urlscan.io logo urlscan.io
SecurityTrails logo

newoffercloud.com Open in urlscan Pro
212.28.189.234  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dehvg.blob.core.windows.net/pqowsn/ladnh.html
Effective URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea...
Submission: On December 17 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 41 HTTP transactions. The main IP is 212.28.189.234, located in Italy and belongs to . The main domain is newoffercloud.com.
TLS certificate: Issued by R11 on December 5th 2024. Valid for: 3 months.
This is the only time newoffercloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 57.150.27.161 8075 (MICROSOFT...)
1 1 192.254.71.10 31863 (DACEN-2)
1 1 91.220.101.80 34259 (HighLoadS...)
26 212.28.189.234 ()
1 142.250.72.106 15169 (GOOGLE)
4 104.17.25.14 13335 (CLOUDFLAR...)
3 150.171.27.10 8075 (MICROSOFT...)
2 142.251.40.163 15169 (GOOGLE)
2 13.107.253.40 8075 (MICROSOFT...)
1 172.175.38.6 8075 (MICROSOFT...)
41 8
2    57.150.27.161 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dehvg.blob.core.windows.net
1    192.254.71.10 (United States)

ASN31863 (DACEN-2, US)
www.workjamtech.com
1    91.220.101.80 (Ukraine)

ASN34259 (HighLoadSystems TOV "Highload Systems", UA)
PTR: srv-s80.antiddos.eu
thestpl.com
26    212.28.189.234 (Italy)

ASN ()
PTR: vmi2324645.contaboserver.net
newoffercloud.com
1    142.250.72.106 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f10.1e100.net
fonts.googleapis.com
4    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    150.171.27.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    142.251.40.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f3.1e100.net
fonts.gstatic.com
2    13.107.253.40 (Redmond, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    172.175.38.6 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
k.clarity.ms
Apex Domain
Subdomains		 Transfer
26 newoffercloud.com
newoffercloud.com
632 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
126 KB
3 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
k.clarity.ms — Cisco Umbrella Rank: 8151
30 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 359
17 KB
2 gstatic.com
fonts.gstatic.com
72 KB
2 windows.net
dehvg.blob.core.windows.net
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 thestpl.com
thestpl.com
1 KB
1 workjamtech.com
www.workjamtech.com
657 B
41 9
Domain Requested by
26 newoffercloud.com newoffercloud.com
cdnjs.cloudflare.com
4 cdnjs.cloudflare.com newoffercloud.com
cdnjs.cloudflare.com
3 bat.bing.com newoffercloud.com
bat.bing.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 fonts.gstatic.com fonts.googleapis.com
2 dehvg.blob.core.windows.net
1 k.clarity.ms www.clarity.ms
1 fonts.googleapis.com newoffercloud.com
1 thestpl.com 1 redirects
1 www.workjamtech.com 1 redirects
41 10

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-10-23 -
2025-04-21		 6 months crt.sh
newoffercloud.com
R11		 2024-12-05 -
2025-03-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-12-15 -
2025-06-13		 6 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Frame ID: 472F788600E644D439C3A7670ADDAF85
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WINNER: Best New Technology Advance -- 2024!

Page URL History Show full URLs

  1. http://dehvg.blob.core.windows.net/pqowsn/ladnh.html HTTP 307
    https://dehvg.blob.core.windows.net/pqowsn/ladnh.html Page URL
  2. https://www.workjamtech.com/3ZSTW5S/Z5FSKLB/ HTTP 302
    https://thestpl.com/click.php?key=n11remmoy6m5shrajo0y&externalid=909b879f8f8844c69698f3ac09b5c7... HTTP 302
    https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&ci... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

8
IPs

4
Countries

880 kB
Transfer

4333 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dehvg.blob.core.windows.net/pqowsn/ladnh.html HTTP 307
    https://dehvg.blob.core.windows.net/pqowsn/ladnh.html Page URL
  2. https://www.workjamtech.com/3ZSTW5S/Z5FSKLB/ HTTP 302
    https://thestpl.com/click.php?key=n11remmoy6m5shrajo0y&externalid=909b879f8f8844c69698f3ac09b5c762&target=&affid=1847 HTTP 302
    https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://dehvg.blob.core.windows.net/pqowsn/ladnh.html HTTP 307
  • https://dehvg.blob.core.windows.net/pqowsn/ladnh.html

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ladnh.html
dehvg.blob.core.windows.net/pqowsn/
Redirect Chain
  • http://dehvg.blob.core.windows.net/pqowsn/ladnh.html
  • https://dehvg.blob.core.windows.net/pqowsn/ladnh.html
175 B
578 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dehvg.blob.core.windows.net/pqowsn/ladnh.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
57.150.27.161 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
977b8feb1c0e39b27ee69f6bb66ec728a90d3f60c016ee7b6b8ae6bc85a8bc2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Length
175
Content-MD5
3FI5ON7JxR2lcZjmLpam2g==
Content-Type
text/html
Date
Tue, 17 Dec 2024 19:12:43 GMT
ETag
0x8DD1EC081E8D9A9
Last-Modified
Tue, 17 Dec 2024 17:30:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
a48e3cbf-b01e-0092-28b7-50c521000000
x-ms-version
2009-09-19

Redirect headers

Location
https://dehvg.blob.core.windows.net/pqowsn/ladnh.html
Non-Authoritative-Reason
HttpsUpgrades
Primary Request index.php
newoffercloud.com/bntdrone/
Redirect Chain
  • https://www.workjamtech.com/3ZSTW5S/Z5FSKLB/
  • https://thestpl.com/click.php?key=n11remmoy6m5shrajo0y&externalid=909b879f8f8844c69698f3ac09b5c762&target=&affid=1847
  • https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&br...
27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
69db5999e3f448bcbfb631aded2ff4469efcc3dcf4e3961f624ce5d70c0fc303

Request headers

Referer
https://dehvg.blob.core.windows.net/pqowsn/ladnh.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
8075
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Dec 2024 19:12:46 GMT
Server
openresty
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Dec 2024 19:12:45 GMT
Location
https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Server
openresty
Transfer-Encoding
chunked
favicon.ico
dehvg.blob.core.windows.net/ 		226 B
485 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dehvg.blob.core.windows.net/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
57.150.27.161 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dehvg.blob.core.windows.net/pqowsn/ladnh.html

Response headers

x-ms-request-id
a48e3d32-b01e-0092-11b7-50c521000000
Content-Length
226
Date
Tue, 17 Dec 2024 19:12:43 GMT
Content-Type
application/xml
Server
Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
font-awesome.min.css
newoffercloud.com/bntdrone/assets/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/bntdrone/assets/font-awesome.min.css
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"6747030a-7918"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Tue, 17 Dec 2024 19:12:46 GMT
Content-Type
text/css
Last-Modified
Wed, 27 Nov 2024 11:31:22 GMT
Server
openresty
Vary
Accept-Encoding
css
fonts.googleapis.com/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f10.1e100.net
Software
ESF /
Resource Hash
c08e11ca159584d59d45e9f4ffdd2bbe130f670fc8e7223601787dadad8351d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 19:12:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 19:12:47 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 17 Dec 2024 17:39:36 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.css
newoffercloud.com/bntdrone/assets/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/bntdrone/assets/bootstrap.css
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
af4ac87c5bf890a1dfde787443a1b6f97e8b8bbb726963cc957fb0b754c4d1e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"67470309-1d76a"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Tue, 17 Dec 2024 19:12:46 GMT
Content-Type
text/css
Last-Modified
Wed, 27 Nov 2024 11:31:21 GMT
Server
openresty
Vary
Accept-Encoding
custom.css
newoffercloud.com/bntdrone/assets/ 		397 B
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/bntdrone/assets/custom.css
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
d6d26300c54f0ed71972ed25fab88c86b8b10a96f391d758217cd0917ef5f274

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"67470308-18d"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
397
Date
Tue, 17 Dec 2024 19:12:46 GMT
Content-Type
text/css
Last-Modified
Wed, 27 Nov 2024 11:31:20 GMT
Server
openresty
sidebar.css
newoffercloud.com/bntdrone/assets/ 		1 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/bntdrone/assets/sidebar.css
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
52fa7c6f5c8be9a1a28147e003875981978b1a67eb3f4d6b7045ed2fdf2d5307

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"6747030a-450"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
text/css
Last-Modified
Wed, 27 Nov 2024 11:31:22 GMT
Server
openresty
Vary
Accept-Encoding
style2new.css
newoffercloud.com/bntdrone/assets/ 		48 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/bntdrone/assets/style2new.css?v=1.8
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
bbc2e8015d99f1d3644636bcb901867d824614e08f298494d4a1a0ce1a2eedee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"6747030c-be3b"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
text/css
Last-Modified
Wed, 27 Nov 2024 11:31:24 GMT
Server
openresty
Vary
Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"603e8adc-15d9d"
age
1612000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T55lTX6XHibmkgt7NG1BaNuvkv%2FjLzhRQrF1rr0HaPLIxkITUNeU1YoVNOxET653goRBa1OsN7DNFARY4squt9S%2BsfpVljNWtm%2BDW3PcGPLf0mD6CNrFAY74dY%2Fx9s23nwKDaG0E"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 19:12:46 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 19:12:46 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f393a0598876a56-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
27938
server
cloudflare
sticky.js
newoffercloud.com/bntdrone/assets/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/bntdrone/assets/sticky.js
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
f68354c8fd35a86be8eefae76be49af89cc6ba239c29e8e86f2b501dfb7ce1db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"67470307-1c1d"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Wed, 27 Nov 2024 11:31:19 GMT
Server
openresty
Vary
Accept-Encoding
scripts.js
newoffercloud.com/bntdrone/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/bntdrone/assets/scripts.js
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
8f60a83a9bdc5eaf4698506dcdba5be73e9f08ff7232862ce27fdb38a359f064

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"6747030a-fa9"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Wed, 27 Nov 2024 11:31:22 GMT
Server
openresty
Vary
Accept-Encoding
bootstrap.js
newoffercloud.com/bntdrone/assets/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/bntdrone/assets/bootstrap.js
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
f25762c95fd82e39c32fa642825f3550cdd41463243eb14e08d2572f78ad06bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"67470309-9037"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Wed, 27 Nov 2024 11:31:21 GMT
Server
openresty
Vary
Accept-Encoding
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/ 		55 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e60-da9f"
age
417037
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hb4T1lNNFxZZ0pvPv8IVJkpo5n%2FdN56k3uNbwyxPS7Bu39Ld7P1ECAEMBJ5DBVkEXm8zTr2DtKPDITZ6tn0ooFch5rSlMAASEFls3lKivBVFJ1sGHSS82Dvmrifqa1k4PC4k1NNw"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 19:12:46 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 19:12:46 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:08 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f393a0598866a56-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
9939
server
cloudflare
lozad.min.js
newoffercloud.com/bntdrone/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/bntdrone/assets/lozad.min.js
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
7f803337d01a657607bca6b20e06f371c3895b36a5f2be03a8fa9b5e16c9a83e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"67470307-b42"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Wed, 27 Nov 2024 11:31:19 GMT
Server
openresty
Vary
Accept-Encoding
us.png
newoffercloud.com/bntdrone/assets/ 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/us.png
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
25be2de75e2d2e55620068642f3225a7f90ff68fad65b6d1dc9d63daeafdbb74

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"67470307-2f4"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
756
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/png
Last-Modified
Wed, 27 Nov 2024 11:31:19 GMT
Server
openresty
author1small.png
newoffercloud.com/bntdrone/assets/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/author1small.png
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
825df2775508a7f4347508a7de377050fe14588ed662aecdf54d9b2a6a01a57c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"6747030c-187c"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
6268
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/png
Last-Modified
Wed, 27 Nov 2024 11:31:24 GMT
Server
openresty
drone_04.jpg
newoffercloud.com/bntdrone/assets/ 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/drone_04.jpg
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
651edf311b04750b2e243a9faaba7c3519abd1292572c5f49812ca3115a1f770

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"67470309-3233f"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
205631
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 27 Nov 2024 11:31:21 GMT
Server
openresty
drone_01.jpg
newoffercloud.com/bntdrone/assets/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/drone_01.jpg
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
cdc3cffb0235970759044333dbda17b79f08a573d73afda6aa90b912e495553a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"6747030a-7feb"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
32747
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 27 Nov 2024 11:31:22 GMT
Server
openresty
11.gif
newoffercloud.com/bntdrone/assets/ 		2 MB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/11.gif?v=1.80
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"6747030f-22550b"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
2249995
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/gif
Last-Modified
Wed, 27 Nov 2024 11:31:27 GMT
Server
openresty
7.jpg
newoffercloud.com/bntdrone/assets/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/7.jpg?v=1.50
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
718643c5ceb3d4a566c3b1fc254eb35d853d7df1caecde7bb5c34a60bdef93a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"6747030b-1386a"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
79978
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 27 Nov 2024 11:31:23 GMT
Server
openresty
14.gif
newoffercloud.com/bntdrone/assets/ 		1 MB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/14.gif?v=1.80
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"67470310-4fb23d"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
5222973
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/gif
Last-Modified
Wed, 27 Nov 2024 11:31:28 GMT
Server
openresty
4.jpg
newoffercloud.com/bntdrone/assets/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/4.jpg
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
acd449c4081501e9e6c323eceac4680ac3042d7eb97644e87db5cda3cc17368e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"6747030b-11528"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
70952
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 27 Nov 2024 11:31:23 GMT
Server
openresty
06.jpg
newoffercloud.com/bntdrone/assets/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/06.jpg?v=1.80
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
f3e383f6f19bddf02d7a4adae53245c433557670f208024882aaf4f361ba064a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"67470309-13fa6"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
81830
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 27 Nov 2024 11:31:21 GMT
Server
openresty
4.png
newoffercloud.com/bntdrone/assets/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/4.png?v=1.80
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
313b2048dd417afc1ee0672a7d88956391521b412890794fc397f1ae9445eaa4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"6747030b-2406"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
9222
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/png
Last-Modified
Wed, 27 Nov 2024 11:31:23 GMT
Server
openresty
author.png
newoffercloud.com/bntdrone/assets/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/author.png
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
54e9f635b1757be4dec75b339bc92f2b983c54f86eb31e40441244e52bffb04d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"6747030c-12b15"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
76565
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/png
Last-Modified
Wed, 27 Nov 2024 11:31:24 GMT
Server
openresty
app1.js
newoffercloud.com/bntdrone/assets/ 		1 KB
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/bntdrone/assets/app1.js
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
d3dacff7ce197581ba3089f4adc76474a1251d285797c680ed6857daf83c90f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"6747030a-46f"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Wed, 27 Nov 2024 11:31:22 GMT
Server
openresty
Vary
Accept-Encoding
4.png
newoffercloud.com/bntdrone/assets/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/4.png
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
313b2048dd417afc1ee0672a7d88956391521b412890794fc397f1ae9445eaa4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"6747030b-2406"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
9222
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/png
Last-Modified
Wed, 27 Nov 2024 11:31:23 GMT
Server
openresty
redirect_bin_withoutcomm.js
newoffercloud.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/redirect_bin_withoutcomm.js
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
94e369b00cedab9c11c339889f51f380072f6f383c3b1b08678686dbfb966c67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"675b6f1a-f10"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Thu, 12 Dec 2024 23:17:46 GMT
Server
openresty
Vary
Accept-Encoding
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C1797714EB0E490F881BD60FF6399983 Ref B: PHL30EDGE0411 Ref C: 2024-12-17T19:12:47Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Tue, 17 Dec 2024 19:12:47 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
author1small.png
newoffercloud.com/bntdrone/assets/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newoffercloud.com/bntdrone/assets/author1small.png
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
825df2775508a7f4347508a7de377050fe14588ed662aecdf54d9b2a6a01a57c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=315360000
ETag
"6747030c-187c"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
6268
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
image/png
Last-Modified
Wed, 27 Nov 2024 11:31:24 GMT
Server
openresty
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newoffercloud.com
Referer
https://fonts.googleapis.com/

Response headers

age
367870
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 13:01:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 13:01:37 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newoffercloud.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03e60-126b0"
age
417047
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uwFzm1ohhhNhCpwCkS46vNjg2S4pOPlxMJ8lbmEO%2F9RK2f0dAmP0345LLq%2FerN4oTVTQNGWPZNUdcpd7nOZxPkai964cdXL6lKDVZvmzSLvKTjASxZhQJbIf5zO1FslQ8p48vSp8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 19:12:47 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 19:12:47 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:08 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f393a0a0dc28c11-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
75440
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f3.1e100.net
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newoffercloud.com
Referer
https://fonts.googleapis.com/

Response headers

age
366572
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 13:23:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 13:23:15 GMT
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24984
x-xss-protection
0
server
sffe
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://newoffercloud.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03e60-350c"
age
587829
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mtle6Ykc%2BR0y9TaSbTsFw3BKOT2Xpxv6XhgQn2ZDnfZ0dKreKs1fdwEVto9XX0UFFPsDeH6RGPm542yfDt%2BIuObM2Z4jYmAbNnor%2F90S830zmCLizcXBh3CXwnTqKw29PnknPz%2Fn"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 07 Dec 2025 19:12:47 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 19:12:47 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:08 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f393a0a0dc48c11-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
13580
server
cloudflare
addstyle.css
newoffercloud.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newoffercloud.com/addstyle.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.28.189.234 , Italy, ASN (),
Reverse DNS
vmi2324645.contaboserver.net
Software
openresty /
Resource Hash
da707f10b884805b5f9aec196f8c5bec623c3f49c6d8405880fe1917cd88824c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"675b7000-2310"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Tue, 17 Dec 2024 19:12:47 GMT
Content-Type
text/css
Last-Modified
Thu, 12 Dec 2024 23:21:36 GMT
Server
openresty
Vary
Accept-Encoding
343038901.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/343038901.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
57024e659ab94d9d1643aa2da386eeffce36f7ba4c3bfd20f0e146505bdf87e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0D8A0BFA7FBE4E7C896A60FFC197B28A Ref B: PHL30EDGE0411 Ref C: 2024-12-17T19:12:47Z
x-cache
CONFIG_NOCACHE
date
Tue, 17 Dec 2024 19:12:47 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
343038901
www.clarity.ms/tag/uet/ 		868 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/343038901
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/343038901.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c4a51f16502e8bfc660db1d0d0e8a54c3769dbfc58023da71de57ec91a8cdfd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
868
date
Tue, 17 Dec 2024 19:12:48 GMT
content-type
application/x-javascript
x-azure-ref
20241217T191248Z-r1fc5bf4d668t2tzhC1MNZffug0000000ac000000000t4u6
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=343038901&Ver=2&mid=c99a2af9-621c-4042-97b7-5272c86c8406&bo=1&sid=e724e1f0bcaa11efa8707d82824cfbf5&vid=e72524f0bcaa11efbc9b618275da14e2&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=WINNER%3A%20Best%20New%20Technology%20Advance%20--%202024!&p=https%3A%2F%2Fnewoffercloud.com%2Fbntdrone%2Findex.php%3Fdevice_name%3DDesktop%26browser_name%3DChrome%26language%3Den-US%26city%3D%26clickid%3Dad83ahea3fyxr014%26campaign%3D7932%26user_id%3D1%26clickcost%3D0%26lander%3D2615%26time%3D1734444765%26browser_version%3D131.0.0.0%26device_model%3DDesktop%26device_brand%3DDesktop%26resolution%3DDesktop%26os_name%3DLinux%26os_version%3DUnknown%26country%3DUnited%2520States%26country_code%3DUS%26isp%3DVerizon%2520Business%26ip%3D208.252.80.2%26user_agent%3DMozilla%2F5.0%2520(X11%3B%2520Linux%2520x86_64)%2520AppleWebKit%2F537.36%2520(KHTML%2C%2520like%2520Gecko)%2520Chrome%2F131.0.0.0%2520Safari%2F537.36%26lpkey%3D17073426466d291565%26target%3DUnknown%26device%3DDESKTOP%26country%3DUS%26ts%3D%7Bt9%7D%26trafficsource%3D159%26domain%3Dthestpl.com%26uclick%3Dhea3fyxr%26uclickhash%3Dhea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f%23&r=https%3A%2F%2Fdehvg.blob.core.windows.net%2F&lt=3316&evt=pageLoad&sv=1&cdb=AQAQ&rn=367516
Requested by
Host: newoffercloud.com
URL: https://newoffercloud.com/bntdrone/index.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=&clickid=ad83ahea3fyxr014&campaign=7932&user_id=1&clickcost=0&lander=2615&time=1734444765&browser_version=131.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=Verizon%20Business&ip=208.252.80.2&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&lpkey=17073426466d291565&target=Unknown&device=DESKTOP&country=US&ts={t9}&trafficsource=159&domain=thestpl.com&uclick=hea3fyxr&uclickhash=hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7165639251BE479EA6809FD6F71D67B9 Ref B: PHL30EDGE0411 Ref C: 2024-12-17T19:12:48Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 17 Dec 2024 19:12:48 GMT
clarity.js
www.clarity.ms/s/0.7.59/ 		67 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.59/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343038901
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.40 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-azure-ref
20241217T191248Z-r1fc5bf4d668t2tzhC1MNZffug0000000ac000000000t4uc
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD1DD41438CC6B"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
12818831-c01e-0066-4540-5061fb000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Tue, 17 Dec 2024 19:12:48 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 13:18:06 GMT
collect
k.clarity.ms/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://newoffercloud.com
Date
Tue, 17 Dec 2024 19:12:48 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| scrollFunction function| topFunction function| PopupCenter function| lozad object| uetq object| monthsInEng object| date function| $_GET string| dmn string| redirect_url string| back_url_link object| months object| days object| time object| d string| dateNow function| UET function| UET_init function| UET_push object| ueto_c87e4e45b9 function| clarity object| clarityuetq

9 Cookies

Domain/Path Name / Value
thestpl.com/ Name: uclick
Value: hea3fyxr
thestpl.com/ Name: uclickhash
Value: hea3fyxr-hea3fyxr-ik4k-17b7-usfy0-2t16a3-2t16a2-42cf6f
.newoffercloud.com/ Name: _uetsid
Value: e724e1f0bcaa11efa8707d82824cfbf5
.newoffercloud.com/ Name: _uetvid
Value: e72524f0bcaa11efbc9b618275da14e2
.bing.com/ Name: MUID
Value: 2E3B62FF3AD860C10AFB77A73B1A61D3
.bat.bing.com/ Name: MR
Value: 0
www.clarity.ms/ Name: CLID
Value: db3fb5e4de5f43d4abd0c5dceefdbda6.20241217.20251217
.newoffercloud.com/ Name: _clck
Value: h353oi%7C2%7Cfrs%7C0%7C1812
.newoffercloud.com/ Name: _clsk
Value: 1bbj1ob%7C1734462768941%7C1%7C1%7Ck.clarity.ms%2Fcollect

1 Console Messages

Source Level URL
Text
network error URL: https://dehvg.blob.core.windows.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 400 (One of the request inputs is out of range.)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdnjs.cloudflare.com
dehvg.blob.core.windows.net
fonts.googleapis.com
fonts.gstatic.com
k.clarity.ms
newoffercloud.com
thestpl.com
www.clarity.ms
www.workjamtech.com
104.17.25.14
13.107.253.40
142.250.72.106
142.251.40.163
150.171.27.10
172.175.38.6
192.254.71.10
212.28.189.234
57.150.27.161
91.220.101.80
25be2de75e2d2e55620068642f3225a7f90ff68fad65b6d1dc9d63daeafdbb74
313b2048dd417afc1ee0672a7d88956391521b412890794fc397f1ae9445eaa4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
52fa7c6f5c8be9a1a28147e003875981978b1a67eb3f4d6b7045ed2fdf2d5307
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
54e9f635b1757be4dec75b339bc92f2b983c54f86eb31e40441244e52bffb04d
57024e659ab94d9d1643aa2da386eeffce36f7ba4c3bfd20f0e146505bdf87e4
651edf311b04750b2e243a9faaba7c3519abd1292572c5f49812ca3115a1f770
69db5999e3f448bcbfb631aded2ff4469efcc3dcf4e3961f624ce5d70c0fc303
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
718643c5ceb3d4a566c3b1fc254eb35d853d7df1caecde7bb5c34a60bdef93a6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
7f803337d01a657607bca6b20e06f371c3895b36a5f2be03a8fa9b5e16c9a83e
825df2775508a7f4347508a7de377050fe14588ed662aecdf54d9b2a6a01a57c
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
8f60a83a9bdc5eaf4698506dcdba5be73e9f08ff7232862ce27fdb38a359f064
94e369b00cedab9c11c339889f51f380072f6f383c3b1b08678686dbfb966c67
977b8feb1c0e39b27ee69f6bb66ec728a90d3f60c016ee7b6b8ae6bc85a8bc2d
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
acd449c4081501e9e6c323eceac4680ac3042d7eb97644e87db5cda3cc17368e
af4ac87c5bf890a1dfde787443a1b6f97e8b8bbb726963cc957fb0b754c4d1e2
bbc2e8015d99f1d3644636bcb901867d824614e08f298494d4a1a0ce1a2eedee
c08e11ca159584d59d45e9f4ffdd2bbe130f670fc8e7223601787dadad8351d5
c4a51f16502e8bfc660db1d0d0e8a54c3769dbfc58023da71de57ec91a8cdfd7
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cdc3cffb0235970759044333dbda17b79f08a573d73afda6aa90b912e495553a
d3dacff7ce197581ba3089f4adc76474a1251d285797c680ed6857daf83c90f3
d6d26300c54f0ed71972ed25fab88c86b8b10a96f391d758217cd0917ef5f274
da707f10b884805b5f9aec196f8c5bec623c3f49c6d8405880fe1917cd88824c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f25762c95fd82e39c32fa642825f3550cdd41463243eb14e08d2572f78ad06bc
f3e383f6f19bddf02d7a4adae53245c433557670f208024882aaf4f361ba064a
f68354c8fd35a86be8eefae76be49af89cc6ba239c29e8e86f2b501dfb7ce1db
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e