urlscan.io logo urlscan.io
SecurityTrails logo

ratedophfer.com Open in urlscan Pro
103.147.122.143  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/1ab583605a1a9623dedf4e59f8a897/cb9958c6021ce677c1fdb4009b5f1b#cl/52208_md/8/111882/7378/2272/46408
Effective URL: https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&click...
Submission: On December 01 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 29 HTTP transactions. The main IP is 103.147.122.143, located in Viet Nam and belongs to VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN. The main domain is ratedophfer.com.
TLS certificate: Issued by R3 on October 9th 2022. Valid for: 3 months.
This is the only time ratedophfer.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious2 votes Show Verdicts

Domain & IP information

IP Address AS Autonomous System
1 2607:f8b0:400... 15169 (GOOGLE)
1 13 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 34.95.111.143 396982 (GOOGLE-CL...)
1 1 103.147.122.142 135932 (VNDATA-AS...)
8 103.147.122.143 135932 (VNDATA-AS...)
1 69.16.175.10 20446 (STACKPATH...)
4 2600:9000:207... 16509 (AMAZON-02)
29 7
1    2607:f8b0:4004:c19::80 (Washington, United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
13    2606:4700:e2::ac40:841d (United States)

ASN13335 (CLOUDFLARENET, US)
thebestornothing.brandigh.com
2    2607:f8b0:4006:821::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:20::681a:7ad (United States)

ASN13335 (CLOUDFLARENET, US)
code.ionicframework.com
1    34.95.111.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.111.95.34.bc.googleusercontent.com
www.b22trx.com
1    103.147.122.142 (Viet Nam)

ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN)
tpltrk.com
8    103.147.122.143 (Viet Nam)

ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN)
ratedophfer.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
4    2600:9000:2073:7600:b:4623:cac0:21 (United States)

ASN16509 (AMAZON-02, US)
d3e1y4kxkqljcb.cloudfront.net
Apex Domain
Subdomains		 Transfer
13 brandigh.com
thebestornothing.brandigh.com — Cisco Umbrella Rank: 193735
151 KB
8 ratedophfer.com
ratedophfer.com
31 KB
4 cloudfront.net
d3e1y4kxkqljcb.cloudfront.net
195 KB
3 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 383
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 680
33 KB
1 tpltrk.com
tpltrk.com — Cisco Umbrella Rank: 526709
1 KB
1 b22trx.com
www.b22trx.com
453 B
1 ionicframework.com
code.ionicframework.com — Cisco Umbrella Rank: 14485
9 KB
29 8
Domain Requested by
13 thebestornothing.brandigh.com 1 redirects storage.googleapis.com
thebestornothing.brandigh.com
8 ratedophfer.com thebestornothing.brandigh.com
ratedophfer.com
code.jquery.com
4 d3e1y4kxkqljcb.cloudfront.net ratedophfer.com
2 fonts.googleapis.com thebestornothing.brandigh.com
ratedophfer.com
1 code.jquery.com ratedophfer.com
1 tpltrk.com 1 redirects
1 www.b22trx.com 1 redirects
1 code.ionicframework.com thebestornothing.brandigh.com
1 storage.googleapis.com
29 9

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.brandigh.com
E1		 2022-11-27 -
2023-02-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
ionicframework.com
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
ratedophfer.com
R3		 2022-10-09 -
2023-01-07		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
Frame ID: 6AD9E17C31A7FBCF732624E5B1B65FFB
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - Online Club - We Want Your Opinion!

Page URL History Show full URLs

  1. https://storage.googleapis.com/1ab583605a1a9623dedf4e59f8a897/cb9958c6021ce677c1fdb4009b5f1b Page URL
  2. https://thebestornothing.brandigh.com/ Page URL
  3. https://thebestornothing.brandigh.com/cl/52208_md/8/111882/7378/2272/46408 HTTP 302
    https://www.b22trx.com/4J58SX/LW9WN6/?sub1=8&sub2=52208_15&sub3=2272_46408_111882_2839595_md HTTP 302
    https://tpltrk.com/click.php?key=zvhkk47fopacsfy2hbwz&externalid=8cf1cfe38eb34de59d3512bc1e7d19... HTTP 302
    https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-U... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

7
IPs

2
Countries

420 kB
Transfer

787 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/1ab583605a1a9623dedf4e59f8a897/cb9958c6021ce677c1fdb4009b5f1b Page URL
  2. https://thebestornothing.brandigh.com/ Page URL
  3. https://thebestornothing.brandigh.com/cl/52208_md/8/111882/7378/2272/46408 HTTP 302
    https://www.b22trx.com/4J58SX/LW9WN6/?sub1=8&sub2=52208_15&sub3=2272_46408_111882_2839595_md HTTP 302
    https://tpltrk.com/click.php?key=zvhkk47fopacsfy2hbwz&externalid=8cf1cfe38eb34de59d3512bc1e7d1984&target=kfc&subid=78 HTTP 302
    https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
cb9958c6021ce677c1fdb4009b5f1b
storage.googleapis.com/1ab583605a1a9623dedf4e59f8a897/ 		118 B
696 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/1ab583605a1a9623dedf4e59f8a897/cb9958c6021ce677c1fdb4009b5f1b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::80 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1286
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
118
content-type
text/html
date
Thu, 01 Dec 2022 16:44:57 GMT
etag
"b85750e3587e22aa54d780f808e27ca3"
expires
Thu, 01 Dec 2022 17:44:57 GMT
last-modified
Fri, 25 Nov 2022 14:33:10 GMT
server
UploadServer
x-goog-generation
1669386790689492
x-goog-hash
crc32c=oxBJ7g== md5=uFdQ41h+IqpU14D4COJ8ow==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
118
x-guploader-uploadid
ADPycdtmNEyD4HuOYQNMorq4wkZpuC0h9j9n9ZR9YqIyFRbra7xSj6tORXnZ4u7tI2-OTvhwECdSMrB9QBQ2W-uyvha2BQ
/
thebestornothing.brandigh.com/ 		16 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thebestornothing.brandigh.com/
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/1ab583605a1a9623dedf4e59f8a897/cb9958c6021ce677c1fdb4009b5f1b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash

Request headers

Referer
https://storage.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
772d69c3fd8fefd4-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 01 Dec 2022 17:06:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ay9xlnqwWy%2FimU%2BtcvaicxFS%2FGd59I3%2B94m%2Fh1BIx4GJFNg02Qrokp60Y4iJ3m%2BQJQSO8kgMBSKOzA56L%2FYwW6z3g2m53ak3ppoyvsw7XpFHIR3JxGNJ0kBNSVm6svpaEuJ87FuoYE7M9ZKGbXDONInYAiml75j9EDh79Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
css
fonts.googleapis.com/ 		2 KB
917 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300,700
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Dec 2022 17:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 15:45:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Dec 2022 17:06:24 GMT
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-fastly-request-id
92fcf3f6967b0ff4de955854caed1186521b0f28
date
Thu, 01 Dec 2022 17:06:24 GMT
via
1.1 varnish
content-encoding
br
expires
Thu, 01 Dec 2022 10:25:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8320
x-cache
HIT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-lga21920-LGA
last-modified
Fri, 28 Oct 2022 02:55:05 GMT
server
cloudflare
x-github-request-id
2004:701B:AD0ECD:E5E519:63887EC5
x-timer
S1669906065.596060,VS0,VE1
etag
W/"635b4489-c854"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8asuMQ3ja7gzz7q7I4jqXx21K1GzMM%2BE9cfaH%2FbDDoDk9OWUDvT8Mfbjqr%2Fw2XXgC%2FUdNG1aTEZhkCW2QKTY4C5yiOWqbdEMGwsfocFfZp8TRRBt81cf5AaJogJio%2FKzxk5VHjTHcwfrDRJ9vsO43ZDMzov"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-origin-cache
HIT
cf-ray
772d69c5aae98c83-EWR
x-cache-hits
1
bootstrap.min.css
thebestornothing.brandigh.com/css/ 		111 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thebestornothing.brandigh.com/css/bootstrap.min.css
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2016 10:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5976
etag
W/"1bd5b-539c95f33e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uc0FnhS%2FWvgGzzlSxKr1s4ACL%2Fxnrk4qcRTpLIZizGTP3yVTLcsUZLJqnAI1VXYZArnELt5%2B%2B9Evd0dw6%2B1cZkA32wbvV9vjMPeziHD9747zeCva1FopWb9RaV91IOjcGjOK2UnsJLs2fv%2FUtghS1AEkv6FN95dZTR7XPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
772d69c55ef3efd4-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
font-awesome.min.css
thebestornothing.brandigh.com/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thebestornothing.brandigh.com/css/font-awesome.min.css
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2016 10:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5976
etag
W/"55e0-539c95f33e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jFVswovp6Lgd1K0cdenW4imACMEleZdoOyFfVGo%2FbYxZp9fBwLQpup4l%2B0ssSCNSn5%2F1WCkFvlnTEWO6KXQnw%2B%2Fob0aYOprf086P6WxDqHR2g7qtEdjdlrUr9gT0dgPJZrLy%2BiphReu1ZkxK91UEBeooGN%2F7v9NPMrvwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
772d69c55ef5efd4-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
owl.carousel.css
thebestornothing.brandigh.com/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thebestornothing.brandigh.com/css/owl.carousel.css
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2016 10:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5976
etag
W/"1206-539c95f33e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5V6daPpzduyP40KJnbpYD83XCajkMmp0KQYgMDILn1cIx0jp4o9j0KUZNNhntc5rYkrnf87qfVImSf4A99QIoxo9sE0vqdNqEJjZPLuNYttrgO5zpIdrc2uzKQRpbVxtdzeVi4FBeGfHgpP%2BK7bvcuhT5hGkKn1rhg833g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
772d69c55ef7efd4-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
animate.css
thebestornothing.brandigh.com/css/ 		73 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thebestornothing.brandigh.com/css/animate.css
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2016 10:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5976
etag
W/"12279-539c95f33e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFu3WR1NUFi4WRWEx6mWdYeSmChx%2BjWcN8JA8RFQpJboLCfI88onhGPckkJ1ymCPv3OaQpM3YllgUKCZnMi1Sm7QkkOfa1ou5ProD4YfnzQzMEk1yJg83VRdqcPnGLLfXepf2k4fOLTf4JFl07%2FgHCalLLBK1%2BClH4l3AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
772d69c55ef9efd4-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.css
thebestornothing.brandigh.com/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thebestornothing.brandigh.com/css/main.css
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2016 10:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5976
etag
W/"4452-539c95f33e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnYyCXY38CUdsCMkIclRyzCWYTpZR%2BMm1FDbO5VXrdIcHEc7ScNktH60lo6hZW3msPsWgdZL7xsmSOUxSjEXrh3y5JXTBZmxw9E7jy%2Fq7OSxrZfP0w6Fcjb7tzCUSt%2BN1cz9I2gz5PRiUxW5xPqIA556pALS1v2C2Wgqeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
772d69c55efaefd4-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
responsive.css
thebestornothing.brandigh.com/css/ 		2 KB
845 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thebestornothing.brandigh.com/css/responsive.css
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2016 10:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5976
etag
W/"80f-539c95f33e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y10vT%2FxbPnW%2FUDvnXRSDkJ5H4q3lrH9HQ%2B1Wo80%2BJnknlv3loK9aNss%2F5vY6IOkroH9l2g7RZqCMtYnBtKraVnO3uDRcSk5EpvjFTLwujlCEZEe0VEEXcmRxRo%2BIyb8wLCBIBhRjT3B0DnNQTGemESKgph8xRX7NCo%2Fzvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
772d69c55efbefd4-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo.png
thebestornothing.brandigh.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thebestornothing.brandigh.com/images/logo.png
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:24 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2016 10:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5537
etag
"b67-539c95f33e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcCxJK84dheZxwxLjQedZuiV1OIgl%2F0JePIwE2GVb5tc%2FSvOO9MDMV%2B%2B0qmBOPZw5tH9TQc%2FU3wVXTgmMa0QOlBKxu7otPo8QwM1toi5Ri1qQDhUCymo0hMtiSFCYi2ZQ9OaXzmo%2BQ0iij5AX2xWmI%2BVyzxmds3itY10cA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
772d69c5ec578ce0-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2919
logo-2.png
thebestornothing.brandigh.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thebestornothing.brandigh.com/images/logo-2.png
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:24 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2016 10:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5537
etag
"c30-539c95f33e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3e3QxE%2F1xC4plmOvoO65F3cAy8uzzqZDP%2FiLXeRf5KUrJcklngqfJThTsQBAWRHq5Y4kFPdeh1xQlkVkmh1h1wl5wbCuVjlrV%2BprVGbH0CvOoSj%2B9TE3zQnK3nSpdbK8nk8gE6Flz%2FR%2BQpnLh6zc7Oc4ycJnjL9eWzyCfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
772d69c5ec598ce0-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3120
1.jpg
thebestornothing.brandigh.com/images/about/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thebestornothing.brandigh.com/images/about/1.jpg
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:24 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2016 10:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5535
etag
"c8c7-539c95f33e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlKZtR%2FvbfxKffFhl3GobSt7aFX9%2BM7x%2BYaVvj2mHul3vRXMsmVHfyGPbmlzkUjJxXqP7FetUMYYm%2BCpAxilboULoTE59nYmvQbZtHkArBVspmyRGZh7EpCkusp6a98DYNmNGc9%2Bk4SozXmFFjzr%2BTh33xDKUhvOapPBNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
772d69c62cf38ce0-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51399
2.jpg
thebestornothing.brandigh.com/images/about/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thebestornothing.brandigh.com/images/about/2.jpg
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:24 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2016 10:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5535
etag
"889e-539c95f33e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UANxl2Vwp9EJwvO5l4wvjla%2BgBnH7Ow0hj%2BEADeBtI6GKtrPc%2FZI27nDfv4pSAMVvBbAe6w4yVA%2F2WYTC%2FwZuGrRNVj4cngL7MtIXS%2BSKcb7%2FtXkpPwqscoxn9Oy0HGcWmUC0oexa2cIrUaSWmKBnxo8yKtfmTAg0BdJTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
772d69c62cf88ce0-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34974
3.jpg
thebestornothing.brandigh.com/images/about/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thebestornothing.brandigh.com/images/about/3.jpg
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thebestornothing.brandigh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:24 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2016 10:38:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5502
etag
"4c50-539c95f33e700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtgOs8wITPoWkHrbTr0voyZKRV%2BFmTDWmiVDKGrKqkbmcSG2jaTAobjb7gMWDUwewXAvxownNPsHyM72Mvi5OCWgmBTieaO95RFtNVpzGi5ylLoZFXK1FeLjz6CxIKvse3ZBzhALrOBpIedbLQl1JTyt4As%2FS85ypkhbXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
772d69c69df18ce0-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19536
Primary Request index_3_d.php
ratedophfer.com/giftcard/
Redirect Chain
  • https://thebestornothing.brandigh.com/cl/52208_md/8/111882/7378/2272/46408
  • https://www.b22trx.com/4J58SX/LW9WN6/?sub1=8&sub2=52208_15&sub3=2272_46408_111882_2839595_md
  • https://tpltrk.com/click.php?key=zvhkk47fopacsfy2hbwz&externalid=8cf1cfe38eb34de59d3512bc1e7d1984&target=kfc&subid=78
  • https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669...
46 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
Requested by
Host: thebestornothing.brandigh.com
URL: https://thebestornothing.brandigh.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software
nginx /
Resource Hash
3617f8c9e2684cd10e8f9021698228bacea4626cdf5d4b080500957047eb79ab

Request headers

Referer
https://thebestornothing.brandigh.com/#cl/52208_md/8/111882/7378/2272/46408
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
15531
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Dec 2022 17:06:26 GMT
Server
nginx
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Dec 2022 17:06:26 GMT
Location
https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
jquery-1.11.1.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.1.min.js
Requested by
Host: ratedophfer.com
URL: https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratedophfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:27 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:01 GMT
server
nginx
etag
W/"62f659d5-1762a"
vary
Accept-Encoding
x-hw
1669914387.dop008.tr2.t,1669914387.cds218.tr2.hn,1669914387.cds008.tr2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33202
main_11.js
ratedophfer.com/giftcard/assets/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ratedophfer.com/giftcard/assets/main_11.js
Requested by
Host: ratedophfer.com
URL: https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software
nginx /
Resource Hash
fee9e5f3d9555588c8a4f0a59b98adcd489883f8a9bbde4d2c8b1766de02718a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 17:06:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Nov 2022 10:24:24 GMT
Server
nginx
ETag
W/"63872f58-2ed2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
main2.css
ratedophfer.com/giftcard/assets/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ratedophfer.com/giftcard/assets/main2.css
Requested by
Host: ratedophfer.com
URL: https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software
nginx /
Resource Hash
ee66b9320a08ab1ec2d30c61564d846a9aba96ccad5c6b1cb428f376f0d8f38e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 17:06:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 11:50:22 GMT
Server
nginx
ETag
W/"637b65fe-523d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
2248cf597e3418b7229d7565490fad8d.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/ 		412 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/2248cf597e3418b7229d7565490fad8d.png
Requested by
Host: ratedophfer.com
URL: https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:7600:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4a86bb2af41f433da60e11d267c2e2f7c713d0fbb69b3938659b197325b9863

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratedophfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id
PdmLnc8qHk0VN6RuIykTNeu_yqCaKLIe
date
Thu, 01 Dec 2022 14:39:36 GMT
via
1.1 62997e8047323290451b8a864e88914c.cloudfront.net (CloudFront)
last-modified
Tue, 05 Jul 2022 18:44:44 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
8812
x-amz-server-side-encryption
AES256
etag
"cb8433c30b162d2bd96ed60be60a25a5"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
412
x-amz-cf-id
FTLCfht3y5sTSSPWZI4X150HxLDQbCxt45Tkbf9ES86g-tGUdiMayw==
redirect_bin.js
ratedophfer.com/ 		694 B
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ratedophfer.com/redirect_bin.js
Requested by
Host: ratedophfer.com
URL: https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software
nginx /
Resource Hash
24227105813d57c5010e5650280f47c1de73490c3265c54ab7e1952f6aa93e47

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 17:06:27 GMT
Last-Modified
Tue, 15 Nov 2022 08:23:06 GMT
Server
nginx
ETag
"63734c6a-2b6"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
694
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		5 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Requested by
Host: ratedophfer.com
URL: https://ratedophfer.com/giftcard/assets/main2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratedophfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Dec 2022 17:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 17:06:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Dec 2022 17:06:27 GMT
kfc.css
ratedophfer.com/giftcard/css/ 		480 B
784 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ratedophfer.com/giftcard/css/kfc.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software
nginx /
Resource Hash
12af0a37c06e631d3aaf66b39ac970e561d5854d7c93840c0e54cc64368e4eb4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 17:06:28 GMT
Last-Modified
Tue, 26 Jul 2022 11:39:39 GMT
Server
nginx
ETag
"62dfd27b-1e0"
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
480
Expires
Thu, 31 Dec 2037 23:55:55 GMT
kfc.json
ratedophfer.com/giftcard/datas/ 		841 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ratedophfer.com/giftcard/datas/kfc.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software
nginx /
Resource Hash
0d3de155b79d6088f7268d17b38b1cd58fae80e6aa83889e3e5acdf70181234a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 17:06:28 GMT
Last-Modified
Tue, 26 Jul 2022 10:53:53 GMT
Server
nginx
ETag
"349-5e4b31dc6258d"
Content-Type
application/json
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
841
halloween_sweeps.css
ratedophfer.com/ 		441 B
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ratedophfer.com/halloween_sweeps.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software
nginx /
Resource Hash
bd95c41c871474a073d79599d3668ccf882edc51ca3c9b7796906976ce542fca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 17:06:28 GMT
Last-Modified
Tue, 29 Nov 2022 11:11:41 GMT
Server
nginx
ETag
"6385e8ed-1b9"
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
441
Expires
Thu, 31 Dec 2037 23:55:55 GMT
kfc_bg.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/kfc_bg.png
Requested by
Host: ratedophfer.com
URL: https://ratedophfer.com/giftcard/css/kfc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:7600:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b40092270e6790d68235d089e6012b56001a6dc9a70cba9b03e5b789bb5ef8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratedophfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:06:29 GMT
x-amz-version-id
iAmzxQpQhpIwV6R7lOMMBYRv4qx4C8C3
via
1.1 62997e8047323290451b8a864e88914c.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jul 2022 11:28:04 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
etag
"5e7d1d0478eb7788dc6bc40702cbbe55"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
28317
x-amz-cf-id
V4irH_xduxJ6fa8rezo9rHoWc89vY__d7RluBcxwS6m1sp6o35Pubw==
christmas_banner2.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/christmas_banner2.jpg
Requested by
Host: ratedophfer.com
URL: https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:7600:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bb78f8a78bfcb221f40bdcf76a93e3fda7cd8f932f763d4152d7720a3a1bd88

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratedophfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 11:43:28 GMT
x-amz-version-id
WFUWc2AgDVyWlFiK9fhNTvMg9_WaT.Wz
via
1.1 62997e8047323290451b8a864e88914c.cloudfront.net (CloudFront)
last-modified
Tue, 29 Nov 2022 11:09:15 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
19381
etag
"4ef511dfe21c89356596ceacffa1f049"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
156763
x-amz-cf-id
aAxYH1FRkkmD6oZbK3eMRQfK4JHnjfDMjRv1VgYTtkC1V7zUCFsFOw==
conf.js
ratedophfer.com/giftcard/assets/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ratedophfer.com/giftcard/assets/conf.js?_=1669914387800
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.147.122.143 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
Software
nginx /
Resource Hash
270bc63b390eed872e8fd61ad9c12c39f864ccbb19b30c017395a913dd8ce838

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://ratedophfer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=0a3799zib1nvr041&campaign=3584&user_id=1&clickcost=0&lander=1819&time=1669896386&browser_version=108.0.5359.71&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.37&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.71%20Safari/537.36&lpkey=160a69b8919146e886&target=kfc&device=DESKTOP&country=US&ts={t9}&trafficsource=136&uclick=9zib1nvr&uclickhash=9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 17:06:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jul 2022 08:33:33 GMT
Server
nginx
ETag
W/"62e0f85d-1d8e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
04ed4a8e1480f898574bc1ed4c60878c.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/04ed4a8e1480f898574bc1ed4c60878c.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:7600:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6af0a43eb06cb6a94f43bb11dfaf558f60635ea141bb1f4cd8e806ae5eba7107

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ratedophfer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 15:43:19 GMT
x-amz-version-id
uhaUVD3mQ2r4HGnnvXm9C1A08dtxnlUi
via
1.1 62997e8047323290451b8a864e88914c.cloudfront.net (CloudFront)
last-modified
Tue, 05 Jul 2022 18:44:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
4991
etag
"68ac4fe4b1b788fc85f00f122455972d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12590
x-amz-cf-id
_3xaSLsG5bEmc1Y-M1Hr8qnAy5cvtC4QMaWFp0rv-tSizRmljZAJqQ==

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on December 1st 2022, 5:08:50 pm UTC — From United States

Threats: Brand Impersonation Phishing
Comment: Webpage is delivery system for a large phishing campaign pretending to be several large big box stores.

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery function| $_GET string| targets string| usr function| birthdayFill function| beforeShowQuestion function| loadingData function| startTimer string| target object| d object| jQuery111101489654089445258 string| redirect_url string| back_url_link function| loadingOffers function| timer1 string| titleOut

4 Cookies

Domain/Path Name / Value
www.b22trx.com/ Name: uniqueClick_LW9WN6
Value: d1e51332-4a40-473e-a18d-85e471c869eb:1669914385
www.b22trx.com/ Name: transaction_id
Value: 8cf1cfe38eb34de59d3512bc1e7d1984
tpltrk.com/ Name: uclick
Value: 9zib1nvr
tpltrk.com/ Name: uclickhash
Value: 9zib1nvr-9zib1nvr-ntib-tw0-gxib-twxi6o-twa53y-33712c