ofpopularoffer.com
Open in
urlscan Pro
103.104.122.67
Public Scan
Effective URL: https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&click...
Submission: On January 05 via manual from US — Scanned from US
Summary
TLS certificate: Issued by R3 on December 7th 2022. Valid for: 3 months.
This is the only time ofpopularoffer.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 3.5.224.150 3.5.224.150 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 192.124.249.11 192.124.249.11 | 30148 (SUCURI-SEC) (SUCURI-SEC) | |
1 1 | 185.197.30.128 185.197.30.128 | 63473 (HOSTHATCH) (HOSTHATCH) | |
1 1 | 103.147.122.142 103.147.122.142 | 135932 (VNDATA-AS...) (VNDATA-AS-VN Viet Storage Technology Joint Stock Company) | |
8 | 103.104.122.67 103.104.122.67 | 135932 (VNDATA-AS...) (VNDATA-AS-VN Viet Storage Technology Joint Stock Company) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
4 | 2600:9000:21a... 2600:9000:21a2:4a00:b:4623:cac0:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
15 | 5 |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-west-3.amazonaws.com
carlkiuss.s3.eu-west-3.amazonaws.com |
ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10011.sucuri.net
wee.so |
ASN63473 (HOSTHATCH, US)
PTR: oo66.icu
www.featremain.com |
ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN)
tpltrk.com |
ASN135932 (VNDATA-AS-VN Viet Storage Technology Joint Stock Company, VN)
PTR: static-ptr.vndata.vn
ofpopularoffer.com |
ASN16509 (AMAZON-02, US)
d3e1y4kxkqljcb.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
ofpopularoffer.com
ofpopularoffer.com |
30 KB |
4 |
cloudfront.net
d3e1y4kxkqljcb.cloudfront.net |
83 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127 |
1 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 943 |
33 KB |
1 |
tpltrk.com
1 redirects
tpltrk.com — Cisco Umbrella Rank: 138352 |
1 KB |
1 |
featremain.com
1 redirects
www.featremain.com — Cisco Umbrella Rank: 34818 |
376 B |
1 |
wee.so
1 redirects
wee.so |
1 KB |
1 |
amazonaws.com
carlkiuss.s3.eu-west-3.amazonaws.com |
466 B |
15 | 8 |
Domain | Requested by | |
---|---|---|
8 | ofpopularoffer.com |
carlkiuss.s3.eu-west-3.amazonaws.com
ofpopularoffer.com code.jquery.com |
4 | d3e1y4kxkqljcb.cloudfront.net |
ofpopularoffer.com
|
1 | fonts.googleapis.com |
ofpopularoffer.com
|
1 | code.jquery.com |
ofpopularoffer.com
|
1 | tpltrk.com | 1 redirects |
1 | www.featremain.com | 1 redirects |
1 | wee.so | 1 redirects |
1 | carlkiuss.s3.eu-west-3.amazonaws.com | |
15 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.s3.eu-west-3.amazonaws.com Amazon |
2022-09-21 - 2023-09-08 |
a year | crt.sh |
ofpopularoffer.com R3 |
2022-12-07 - 2023-03-07 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06
Frame ID: CEBF1654B4067B4A8FD78917C67E5820
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
[1] Reward Pending - Online Club - We Want Your Opinion!Page URL History Show full URLs
- https://carlkiuss.s3.eu-west-3.amazonaws.com/samsclbrewardnwyrrewardgiftcrrds.html Page URL
-
https://wee.so/zamsr
HTTP 301
https://www.featremain.com/a-iKR9dPUtIsKYlZvJ5s55Sq8784tRQ7osuxYACjdK-oikB0kwlDPsNvujovsYAs3JDDRJEWkS3N... HTTP 302
https://tpltrk.com/click.php?key=7i4d4swwx7tnr7gca6qc&clickid=711266048&subid=822285&target=sac HTTP 302
https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-U... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://carlkiuss.s3.eu-west-3.amazonaws.com/samsclbrewardnwyrrewardgiftcrrds.html Page URL
-
https://wee.so/zamsr
HTTP 301
https://www.featremain.com/a-iKR9dPUtIsKYlZvJ5s55Sq8784tRQ7osuxYACjdK-oikB0kwlDPsNvujovsYAs3JDDRJEWkS3Nd7cDtweTAw~~/girs HTTP 302
https://tpltrk.com/click.php?key=7i4d4swwx7tnr7gca6qc&clickid=711266048&subid=822285&target=sac HTTP 302
https://ofpopularoffer.com/giftcard/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=Buffalo&clickid=76faeq5b7j217861&campaign=3458&user_id=1&clickcost=0&lander=1819&time=1672914238&browser_version=108.0.5359.124&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=United%20States&country_code=US&isp=Nexeon%20Technologies&ip=96.9.249.38&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&lpkey=16547273930725d338&target=sac&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=q5b7j217&uclickhash=q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
samsclbrewardnwyrrewardgiftcrrds.html
carlkiuss.s3.eu-west-3.amazonaws.com/ |
99 B 466 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index_3_d.php
ofpopularoffer.com/giftcard/ Redirect Chain
|
49 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.1.min.js
code.jquery.com/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_11.js
ofpopularoffer.com/giftcard/assets/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main2.css
ofpopularoffer.com/giftcard/assets/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2248cf597e3418b7229d7565490fad8d.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/ |
412 B 799 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect_bin.js
ofpopularoffer.com/ |
2 KB 728 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sac.css
ofpopularoffer.com/giftcard/css/ |
104 B 278 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sac.json
ofpopularoffer.com/giftcard/datas/ |
1 KB 623 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
halloween_sweeps.css
ofpopularoffer.com/ |
2 KB 833 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conf.js
ofpopularoffer.com/giftcard/assets/ |
7 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
016aedc9cb6a33578985f38e7df35608.jpeg
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new_year_darkblue_2023.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
04ed4a8e1480f898574bc1ed4c60878c.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_survey_card/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery function| $_GET string| targets string| usr function| birthdayFill function| beforeShowQuestion function| loadingData function| startTimer string| target object| d object| jQuery1111012278148131778499 string| redirect_url string| back_url_link function| loadingOffers function| timer1 string| titleOut6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wee.so/ | Name: XSRF-TOKEN Value: eyJpdiI6IkNZY1VtQkt2OFpBcHpQSTVaOEU4Q1E9PSIsInZhbHVlIjoiWWpEV1JLdWttS1NEMkNHYWNMUEdJS2E5NlFySmJ1WGFaZWFKUmJ0dE5DZ000TEwreEl1ek9NMVFKT1FFdTVmMm5WUzY5OVNjMzN1K0N6aGxzSjMxeGM1VTFtczBFektydG1yUlRUcFZ0SVMrcjFlNkQ4SytZaDhUampuRTA2U0siLCJtYWMiOiJlNmVhNDk2ZmFkMjk3M2M3MDVmYTA3ZTk3YmJmMGFlN2Q2YjY0ZWM1ODViMTQ3OThiODY5ZjBlMDE0MzJhZjE0In0%3D |
|
wee.so/ | Name: wee_session Value: eyJpdiI6IkRpQ3JsWkdId3lYM1dBUUdNUmM3dHc9PSIsInZhbHVlIjoiREN2d2w3RWtET3V1V2pcL1AxY0Y5enlENllZbzN4ZVdmSGZjaXREd0ZrVkt1NTBIeEl6TU0ycWhFTXdJTDhjd21ycGVnMSs0dE9sRXZ4a2RiZkE1ZHo3NGNFS3luXC8xSXZvXC9zXC9NVUo3dExYdEJ5WDY0NGF5blJsTkRBVUx2ZHY0IiwibWFjIjoiYmI1Mjg2MDZkMTQ1MTY2OTJmZWMxZThlYzJkZTBlMjQ2MTc1NjQwYjIzYWNlMzhkMmVkMDYwZTFlNzRjZTliZiJ9 |
|
wee.so/ | Name: dark_mode Value: 0 |
|
.featremain.com/ | Name: uid11492 Value: 711266048-20230105102356-cc7e83d26390fb8922dfded98aaffd0f- |
|
tpltrk.com/ | Name: uclick Value: q5b7j217 |
|
tpltrk.com/ | Name: uclickhash Value: q5b7j217-q5b7j217-wf8w-tw0-gxm7-b4q53y-twa56o-00fe06 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
carlkiuss.s3.eu-west-3.amazonaws.com
code.jquery.com
d3e1y4kxkqljcb.cloudfront.net
fonts.googleapis.com
ofpopularoffer.com
tpltrk.com
wee.so
www.featremain.com
103.104.122.67
103.147.122.142
185.197.30.128
192.124.249.11
2001:4de0:ac18::1:a:3b
2600:9000:21a2:4a00:b:4623:cac0:21
2607:f8b0:4006:80e::200a
3.5.224.150
0503652ad2de1b8b78920fa91d2220d1f7fa789cc936fa6d1db915c21e3b875a
104c24f1d28dc1ccfb184eef36b59c653f5747e1fed8e98c2b32a09dd1e4f888
270bc63b390eed872e8fd61ad9c12c39f864ccbb19b30c017395a913dd8ce838
27867cd3d8bfff1a0d11e62936f524b108fa56e635bc9a94584d135d874c4797
4e16b80227d8bd98db2a3b1bcbae46ebc650ce9dd62965fb60c84c37ffe9e801
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
63101106f8322bee614d4e5cc4692bd9886ab0bfa589955b88540b1cdf47e05d
6af0a43eb06cb6a94f43bb11dfaf558f60635ea141bb1f4cd8e806ae5eba7107
6ee1af3ef0b7288dbec4f626ac7f6cf744715e4c399ec24c446d6f7858ec5512
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
8e52f3f7a3593d5662f38332216bb7fecbe5b373823f530b8dc6701a7484f107
ada53944f236c491443632cb0f675add2143a77965ea712225b9605a73f9f8a8
e4a86bb2af41f433da60e11d267c2e2f7c713d0fbb69b3938659b197325b9863
e7192dd88caf1e37d98b6f62fafbaaccdf547426be1640bf9ad9efa7ecd4f0a0