urlscan.io logo urlscan.io
SecurityTrails logo

ofpopularoffer.com Open in urlscan Pro
103.104.122.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://carlkiuss.s3.eu-west-3.amazonaws.com/samsclbrewardnwyrrewardgiftcrrds.html
Effective URL: https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&click...
Submission: On January 05 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 8 domains to perform 15 HTTP transactions. The main IP is 103.104.122.67, located in Viet Nam and belongs to VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN. The main domain is ofpopularoffer.com.
TLS certificate: Issued by R3 on December 7th 2022. Valid for: 3 months.
This is the only time ofpopularoffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.5.224.150 16509 (AMAZON-02)
1 1 192.124.249.11 30148 (SUCURI-SEC)
1 1 185.197.30.128 63473 (HOSTHATCH)
1 1 103.147.122.142 135932 (VNDATA-AS...)
8 103.104.122.67 135932 (VNDATA-AS...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 2600:9000:21a... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
15 5
1    3.5.224.150 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-west-3.amazonaws.com
carlkiuss.s3.eu-west-3.amazonaws.com
1    192.124.249.11 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10011.sucuri.net
wee.so
1    185.197.30.128 (Los Angeles, United States)

ASN63473 (HOSTHATCH, US)
PTR: oo66.icu
www.featremain.com
1    103.147.122.142 (Viet Nam)

ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN)
tpltrk.com
8    103.104.122.67 (Viet Nam)

ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN)
PTR: static-ptr.vndata.vn
ofpopularoffer.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
4    2600:9000:21a2:4a00:b:4623:cac0:21 (United States)

ASN16509 (AMAZON-02, US)
d3e1y4kxkqljcb.cloudfront.net
1    2607:f8b0:4006:80e::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
8 ofpopularoffer.com
ofpopularoffer.com
30 KB
4 cloudfront.net
d3e1y4kxkqljcb.cloudfront.net
83 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 943
33 KB
1 tpltrk.com
tpltrk.com — Cisco Umbrella Rank: 138352
1 KB
1 featremain.com
www.featremain.com — Cisco Umbrella Rank: 34818
376 B
1 wee.so
wee.so
1 KB
1 amazonaws.com
carlkiuss.s3.eu-west-3.amazonaws.com
466 B
15 8
Domain Requested by
8 ofpopularoffer.com carlkiuss.s3.eu-west-3.amazonaws.com
ofpopularoffer.com
code.jquery.com
4 d3e1y4kxkqljcb.cloudfront.net ofpopularoffer.com
1 fonts.googleapis.com ofpopularoffer.com
1 code.jquery.com ofpopularoffer.com
1 tpltrk.com 1 redirects
1 www.featremain.com 1 redirects
1 wee.so 1 redirects
1 carlkiuss.s3.eu-west-3.amazonaws.com
15 8

This site contains no links.

Subject Issuer Validity Valid
*.s3.eu-west-3.amazonaws.com
Amazon		 2022-09-21 -
2023-09-08		 a year crt.sh
ofpopularoffer.com
R3		 2022-12-07 -
2023-03-07		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
Frame ID: CEBF1654B4067B4A8FD78917C67E5820
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - Online Club - We Want Your Opinion!

Page URL History Show full URLs

  1. https://carlkiuss.s3.eu-west-3.amazonaws.com/samsclbrewardnwyrrewardgiftcrrds.html Page URL
  2. https://wee.so/zamsr HTTP 301
    https://www.featremain.com/a-iKR9dPUtIsKYlZvJ5s55Sq8784tRQ7osuxYACjdK-oikB0kwlDPsNvujovsYAs3JDDRJEWkS3N... HTTP 302
    https://tpltrk.com/click.php?key=7i4d4swwx7tnr7gca6qc&clickid=711266048&subid=822285&target=sac HTTP 302
    https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-U... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

5
IPs

4
Countries

147 kB
Transfer

273 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://carlkiuss.s3.eu-west-3.amazonaws.com/samsclbrewardnwyrrewardgiftcrrds.html Page URL
  2. https://wee.so/zamsr HTTP 301
    https://www.featremain.com/a-iKR9dPUtIsKYlZvJ5s55Sq8784tRQ7osuxYACjdK-oikB0kwlDPsNvujovsYAs3JDDRJEWkS3Nd7cDtweTAw~~/girs HTTP 302
    https://tpltrk.com/click.php?key=7i4d4swwx7tnr7gca6qc&clickid=711266048&subid=822285&target=sac HTTP 302
    https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
samsclbrewardnwyrrewardgiftcrrds.html
carlkiuss.s3.eu-west-3.amazonaws.com/ 		99 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://carlkiuss.s3.eu-west-3.amazonaws.com/samsclbrewardnwyrrewardgiftcrrds.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.224.150 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-west-3.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
99
Content-Type
text/html
Date
Thu, 05 Jan 2023 15:23:55 GMT
ETag
"ec131eda341844fd196161102a4f0aec"
Last-Modified
Fri, 16 Dec 2022 16:12:05 GMT
Server
AmazonS3
x-amz-id-2
fNmMKTzMgZJawj2wPHv/KGvjTfwv3bET6q+tEuwX97hIoIPVa9TGzB9rqKWypp1eaDRY74FNxauSrnlvglDL9g==
x-amz-request-id
MGQTJM5T92C8ZDTA
Primary Request index_3_d.php
ofpopularoffer.com/giftcard/
Redirect Chain
  • https://wee.so/zamsr
  • https://www.featremain.com/a-iKR9dPUtIsKYlZvJ5s55Sq8784tRQ7osuxYACjdK-oikB0kwlDPsNvujovsYAs3JDDRJEWkS3Nd7cDtweTAw~~/girs
  • https://tpltrk.com/click.php?key=7i4d4swwx7tnr7gca6qc&clickid=711266048&subid=822285&target=sac
  • https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1...
49 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
Requested by
Host: carlkiuss.s3.eu-west-3.amazonaws.com
URL: https://carlkiuss.s3.eu-west-3.amazonaws.com/samsclbrewardnwyrrewardgiftcrrds.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.104.122.67 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
63101106f8322bee614d4e5cc4692bd9886ab0bfa589955b88540b1cdf47e05d

Request headers

Referer
https://carlkiuss.s3.eu-west-3.amazonaws.com/samsclbrewardnwyrrewardgiftcrrds.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
15892
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 15:23:59 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Jan 2023 15:23:58 GMT
Location
https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
Server
nginx/1.22.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
jquery-1.11.1.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.1.min.js
Requested by
Host: ofpopularoffer.com
URL: https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ofpopularoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:24:00 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKDz250GEo0BCiQxZDU4ZGYwMi03YmExLTQzNzMtYTg4Zi02MjcyZjU3NGYzOGEQ+OiCoKvU+wIaBgiQ19udBiISMjYwMjpmZmM4OjI6MTA0Ojo5KNSZAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkNTFjMDRlNTQtMWM4Mi00NGQzLWJiZjktNWM1MzM1MWQ5ZGZmGLKDAiIYCAISFGNkczI0OS5hbTUuaHdjZG4ubmV0.rnCD6/0CqdUr86Ch7pXJCGStpRc4FBcU3h8QQGaR3tE=
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1762a"
vary
Accept-Encoding
x-hw
1672932240.dop235.am5.t,1672932240.cds263.am5.hn,1672932240.cds249.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33202
main_11.js
ofpopularoffer.com/giftcard/assets/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ofpopularoffer.com/giftcard/assets/main_11.js
Requested by
Host: ofpopularoffer.com
URL: https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.104.122.67 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
0503652ad2de1b8b78920fa91d2220d1f7fa789cc936fa6d1db915c21e3b875a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:24:00 GMT
content-encoding
gzip
last-modified
Thu, 29 Dec 2022 14:56:19 GMT
server
nginx
etag
W/"63adaa93-2eff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
main2.css
ofpopularoffer.com/giftcard/assets/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ofpopularoffer.com/giftcard/assets/main2.css
Requested by
Host: ofpopularoffer.com
URL: https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.104.122.67 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
27867cd3d8bfff1a0d11e62936f524b108fa56e635bc9a94584d135d874c4797

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:24:00 GMT
content-encoding
gzip
last-modified
Mon, 26 Dec 2022 08:37:43 GMT
server
nginx
etag
W/"63a95d57-523d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
2248cf597e3418b7229d7565490fad8d.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/ 		412 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/2248cf597e3418b7229d7565490fad8d.png
Requested by
Host: ofpopularoffer.com
URL: https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:4a00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4a86bb2af41f433da60e11d267c2e2f7c713d0fbb69b3938659b197325b9863

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ofpopularoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:24:01 GMT
x-amz-version-id
PdmLnc8qHk0VN6RuIykTNeu_yqCaKLIe
via
1.1 1ae294433a6f4b338a8136481c1a3232.cloudfront.net (CloudFront)
last-modified
Tue, 05 Jul 2022 18:44:44 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
etag
"cb8433c30b162d2bd96ed60be60a25a5"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
412
x-amz-cf-id
cwB4tLP4uzKW4daxjsW5xt2AzokWOGMsxSRU5hYOlVmZhkapxXcivw==
redirect_bin.js
ofpopularoffer.com/ 		2 KB
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ofpopularoffer.com/redirect_bin.js
Requested by
Host: ofpopularoffer.com
URL: https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.104.122.67 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
e7192dd88caf1e37d98b6f62fafbaaccdf547426be1640bf9ad9efa7ecd4f0a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:24:00 GMT
content-encoding
gzip
last-modified
Thu, 29 Dec 2022 14:47:53 GMT
server
nginx
etag
W/"63ada899-7c2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Requested by
Host: ofpopularoffer.com
URL: https://ofpopularoffer.com/giftcard/assets/main2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ofpopularoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 15:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 13:55:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 15:24:00 GMT
sac.css
ofpopularoffer.com/giftcard/css/ 		104 B
278 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ofpopularoffer.com/giftcard/css/sac.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.104.122.67 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
104c24f1d28dc1ccfb184eef36b59c653f5747e1fed8e98c2b32a09dd1e4f888

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:24:01 GMT
last-modified
Tue, 05 Jul 2022 17:53:50 GMT
server
nginx
etag
"62c47aae-68"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
104
expires
Thu, 31 Dec 2037 23:55:55 GMT
sac.json
ofpopularoffer.com/giftcard/datas/ 		1 KB
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ofpopularoffer.com/giftcard/datas/sac.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.104.122.67 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
ada53944f236c491443632cb0f675add2143a77965ea712225b9605a73f9f8a8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:24:01 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 14:44:36 GMT
server
nginx
etag
W/"4f7-5e34c3db9f99d"
vary
Accept-Encoding
content-type
application/json
halloween_sweeps.css
ofpopularoffer.com/ 		2 KB
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ofpopularoffer.com/halloween_sweeps.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.104.122.67 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
4e16b80227d8bd98db2a3b1bcbae46ebc650ce9dd62965fb60c84c37ffe9e801

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:24:01 GMT
content-encoding
gzip
last-modified
Thu, 29 Dec 2022 14:48:39 GMT
server
nginx
etag
W/"63ada8c7-68d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
conf.js
ofpopularoffer.com/giftcard/assets/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ofpopularoffer.com/giftcard/assets/conf.js?_=1672932240616
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.104.122.67 , Viet Nam, ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
270bc63b390eed872e8fd61ad9c12c39f864ccbb19b30c017395a913dd8ce838

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:24:01 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 08:33:33 GMT
server
nginx
etag
W/"62e0f85d-1d8e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
016aedc9cb6a33578985f38e7df35608.jpeg
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/016aedc9cb6a33578985f38e7df35608.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:4a00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ee1af3ef0b7288dbec4f626ac7f6cf744715e4c399ec24c446d6f7858ec5512

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ofpopularoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:24:02 GMT
x-amz-version-id
c4ADmJw0mE168UtadGPHtpLkTWJXRh2E
via
1.1 1ae294433a6f4b338a8136481c1a3232.cloudfront.net (CloudFront)
last-modified
Tue, 05 Jul 2022 18:44:43 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
etag
"fc3c8def7ecb1e8ba29ce22d4384b4fa"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
44750
x-amz-cf-id
GRTbxDGWcapQUwvY0LEBbBgHMHnJ3El-_F02GBTk9rqrKqoEjtrHHA==
new_year_darkblue_2023.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_year_darkblue_2023.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:4a00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e52f3f7a3593d5662f38332216bb7fecbe5b373823f530b8dc6701a7484f107

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ofpopularoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:57:24 GMT
x-amz-version-id
ZdhhWXWjjYZCMdp4qSkKmZa3lvVB5FfE
via
1.1 1ae294433a6f4b338a8136481c1a3232.cloudfront.net (CloudFront)
last-modified
Thu, 29 Dec 2022 13:33:44 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
37598
etag
"f01b3a7ffbafc1676823581b8351d175"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
25682
x-amz-cf-id
_0Vmblwb7qxhRBVbVS5cMaLP28SHqWLmELMm9og8W_rxGomJTNzLlA==
04ed4a8e1480f898574bc1ed4c60878c.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/04ed4a8e1480f898574bc1ed4c60878c.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:4a00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6af0a43eb06cb6a94f43bb11dfaf558f60635ea141bb1f4cd8e806ae5eba7107

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ofpopularoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:24:03 GMT
x-amz-version-id
uhaUVD3mQ2r4HGnnvXm9C1A08dtxnlUi
via
1.1 1ae294433a6f4b338a8136481c1a3232.cloudfront.net (CloudFront)
last-modified
Tue, 05 Jul 2022 18:44:45 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
etag
"68ac4fe4b1b788fc85f00f122455972d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12590
x-amz-cf-id
39ue_KWpbsEGs94Tf6D30S2nZGDZeYJF1rN7wa58UT-16zI3rvJ7mQ==

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery function| $_GET string| targets string| usr function| birthdayFill function| beforeShowQuestion function| loadingData function| startTimer string| target object| d object| jQuery1111012278148131778499 string| redirect_url string| back_url_link function| loadingOffers function| timer1 string| titleOut

6 Cookies

Domain/Path Name / Value
wee.so/ Name: XSRF-TOKEN
Value: eyJpdiI6IkNZY1VtQkt2OFpBcHpQSTVaOEU4Q1E9PSIsInZhbHVlIjoiWWpEV1JLdWttS1NEMkNHYWNMUEdJS2E5NlFySmJ1WGFaZWFKUmJ0dE5DZ000TEwreEl1ek9NMVFKT1FFdTVmMm5WUzY5OVNjMzN1K0N6aGxzSjMxeGM1VTFtczBFektydG1yUlRUcFZ0SVMrcjFlNkQ4SytZaDhUampuRTA2U0siLCJtYWMiOiJlNmVhNDk2ZmFkMjk3M2M3MDVmYTA3ZTk3YmJmMGFlN2Q2YjY0ZWM1ODViMTQ3OThiODY5ZjBlMDE0MzJhZjE0In0%3D
wee.so/ Name: wee_session
Value: eyJpdiI6IkRpQ3JsWkdId3lYM1dBUUdNUmM3dHc9PSIsInZhbHVlIjoiREN2d2w3RWtET3V1V2pcL1AxY0Y5enlENllZbzN4ZVdmSGZjaXREd0ZrVkt1NTBIeEl6TU0ycWhFTXdJTDhjd21ycGVnMSs0dE9sRXZ4a2RiZkE1ZHo3NGNFS3luXC8xSXZvXC9zXC9NVUo3dExYdEJ5WDY0NGF5blJsTkRBVUx2ZHY0IiwibWFjIjoiYmI1Mjg2MDZkMTQ1MTY2OTJmZWMxZThlYzJkZTBlMjQ2MTc1NjQwYjIzYWNlMzhkMmVkMDYwZTFlNzRjZTliZiJ9
wee.so/ Name: dark_mode
Value: 0
.featremain.com/ Name: uid11492
Value: 711266048-20230105102356-cc7e83d26390fb8922dfded98aaffd0f-
tpltrk.com/ Name: uclick
Value: q5b7j217
tpltrk.com/ Name: uclickhash
Value: q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06