYQ1NPa3lRVUhuZmdUdi9JNFgzTmpGK3BsaENXLy9ERWl4ajNpQUVqZFNDNHgzY0VOcTJxV3pMRVhBOEp3NW1lcG96TjQvaE4zTlE9PQ__ HTTP 302
    https://www.bdsrvuytrck.com/58GQMR/3TD3216/?sub1=14&sub2=0_0&sub3=0_0_61700_5341435_mt HTTP 302
    https://tpktop.com/click.php?key=ihs3wzo1v6mqbkuk7itx&externalid=1092673026c24007994bad37a99957ab&target=&subid=94 HTTP 302
    https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=bdbfdgx4pydqe2e2&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647203&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=17f8119f665d558b03&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pydqe-zwqd-2tlp-17ir3y-ibcife-ibci0-08ae84 HTTP 307
    http://mylinku.com/ratedc HTTP 307
    https://mylinku.com/ratedc HTTP 301
    https://eutrack.ing/SmtPVXRCZUNPTWNYQ1NPa3lRVUhuZmdUdi9JNFgzTmpGK3BsaENXLy9ERWl4ajNpQUVqZFNDNHgzY0VOcTJxV3pMRVhBOEp3NW1lcG96TjQvaE4zTlE9PQ__ HTTP 302
    https://www.bdsrvuytrck.com/58GQMR/3TD3216/?sub1=14&sub2=0_0&sub3=0_0_61700_5341437_mt HTTP 302
    https://tpktop.com/click.php?key=ihs3wzo1v6mqbkuk7itx&externalid=a56d47edccde4479b9b84e465e0de62d&target=&subid=94 HTTP 302
    https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796 Page URL
  2. https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://mylinku.com/ratedc HTTP 307
  • https://mylinku.com/ratedc HTTP 301
  • https://eutrack.ing/SmtPVXRCZUNPTWNYQ1NPa3lRVUhuZmdUdi9JNFgzTmpGK3BsaENXLy9ERWl4ajNpQUVqZFNDNHgzY0VOcTJxV3pMRVhBOEp3NW1lcG96TjQvaE4zTlE9PQ__ HTTP 302
  • https://www.bdsrvuytrck.com/58GQMR/3TD3216/?sub1=14&sub2=0_0&sub3=0_0_61700_5341435_mt HTTP 302
  • https://tpktop.com/click.php?key=ihs3wzo1v6mqbkuk7itx&externalid=1092673026c24007994bad37a99957ab&target=&subid=94 HTTP 302
  • https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=bdbfdgx4pydqe2e2&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647203&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=17f8119f665d558b03&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pydqe-zwqd-2tlp-17ir3y-ibcife-ibci0-08ae84 HTTP 307
  • http://mylinku.com/ratedc HTTP 307
  • https://mylinku.com/ratedc HTTP 301
  • https://eutrack.ing/SmtPVXRCZUNPTWNYQ1NPa3lRVUhuZmdUdi9JNFgzTmpGK3BsaENXLy9ERWl4ajNpQUVqZFNDNHgzY0VOcTJxV3pMRVhBOEp3NW1lcG96TjQvaE4zTlE9PQ__ HTTP 302
  • https://www.bdsrvuytrck.com/58GQMR/3TD3216/?sub1=14&sub2=0_0&sub3=0_0_61700_5341437_mt HTTP 302
  • https://tpktop.com/click.php?key=ihs3wzo1v6mqbkuk7itx&externalid=a56d47edccde4479b9b84e465e0de62d&target=&subid=94 HTTP 302
  • https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index_28.php
ofoffer.com/sweeps_3/
Redirect Chain
  • http://mylinku.com/ratedc
  • https://mylinku.com/ratedc
  • https://eutrack.ing/SmtPVXRCZUNPTWNYQ1NPa3lRVUhuZmdUdi9JNFgzTmpGK3BsaENXLy9ERWl4ajNpQUVqZFNDNHgzY0VOcTJxV3pMRVhBOEp3NW1lcG96TjQvaE4zTlE9PQ__
  • https://www.bdsrvuytrck.com/58GQMR/3TD3216/?sub1=14&sub2=0_0&sub3=0_0_61700_5341435_mt
  • https://tpktop.com/click.php?key=ihs3wzo1v6mqbkuk7itx&externalid=1092673026c24007994bad37a99957ab&target=&subid=94
  • https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=bdbfdgx4pydqe2e2&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647203&...
  • http://mylinku.com/ratedc
  • https://mylinku.com/ratedc
  • https://eutrack.ing/SmtPVXRCZUNPTWNYQ1NPa3lRVUhuZmdUdi9JNFgzTmpGK3BsaENXLy9ERWl4ajNpQUVqZFNDNHgzY0VOcTJxV3pMRVhBOEp3NW1lcG96TjQvaE4zTlE9PQ__
  • https://www.bdsrvuytrck.com/58GQMR/3TD3216/?sub1=14&sub2=0_0&sub3=0_0_61700_5341437_mt
  • https://tpktop.com/click.php?key=ihs3wzo1v6mqbkuk7itx&externalid=a56d47edccde4479b9b84e465e0de62d&target=&subid=94
  • https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&...
1 KB
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
e4fdd7ac61625aa75e3f51d703a222a51b1c9be1f843a0c5b95a82105dd77cb4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 28 Mar 2024 22:33:24 GMT
ETag
W/"5dc1dd91-4b7"
Expires
0
Last-Modified
Tue, 05 Nov 2019 20:37:37 GMT
Pragma
no-cache
Server
openresty
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Mar 2024 22:33:24 GMT
Location
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Server
openresty
Transfer-Encoding
chunked
check.page
ofoffer.com/ 		1 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/check.page
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 28 Mar 2024 22:33:25 GMT
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/octet-stream
favicon.ico
ofoffer.com/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 13:40:34 GMT
Server
openresty
ETag
W/"b96-60eabb12cff69"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Connection
keep-alive
Primary Request index_28.php
ofoffer.com/sweeps_3/ 		77 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
08534ba8cc1d02deb1a7706b15ff5f7f20523de2a53215871b4c8e4c16122b32

Request headers

Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
18459
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Mar 2024 22:33:25 GMT
Server
openresty
Vary
Accept-Encoding
bootstrap.min.css
ofoffer.com/sweeps_3/assets/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/sweeps_3/assets/bootstrap.min.css
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Aug 2022 13:10:54 GMT
Server
openresty
ETag
W/"62e9225e-27288"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
all.css
ofoffer.com/sweeps_3/assets/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/sweeps_3/assets/all.css
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
9ab4f4c2fbb7f22fd22e510a5797ecb47fb1c05c60c9c7ddc578d3841adaf33f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Aug 2022 13:10:49 GMT
Server
openresty
ETag
W/"62e92259-11f2d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
common.css
ofoffer.com/sweeps_3/assets/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/sweeps_3/assets/common.css
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
4de2e45c454ffe47a8ca0c89690e054128a3d229da1c3dc04a3422d31ab578a9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 May 2023 17:31:53 GMT
Server
openresty
ETag
W/"646cf889-8950"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
lowes_logo.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/r_logo_style/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/r_logo_style/lowes_logo.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f73ca56021e6d72e180e534cd6c2445a40664f894a71c3fad7dfea20970ebcb2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 22:33:27 GMT
x-amz-version-id
BhqFKkNGG0tlkkvbkJPaaTQ8A5BiGK6B
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jun 2023 12:21:53 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
"fd59d1b80309e62f1ba09252a2757c37"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6241
x-amz-cf-id
M_4Lx97CAAI3hhnOU41tq1LtO8z-frvP8TDDUkZWuxhAn0V8M0muCQ==
02831ab02f02782d9c47fffcfd5eadc4.png
ofoffer.com/sweeps_3/assets/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofoffer.com/sweeps_3/assets/02831ab02f02782d9c47fffcfd5eadc4.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
c0109e9747e94335267d540104b0b256bc507882206be853bfbd6b13ddb1c277

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 02 Aug 2022 13:10:59 GMT
Server
openresty
ETag
"62e92263-47fb"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18427
Expires
Thu, 31 Dec 2037 23:55:55 GMT
%D1%81raftsman%D0%B5ool_withoutbg.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/%D1%81raftsman%D0%B5ool_withoutbg.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c447f8fc3f7728248c32fd2feebddd20478dc26df7cb421dd7bfb07a83578cef

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 16:56:52 GMT
x-amz-version-id
IoPsPPqx5tQZZlqZd4RtztbkZH019dps
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 08:08:26 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
20195
etag
"93c8d9c8060591138103f8aca69ca6e6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
44820
x-amz-cf-id
jLclWRDeADLJJ9AEsUzbpaT6o2vK2zLwDYqjWo6pBd05syIP5fkIFQ==
applause_right.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/applause_right.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
634d96d8f6889cf41fa4ab6f5dc2f31bc70dc863078820a4209a1aa1c316f3cd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5Go0pdsNY6Fh01wwj24udWlrFHPkFszs
date
Thu, 28 Mar 2024 03:43:56 GMT
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Tue, 28 Mar 2023 11:46:55 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
67771
x-amz-server-side-encryption
AES256
etag
"29cfa36f7f2f3fc252080c5baba929fb"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
72376
x-amz-cf-id
JW7IAXo10DRGf5O9hnj-eOGra7RXBiZq7UfQALQHxkGKYkN1t9NrjA==
%D1%81raftsman%D0%B5ool_gallery1.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/%D1%81raftsman%D0%B5ool_gallery1.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dc7eaddd9f27ab58969238a44c51b0f57132e62c0cc3df636a9b2dd5035733b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:16:33 GMT
x-amz-version-id
alWGMBT.kG0bM9PCtz7ULbxwwsR0FYJI
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 08:08:23 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
11814
etag
"ce4e8c302e73f7c00c520a240bf12b90"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
57619
x-amz-cf-id
3oNBiUOHChpe74eE0so7RgZNSDjkDaJj9PsL0svLbuefOkfJtjKosQ==
%D1%81raftsman%D0%B5ool_gallery2.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/%D1%81raftsman%D0%B5ool_gallery2.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a569e6e84a72779a85fca60e989bc1fd0247e23f6393124543b844c3311a72c9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 18:22:41 GMT
x-amz-version-id
7pMLQjL.PT2qQ0Vxp1KXZgSXRJ0C9N0y
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 08:08:24 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
15046
etag
"93119bb4af1cea0ec2e18fedaba23d75"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
38657
x-amz-cf-id
eBbFjtMnyjmWJ1di797IzdHP_AlTkmIBYHB-i-Kz-fw_UZ-eFmkaUQ==
%D1%81raftsman%D0%B5ool_gallery3.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/%D1%81raftsman%D0%B5ool_gallery3.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d692bd6440b05d89796e025e10c25e09bba245cc0dbd3d4b2d64232b17971f71

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:16:33 GMT
x-amz-version-id
uWhP6fU5oaQLUa4RtJ5XRQoyKqkXeMpi
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 08:08:25 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
11814
etag
"b32659f9102ad55f1a8af6bb4d254b80"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
79782
x-amz-cf-id
4q0cOk4ZSkNVA48LGWBfZWH_RgjiEizZvSM4xungPqtznUGOvqkO0w==
6fe5c805908b6c33df844854e4a2b551.jpeg
ofoffer.com/sweeps_3/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofoffer.com/sweeps_3/assets/6fe5c805908b6c33df844854e4a2b551.jpeg
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 11 Apr 2023 13:32:14 GMT
Server
openresty
ETag
"6435615e-80d"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2061
Expires
Thu, 31 Dec 2037 23:55:55 GMT
9b69072b6bef17360bbbbcd759320927.png
ofoffer.com/sweeps_3/assets/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofoffer.com/sweeps_3/assets/9b69072b6bef17360bbbbcd759320927.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 11 Apr 2023 13:32:18 GMT
Server
openresty
ETag
"64356162-1f6f"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8047
Expires
Thu, 31 Dec 2037 23:55:55 GMT
34af1aab16e86a17a97739797ecb1d53.jpeg
ofoffer.com/sweeps_3/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofoffer.com/sweeps_3/assets/34af1aab16e86a17a97739797ecb1d53.jpeg
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
017340e629175dbd707d31be94c707731fe6f51be004f85e3d50b960f34ea081

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 11 Apr 2023 13:32:12 GMT
Server
openresty
ETag
"6435615c-817"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2071
Expires
Thu, 31 Dec 2037 23:55:55 GMT
14edf36c7cab1500a22266b5e4840fb6.jpeg
ofoffer.com/sweeps_3/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofoffer.com/sweeps_3/assets/14edf36c7cab1500a22266b5e4840fb6.jpeg
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
681eb16255d904bdded2d70bce55d940f2c445fae65ef94c81f50e68c283a878

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 11 Apr 2023 13:32:19 GMT
Server
openresty
ETag
"64356163-7ec"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2028
Expires
Thu, 31 Dec 2037 23:55:55 GMT
c99c412071a84f0471410b45ae66cf7a.jpeg
ofoffer.com/sweeps_3/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofoffer.com/sweeps_3/assets/c99c412071a84f0471410b45ae66cf7a.jpeg
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 11 Apr 2023 13:32:17 GMT
Server
openresty
ETag
"64356161-73f"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
Expires
Thu, 31 Dec 2037 23:55:55 GMT
9a2c51383c3da8c1aabfc47ea1e10496.jpeg
ofoffer.com/sweeps_3/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofoffer.com/sweeps_3/assets/9a2c51383c3da8c1aabfc47ea1e10496.jpeg
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 11 Apr 2023 13:32:14 GMT
Server
openresty
ETag
"6435615e-88e"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2190
Expires
Thu, 31 Dec 2037 23:55:55 GMT
%D1%81raftsman%D0%B5ool_comm1.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/%D1%81raftsman%D0%B5ool_comm1.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40c196de689a65749ac0e74194a3720234ac5ed372ad76c9d2282d9727bd66f2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:16:33 GMT
x-amz-version-id
ehi.iP6sFHcP44ORY14C008oq1Mkswue
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 08:08:19 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
11814
etag
"149ad82a04dfece36d7fc7b1d04096c8"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
83263
x-amz-cf-id
5ukJkubXAiXFm0AudkXj4W5F1NlCGsKkHQTqgtqlv5acf0sQdE8XwA==
ef9b6be7d049dc7a990ba3254e87b6b1.jpeg
ofoffer.com/sweeps_3/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofoffer.com/sweeps_3/assets/ef9b6be7d049dc7a990ba3254e87b6b1.jpeg
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 11 Apr 2023 13:32:19 GMT
Server
openresty
ETag
"64356163-815"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2069
Expires
Thu, 31 Dec 2037 23:55:55 GMT
%D1%81raftsman%D0%B5ool_comm3.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/%D1%81raftsman%D0%B5ool_comm3.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fdd42341cf5fad950d35f47b6b795e9d5367b9d3a58a9a5061aa6e52e6288c15

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 18:22:41 GMT
x-amz-version-id
MiAFyT9_ZHYI09eNE5HzErPY4cl_Hfde
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 08:08:21 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
15046
etag
"3f154a7fc0e54ed25083c4fb023db8dc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
119176
x-amz-cf-id
b9MITKAkHcfwIvfARbgPyWXrbzyHPka-8sN8x1Xa98zp25SNPCjsAg==
36a97024256baff8b1050759dd72ef30.jpeg
ofoffer.com/sweeps_3/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofoffer.com/sweeps_3/assets/36a97024256baff8b1050759dd72ef30.jpeg
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 11 Apr 2023 13:32:15 GMT
Server
openresty
ETag
"6435615f-785"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1925
Expires
Thu, 31 Dec 2037 23:55:55 GMT
%D1%81raftsman%D0%B5ool_comm2.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/%D1%81raftsman%D0%B5ool_comm2.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a66de073ce9ec8170ecdab083886f5076ef8260f6f11124bb50a1d6259329693

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:16:33 GMT
x-amz-version-id
fcdVpy8iirOXSdSshwYseW3bk9M5ULf3
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 08:08:20 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
11814
etag
"eb7cd0f8b92e7ff1d694a0eda31edff5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
70391
x-amz-cf-id
cTWN8eWElmQ7N_DlJAMwKnFAq741ZAchEZ9hGgtJxWJMP-AV4LBMhw==
933fbd09f111fa8eb4eaf8fc44cabc8c.jpeg
ofoffer.com/sweeps_3/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofoffer.com/sweeps_3/assets/933fbd09f111fa8eb4eaf8fc44cabc8c.jpeg
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
705538aaab254034d9e5e5505ca773c1dc9936c87c1128ad49a8b2a9d0aa87fb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 11 Apr 2023 13:32:17 GMT
Server
openresty
ETag
"64356161-756"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1878
Expires
Thu, 31 Dec 2037 23:55:55 GMT
279132e34471a44f9e9c889082127894.png
ofoffer.com/sweeps_3/assets/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofoffer.com/sweeps_3/assets/279132e34471a44f9e9c889082127894.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 02 Aug 2022 13:10:59 GMT
Server
openresty
ETag
"62e92263-150d"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5389
Expires
Thu, 31 Dec 2037 23:55:55 GMT
applause_right.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/applause_right.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
634d96d8f6889cf41fa4ab6f5dc2f31bc70dc863078820a4209a1aa1c316f3cd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5Go0pdsNY6Fh01wwj24udWlrFHPkFszs
date
Thu, 28 Mar 2024 03:43:56 GMT
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Tue, 28 Mar 2023 11:46:55 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
67771
x-amz-server-side-encryption
AES256
etag
"29cfa36f7f2f3fc252080c5baba929fb"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
72376
x-amz-cf-id
Fi137_JwkGFGLKqVGqvl0j9O8_d8_p9WRk2JPZiVXPfZ93Kk5iedZg==
%D1%81raftsman%D0%B5ool_withoutbg.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/%D1%81raftsman%D0%B5ool_withoutbg.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c447f8fc3f7728248c32fd2feebddd20478dc26df7cb421dd7bfb07a83578cef

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 22:33:27 GMT
x-amz-version-id
IoPsPPqx5tQZZlqZd4RtztbkZH019dps
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 08:08:26 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
"93c8d9c8060591138103f8aca69ca6e6"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
44820
x-amz-cf-id
8exWlpIxRUqCyZsYNVgP5LUjLxX1euq8iyr1Ne4vqx9b-ZdbUH6JHg==
%D1%81raftsman%D0%B5ool_gallery1.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/%D1%81raftsman%D0%B5ool_gallery1.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dc7eaddd9f27ab58969238a44c51b0f57132e62c0cc3df636a9b2dd5035733b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 22:33:27 GMT
x-amz-version-id
alWGMBT.kG0bM9PCtz7ULbxwwsR0FYJI
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 08:08:23 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
"ce4e8c302e73f7c00c520a240bf12b90"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
57619
x-amz-cf-id
r4WIsjCnmMmnnoJgqLhbFJoaiZB8pK3QgWxZoaO072CAfO222BegpA==
%D1%81raftsman%D0%B5ool_gallery2.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/%D1%81raftsman%D0%B5ool_gallery2.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a569e6e84a72779a85fca60e989bc1fd0247e23f6393124543b844c3311a72c9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 22:33:27 GMT
x-amz-version-id
7pMLQjL.PT2qQ0Vxp1KXZgSXRJ0C9N0y
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 08:08:24 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
"93119bb4af1cea0ec2e18fedaba23d75"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
38657
x-amz-cf-id
I3xAY5HtAIFZmzDZsZG0eNzYId1M-R1_x7T7OXSwclA3IwnYBWbRyQ==
%D1%81raftsman%D0%B5ool_gallery3.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/%D1%81raftsman%D0%B5ool_gallery3.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d692bd6440b05d89796e025e10c25e09bba245cc0dbd3d4b2d64232b17971f71

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 22:33:27 GMT
x-amz-version-id
uWhP6fU5oaQLUa4RtJ5XRQoyKqkXeMpi
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 08:08:25 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
"b32659f9102ad55f1a8af6bb4d254b80"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
79782
x-amz-cf-id
n3M6tV7YOp3tudlGNG9Vfy3Y6h15_3Mw1ZeDlbNHHX_k83cYKyKISg==
9b69072b6bef17360bbbbcd759320927.png
ofoffer.com/sweeps_3/assets/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofoffer.com/sweeps_3/assets/9b69072b6bef17360bbbbcd759320927.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 11 Apr 2023 13:32:18 GMT
Server
openresty
ETag
"64356162-1f6f"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8047
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.4.1.min.js
ofoffer.com/sweeps_3/assets/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/sweeps_3/assets/jquery-3.4.1.min.js
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Aug 2022 13:10:57 GMT
Server
openresty
ETag
W/"62e92261-15850"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
ofoffer.com/sweeps_3/assets/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/sweeps_3/assets/bootstrap.min.js
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Aug 2022 13:11:00 GMT
Server
openresty
ETag
W/"62e92264-f708"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
myscript.js
ofoffer.com/sweeps_3/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/sweeps_3/assets/myscript.js
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
7e3152c67855b1a9811d8b9495944413a0c71654fc51aa8003a8fd89fe5c26d9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Jun 2023 14:29:08 GMT
Server
openresty
ETag
W/"649af234-774"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
redirect_bin_withoutcomm.js
ofoffer.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/redirect_bin_withoutcomm.js
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
3d9dc0f0586e931ce59ae1dae6f555a5030a9364619ec892146e7bfd2cd3898d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Feb 2024 20:17:09 GMT
Server
openresty
ETag
W/"65d8fd45-8af"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
common.js
ofoffer.com/sweeps_3/assets/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/sweeps_3/assets/common.js
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
89b8e11380614d44b487e0545781c79163bc9660a0c8b3676d4782c1bf22341e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 11:15:02 GMT
Server
openresty
ETag
W/"649d67b6-c31d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/assets/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c718fdc9a84ed8781de12f63ff59f8d189727486c36024ee6dde16d90e368bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Mar 2024 22:33:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Mar 2024 22:33:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Mar 2024 22:33:26 GMT
lowesbg_new.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/lowesbg_new.jpg
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82cb9a2b387adc46c35e3541e311d16f48ec2695536c8698ac3dc4f1817daa60

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 21:01:17 GMT
x-amz-version-id
XHPJuygo1GkPzoHyOGwVL5CAmK0_Dyav
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 16 Aug 2023 14:38:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
5530
etag
"c57bcfefdc11bfbbd6d8f09a3acb6664"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
33718
x-amz-cf-id
husTCeTVASe27xfzxdxMQK_BdTgObl--gP-73Tk24uzfnac-T0dP7w==
icomoon.ttf
ofoffer.com/sweeps_3/assets/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/sweeps_3/assets/fonts/icomoon.ttf?9ovn56
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
a61de55d5386f979762aa7a5cfc75acc1d8e483c7ae047612185ea36fb497ce9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
Origin
https://ofoffer.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 11 Apr 2023 13:31:52 GMT
Server
openresty
ETag
"64356148-67c"
Content-Type
application/octet-stream
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1660
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-solid-900.woff2
ofoffer.com/sweeps_3/assets/fonts/ 		93 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/sweeps_3/assets/fonts/fa-solid-900.woff2
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/assets/all.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
c889fb1af64cceab36a53b3d6e622710e0880b0ed4b38be7730561105b3c5bcc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/assets/all.css
Origin
https://ofoffer.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:26 GMT
Last-Modified
Tue, 02 Aug 2022 13:11:19 GMT
Server
openresty
ETag
"172cc-5e541da309b5a"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
94924
addstyle.css
ofoffer.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/addstyle.css
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/sweeps_3/assets/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
aa33d368ab6439ee630b2f8cbe54c29e2aec4693686398a329a6f03d36bc3601

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2024 08:56:15 GMT
Server
openresty
ETag
W/"65fd47af-18e1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
happyeaster_banner.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/happyeaster_banner.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/addstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
764ccd8d4afafbe13a76eead93e8bba6e33b04f47b09f101cc65c4bd31ea6b33

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
0EB5H.O4FmcgtTFobQqDMm2R0.dsbjzb
date
Thu, 28 Mar 2024 20:47:50 GMT
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Fri, 15 Mar 2024 17:45:07 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
6338
x-amz-server-side-encryption
AES256
etag
"0626f162708da72d28712df081eb857e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
86331
x-amz-cf-id
j2336XS-ydrA-l-pYf7TL-YoRzSrLhn34ivZASTBfC81nWutaGcN5Q==
att_icon.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/att_icon.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/addstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e00b364233013e5c4374b421cc748f69433c5bd0792c6bfbc2e880505364f81

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
heRgZ.5FRE8WAh.Zfn7dHkF3y034Rcqp
date
Thu, 28 Mar 2024 10:47:18 GMT
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Fri, 11 Aug 2023 11:44:24 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
42370
x-amz-server-side-encryption
AES256
etag
"4702d38ee49ea627957715d44a56aeb2"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1939
x-amz-cf-id
qxPPergomkPHnh1DqeXk3yoIuGGN70J_p2MzjhaSPNvwBmZmtXZIvQ==
sprite_comment1.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/sprite_comment1.png
Requested by
Host: ofoffer.com
URL: https://ofoffer.com/addstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbfaf34950c7a7cd2047c03957476327d776836c6afb188054bb11db41a088b4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
DurS4.baYLs3466NlANaKbJGYc.zs98N
date
Thu, 28 Mar 2024 10:28:40 GMT
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 09:03:47 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
43488
x-amz-server-side-encryption
AES256
etag
"596dfe1ec4383e41ef76376bfb062b2b"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15408
x-amz-cf-id
q-c-QDGB9bMt392RSoVYGIpR7IEad0aiQE_wwMW0W5mqyfnBB1ru0w==
2d57582017fdd1a91d6bf3a47b940401.ico
ofoffer.com/sweeps_3/assets/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ofoffer.com/sweeps_3/assets/2d57582017fdd1a91d6bf3a47b940401.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HIGHLOADSYSTEMS, UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
703063f5cfebf76bd6190dd87052d6664d3a0fcf474d837d89f6b7fae7a8f3b5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ofoffer.com/sweeps_3/index_28.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Miami&clickid=21cd5gx4pyd5m01d&campaign=6527&user_id=1&clickcost=0&lander=2374&time=1711647204&browser_version=123.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Cogent%20Communications&ip=38.132.118.72&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&lpkey=176e11ef66be550304&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=136&domain=tpktop.com&uclick=gx4pydqe&uclickhash=gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 22:33:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Aug 2022 13:11:06 GMT
Server
openresty
ETag
W/"62e9226a-3c2e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/x-icon
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| $ function| jQuery object| bootstrap function| datehax function| startTimer function| $_GET string| dmn string| redirect_url string| back_url_link object| months function| days object| time object| d string| dateNow object| el object| $curr object| data string| surveyid string| attrChoices string| domain number| count string| pipeline string| zipcode string| state_selected boolean| processing object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| processQuestion function| nextQuestion function| replaceUrlParam function| popunder number| box_trying boolean| oneclick function| formatPhoneNumber function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| overflowP function| showDisclaimer function| preventS function| comment function| like number| sId number| qId number| numStep boolean| swU function| createQuestionU function| nextQuestionU function| validateData function| showStreetStateU function| showModal function| showOfferWallU

7 Cookies

Domain/Path Name / Value
ofoffer.com/sweeps_3 Name: referrer
Value:
mylinku.com/ Name: PHPSESSID
Value: b1e31c1ff250c55b4563dd3dd27d2aaa
www.bdsrvuytrck.com/ Name: uniqueClick_3TD3216
Value: 5c9a0bfa-ad7b-4b0f-9284-ac493b11a76e:1711665202
tpktop.com/ Name: uclick
Value: gx4pydqe
mylinku.com/ Name: s_statistics_2434
Value: 1
www.bdsrvuytrck.com/ Name: transaction_id
Value: 1092673026c24007994bad37a99957ab|a56d47edccde4479b9b84e465e0de62d
tpktop.com/ Name: uclickhash
Value: gx4pydqe-gx4pyd5m-zwqd-2tlp-17ir3y-ibcife-ibci0-418796

1 Console Messages

Source Level URL
Text
network error URL: https://ofoffer.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d3e1y4kxkqljcb.cloudfront.net
eutrack.ing
fonts.googleapis.com
mylinku.com
ofoffer.com
tpktop.com
www.bdsrvuytrck.com
172.67.138.67
2600:9000:2209:f800:b:4623:cac0:21
2606:4700:3031::6815:439e
2607:f8b0:4006:80f::200a
34.95.111.143
91.220.101.74
91.220.101.99
017340e629175dbd707d31be94c707731fe6f51be004f85e3d50b960f34ea081
08534ba8cc1d02deb1a7706b15ff5f7f20523de2a53215871b4c8e4c16122b32
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d
1c718fdc9a84ed8781de12f63ff59f8d189727486c36024ee6dde16d90e368bc
1dc7eaddd9f27ab58969238a44c51b0f57132e62c0cc3df636a9b2dd5035733b
1e00b364233013e5c4374b421cc748f69433c5bd0792c6bfbc2e880505364f81
3d9dc0f0586e931ce59ae1dae6f555a5030a9364619ec892146e7bfd2cd3898d
40c196de689a65749ac0e74194a3720234ac5ed372ad76c9d2282d9727bd66f2
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4de2e45c454ffe47a8ca0c89690e054128a3d229da1c3dc04a3422d31ab578a9
634d96d8f6889cf41fa4ab6f5dc2f31bc70dc863078820a4209a1aa1c316f3cd
681eb16255d904bdded2d70bce55d940f2c445fae65ef94c81f50e68c283a878
703063f5cfebf76bd6190dd87052d6664d3a0fcf474d837d89f6b7fae7a8f3b5
705538aaab254034d9e5e5505ca773c1dc9936c87c1128ad49a8b2a9d0aa87fb
764ccd8d4afafbe13a76eead93e8bba6e33b04f47b09f101cc65c4bd31ea6b33
7e3152c67855b1a9811d8b9495944413a0c71654fc51aa8003a8fd89fe5c26d9
82cb9a2b387adc46c35e3541e311d16f48ec2695536c8698ac3dc4f1817daa60
89b8e11380614d44b487e0545781c79163bc9660a0c8b3676d4782c1bf22341e
9ab4f4c2fbb7f22fd22e510a5797ecb47fb1c05c60c9c7ddc578d3841adaf33f
a569e6e84a72779a85fca60e989bc1fd0247e23f6393124543b844c3311a72c9
a61de55d5386f979762aa7a5cfc75acc1d8e483c7ae047612185ea36fb497ce9
a66de073ce9ec8170ecdab083886f5076ef8260f6f11124bb50a1d6259329693
aa33d368ab6439ee630b2f8cbe54c29e2aec4693686398a329a6f03d36bc3601
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
c0109e9747e94335267d540104b0b256bc507882206be853bfbd6b13ddb1c277
c447f8fc3f7728248c32fd2feebddd20478dc26df7cb421dd7bfb07a83578cef
c889fb1af64cceab36a53b3d6e622710e0880b0ed4b38be7730561105b3c5bcc
cbfaf34950c7a7cd2047c03957476327d776836c6afb188054bb11db41a088b4
d692bd6440b05d89796e025e10c25e09bba245cc0dbd3d4b2d64232b17971f71
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
e4fdd7ac61625aa75e3f51d703a222a51b1c9be1f843a0c5b95a82105dd77cb4
f73ca56021e6d72e180e534cd6c2445a40664f894a71c3fad7dfea20970ebcb2
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b
fdd42341cf5fad950d35f47b6b795e9d5367b9d3a58a9a5061aa6e52e6288c15