urlscan.io logo urlscan.io
SecurityTrails logo

valueofferother.com Open in urlscan Pro
91.220.101.99  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ypoupfpfpppdkkfkf545efffeeeeieeddd.s3.us-east-2.amazonaws.com/afgjlaega6ega4-g416a4g6g4e6g464eg44ggg#ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQ...
Effective URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segu...
Submission: On November 18 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 10 domains to perform 26 HTTP transactions. The main IP is 91.220.101.99, located in Ukraine and belongs to HighLoadSystems TOV "Highload Systems", UA. The main domain is valueofferother.com.
TLS certificate: Issued by R11 on October 28th 2024. Valid for: 3 months.
This is the only time valueofferother.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 3.5.130.212 16509 (AMAZON-02)
2 2 172.67.157.124 13335 (CLOUDFLAR...)
2 2 35.195.74.163 396982 (GOOGLE-CL...)
2 2 35.240.19.90 396982 (GOOGLE-CL...)
1 1 91.220.101.74 34259 (HighLoadS...)
13 91.220.101.99 34259 (HighLoadS...)
1 2a04:4e42:600... 54113 (FASTLY)
7 2600:9000:214... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 142.251.35.163 15169 (GOOGLE)
26 7
1    3.5.130.212 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
ypoupfpfpppdkkfkf545efffeeeeieeddd.s3.us-east-2.amazonaws.com
2    172.67.157.124 (United States)

ASN13335 (CLOUDFLARENET, US)
subalae.mynationmypride.eu.org
2    35.195.74.163 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 163.74.195.35.bc.googleusercontent.com
salesnetworktrackinginhouse3.com
2    35.240.19.90 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.19.240.35.bc.googleusercontent.com
subdimesionful.com
1    91.220.101.74 (Ukraine)

ASN34259 (HighLoadSystems TOV "Highload Systems", UA)
PTR: srv-s74.antiddos.eu
herbstp.com
13    91.220.101.99 (Ukraine)

ASN34259 (HighLoadSystems TOV "Highload Systems", UA)
PTR: srv-s99.antiddos.eu
valueofferother.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
7    2600:9000:2141:e200:b:4623:cac0:21 (United States)

ASN16509 (AMAZON-02, US)
d3e1y4kxkqljcb.cloudfront.net
1    2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    142.251.35.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
13 valueofferother.com ypoupfpfpppdkkfkf545efffeeeeieeddd.s3.us-east-2.amazonaws.com
valueofferother.com
code.jquery.com
7 d3e1y4kxkqljcb.cloudfront.net valueofferother.com
2 fonts.gstatic.com fonts.googleapis.com
2 subdimesionful.com 2 redirects
2 salesnetworktrackinginhouse3.com 2 redirects
2 subalae.mynationmypride.eu.org 2 redirects
1 fonts.googleapis.com valueofferother.com
1 code.jquery.com valueofferother.com
1 herbstp.com 1 redirects
1 ypoupfpfpppdkkfkf545efffeeeeieeddd.s3.us-east-2.amazonaws.com
26 10

This site contains no links.

Subject Issuer Validity Valid
*.s3.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2024-11-09 -
2025-11-05		 a year crt.sh
valueofferother.com
R11		 2024-10-28 -
2025-01-26		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Frame ID: 7800B99D9ECDB587102D06AB1E129053
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - We Want Your Opinion!

Page URL History Show full URLs

  1. https://ypoupfpfpppdkkfkf545efffeeeeieeddd.s3.us-east-2.amazonaws.com/afgjlaega6ega4-g416a4g6g4e6g464eg44ggg Page URL
  2. http://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1x... HTTP 307
    https://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1x... HTTP 302
    https://salesnetworktrackinginhouse3.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162228_md HTTP 302
    https://subdimesionful.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162228_md&ckmguid=8... HTTP 302
    https://herbstp.com/click.php?key=dx3uovo9yxxi3tq4c7bb&clickid=380519101&affid=2061&target={targ... HTTP 307
    http://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1x... HTTP 307
    https://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1x... HTTP 302
    https://salesnetworktrackinginhouse3.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162229_md HTTP 302
    https://subdimesionful.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162229_md&ckmguid=9... HTTP 302
    https://herbstp.com/click.php?key=dx3uovo9yxxi3tq4c7bb&clickid=380519101&affid=2061&target={targ... HTTP 302
    https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=... Page URL
  3. https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

30 %
IPv6

10
Domains

10
Subdomains

7
IPs

3
Countries

413 kB
Transfer

853 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ypoupfpfpppdkkfkf545efffeeeeieeddd.s3.us-east-2.amazonaws.com/afgjlaega6ega4-g416a4g6g4e6g464eg44ggg Page URL
  2. http://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__ HTTP 307
    https://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__ HTTP 302
    https://salesnetworktrackinginhouse3.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162228_md HTTP 302
    https://subdimesionful.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162228_md&ckmguid=85871860-3cef-41c0-94c5-4afe1fe09b12 HTTP 302
    https://herbstp.com/click.php?key=dx3uovo9yxxi3tq4c7bb&clickid=380519101&affid=2061&target={target}&ts=id2 HTTP 307
    http://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__ HTTP 307
    https://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__ HTTP 302
    https://salesnetworktrackinginhouse3.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162229_md HTTP 302
    https://subdimesionful.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162229_md&ckmguid=9dd07a62-5e0d-47fb-bd2a-a9350b085290 HTTP 302
    https://herbstp.com/click.php?key=dx3uovo9yxxi3tq4c7bb&clickid=380519101&affid=2061&target={target}&ts=id2 HTTP 302
    https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65 Page URL
  3. https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__ HTTP 307
  • https://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__ HTTP 302
  • https://salesnetworktrackinginhouse3.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162228_md HTTP 302
  • https://subdimesionful.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162228_md&ckmguid=85871860-3cef-41c0-94c5-4afe1fe09b12 HTTP 302
  • https://herbstp.com/click.php?key=dx3uovo9yxxi3tq4c7bb&clickid=380519101&affid=2061&target={target}&ts=id2 HTTP 307
  • http://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__ HTTP 307
  • https://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__ HTTP 302
  • https://salesnetworktrackinginhouse3.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162229_md HTTP 302
  • https://subdimesionful.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162229_md&ckmguid=9dd07a62-5e0d-47fb-bd2a-a9350b085290 HTTP 302
  • https://herbstp.com/click.php?key=dx3uovo9yxxi3tq4c7bb&clickid=380519101&affid=2061&target={target}&ts=id2 HTTP 302
  • https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
afgjlaega6ega4-g416a4g6g4e6g464eg44ggg
ypoupfpfpppdkkfkf545efffeeeeieeddd.s3.us-east-2.amazonaws.com/ 		118 B
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ypoupfpfpppdkkfkf545efffeeeeieeddd.s3.us-east-2.amazonaws.com/afgjlaega6ega4-g416a4g6g4e6g464eg44ggg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.130.212 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Length
118
Content-Type
text/html
Date
Mon, 18 Nov 2024 14:11:40 GMT
ETag
"2fe8757b10ec0b754a3bb31ac363dadd"
Last-Modified
Sun, 17 Nov 2024 11:28:37 GMT
Server
AmazonS3
x-amz-id-2
Rfu1WO1OXnkLZxkUtZQP3uoEu/mOdn46sKjrUdmH0O+9P40upp0fMYHXiSQ6ZXv9gTrgU7EgfW6nPAWcwqGw/zNGo/lz6UXUx8HtKKe975o=
x-amz-meta-s3b-last-modified
20241115T141632Z
x-amz-meta-sha256
483f1b1736b2036efa30ab1400f36f221928e864b71fc3b4e96ca46b622beae5
x-amz-request-id
XRMR5GRFT2WJPEJ6
x-amz-server-side-encryption
AES256
index_1_d.php
valueofferother.com/new_sweeps_1/
Redirect Chain
  • http://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__
  • https://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__
  • https://salesnetworktrackinginhouse3.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162228_md
  • https://subdimesionful.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162228_md&ckmguid=85871860-3cef-41c0-94c5-4afe1fe09b12
  • https://herbstp.com/click.php?key=dx3uovo9yxxi3tq4c7bb&clickid=380519101&affid=2061&target={target}&ts=id2
  • http://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__
  • https://subalae.mynationmypride.eu.org/ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__
  • https://salesnetworktrackinginhouse3.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162229_md
  • https://subdimesionful.com/?a=2061&oc=21302&c=56726&m=3&s1=1&s2=6325_2&s3=0_0_15634_162229_md&ckmguid=9dd07a62-5e0d-47fb-bd2a-a9350b085290
  • https://herbstp.com/click.php?key=dx3uovo9yxxi3tq4c7bb&clickid=380519101&affid=2061&target={target}&ts=id2
  • https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2...
1 KB
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Requested by
Host: ypoupfpfpppdkkfkf545efffeeeeieeddd.s3.us-east-2.amazonaws.com
URL: https://ypoupfpfpppdkkfkf545efffeeeeieeddd.s3.us-east-2.amazonaws.com/afgjlaega6ega4-g416a4g6g4e6g464eg44ggg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
e4fdd7ac61625aa75e3f51d703a222a51b1c9be1f843a0c5b95a82105dd77cb4

Request headers

Referer
https://ypoupfpfpppdkkfkf545efffeeeeieeddd.s3.us-east-2.amazonaws.com/afgjlaega6ega4-g416a4g6g4e6g464eg44ggg#ZHdRNTZab2JFNTBvUzVEWEpkeHppMWs3VzJoR1FCYnUrWXJ3OFFTWXRiQzBGVmFwaEZ4ZDZGUG1xNm4vSmowRkpwczRwRUxGTkxVNE1pSjJVUUhIckE9PQ__
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 18 Nov 2024 14:11:46 GMT
ETag
W/"5dc1dd91-4b7"
Expires
0
Last-Modified
Tue, 05 Nov 2019 20:37:37 GMT
Pragma
no-cache
Server
openresty
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Nov 2024 14:11:45 GMT
Location
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Server
openresty
Transfer-Encoding
chunked
check.page
valueofferother.com/ 		1 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://valueofferother.com/check.page
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Date
Mon, 18 Nov 2024 14:11:47 GMT
Pragma
no-cache
Content-Type
application/octet-stream
Server
openresty
Connection
keep-alive
Primary Request index_1_d.php
valueofferother.com/new_sweeps_1/ 		87 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
ad19c1ef7f94f4d1c20c7d726cca2a261ce66d2b4f5cabb4bc354040e32967cb

Request headers

Referer
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
17749
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Nov 2024 14:11:47 GMT
Server
openresty
Vary
Accept-Encoding
bootstrap.min.css
valueofferother.com/new_sweeps_1/assets/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://valueofferother.com/new_sweeps_1/assets/bootstrap.min.css
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"665888d8-27288"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Mon, 18 Nov 2024 14:11:48 GMT
Content-Type
text/css
Last-Modified
Thu, 30 May 2024 14:10:32 GMT
Server
openresty
Vary
Accept-Encoding
all.css
valueofferother.com/new_sweeps_1/assets/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://valueofferother.com/new_sweeps_1/assets/all.css
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
9ab4f4c2fbb7f22fd22e510a5797ecb47fb1c05c60c9c7ddc578d3841adaf33f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"665888d8-11f2d"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Mon, 18 Nov 2024 14:11:48 GMT
Content-Type
text/css
Last-Modified
Thu, 30 May 2024 14:10:32 GMT
Server
openresty
Vary
Accept-Encoding
common.css
valueofferother.com/new_sweeps_1/assets/ 		71 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://valueofferother.com/new_sweeps_1/assets/common.css
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
007785d2855c00679a7018fa451829913be6ef575711edff9400ac56740b7932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"66913b61-11bf1"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Mon, 18 Nov 2024 14:11:48 GMT
Content-Type
text/css
Last-Modified
Fri, 12 Jul 2024 14:19:13 GMT
Server
openresty
Vary
Accept-Encoding
jquery-1.11.1.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.1.min.js
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-1762a"
age
4177090
x-cache
HIT, HIT
date
Mon, 18 Nov 2024 14:11:48 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
58, 11445
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21922-LGA, cache-bur-kbur8200109-BUR
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1731939108.106388,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
33202
server
nginx
bootstrap.min.js
valueofferother.com/new_sweeps_1/assets/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://valueofferother.com/new_sweeps_1/assets/bootstrap.min.js
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"665888d9-f708"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Mon, 18 Nov 2024 14:11:48 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Thu, 30 May 2024 14:10:33 GMT
Server
openresty
Vary
Accept-Encoding
myscript_10.js
valueofferother.com/new_sweeps_1/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://valueofferother.com/new_sweeps_1/assets/myscript_10.js
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
02549bbbcf9535ed0f87d8dbe822024e9f1daeccc457e2bac0e7660083bd3a55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"6658d559-13ca"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Mon, 18 Nov 2024 14:11:48 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Thu, 30 May 2024 19:36:57 GMT
Server
openresty
Vary
Accept-Encoding
style.css
valueofferother.com/new_sweeps_1/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://valueofferother.com/new_sweeps_1/css/style.css
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
d0cf533a69b1b62310a8b9daf458dae00841325f0adbdf794c785f5fef48f3c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"665888d6-e3d"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Mon, 18 Nov 2024 14:11:48 GMT
Content-Type
text/css
Last-Modified
Thu, 30 May 2024 14:10:30 GMT
Server
openresty
Vary
Accept-Encoding
newusa_flag_15_11zon.webp
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		400 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/newusa_flag_15_11zon.webp
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2141:e200:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22a27f9378e7ceaf4e9820b2ec87ffca4e68343e861392b2794e14f7e24421d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/

Response headers

x-amz-version-id
f20TtTmeSGutYOm04DGbsBVyOqpJnLm2
etag
"43e4b3229a56cba29a48d1171ae58323"
age
85145
via
1.1 6365f8c2e6435e0ce1ea9fe112f73a92.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
400
x-amz-cf-id
VB7MH2JtAXTHI-GwuyiGxhTSS4S7482aurieIMao-40yp4vFRMu9aQ==
date
Sun, 17 Nov 2024 14:32:44 GMT
content-type
image/webp
last-modified
Fri, 12 Jul 2024 13:27:11 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P10
x-amz-server-side-encryption
AES256
product_image_dicks_03.webp
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/product_image_dicks_03.webp
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2141:e200:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
468e9eccd09ef14e0e66c1206e8186135e6837299def580350b4ab7b4f8e1983

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/

Response headers

x-amz-version-id
cNBKewZY9EfJ3lEfxuAdv8CSs66y3RBl
etag
"97b18ccd5f8701b73dd42510b452e5ce"
via
1.1 6365f8c2e6435e0ce1ea9fe112f73a92.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
30246
x-amz-cf-id
-GogzLVFxOQDdMMX_SlNRAYgxa7ZdgqVbh8xCdN3zMZghYzpMHL4iQ==
date
Mon, 18 Nov 2024 14:11:49 GMT
content-type
image/webp
last-modified
Fri, 12 Jul 2024 20:00:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P10
x-amz-server-side-encryption
AES256
yetiblue_comm2_1_11zon.webp
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/yetiblue_comm2_1_11zon.webp
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2141:e200:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fafd6babd411cc0548f90383b78db705ab1087a1e9641f71dfa6d8eae439193d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/

Response headers

x-amz-version-id
FU_IF_X8_mjFu2Yp4P6oyPBUSc7yYPWB
etag
"9b747673a0df20a41ea410b4c4d40a1e"
via
1.1 6365f8c2e6435e0ce1ea9fe112f73a92.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
49220
x-amz-cf-id
gRyqW_waqZ04OnR66lzznxlKagzSnhl9d2ZkW_r2JlcBaS4FU1k2uw==
date
Mon, 18 Nov 2024 14:11:49 GMT
content-type
image/webp
last-modified
Fri, 12 Jul 2024 15:01:18 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P10
x-amz-server-side-encryption
AES256
yetiblue_comm1_2_11zon.webp
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/yetiblue_comm1_2_11zon.webp
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2141:e200:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b78faf24b6b8e67285c0664e356c36423d965963b3b926748506ee3af6bfa7a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/

Response headers

x-amz-version-id
JDhk8MvKUNYZlavtzmb2hQwjyLFY.VAr
etag
"697d4626557eea57bd130b959623207c"
via
1.1 6365f8c2e6435e0ce1ea9fe112f73a92.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
54082
x-amz-cf-id
PTbkuSpSR6TZua1mkITPMoLrP6fU6LXAvxVCqTgidD_hensDzODAhg==
date
Mon, 18 Nov 2024 14:11:49 GMT
content-type
image/webp
last-modified
Fri, 12 Jul 2024 15:01:17 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P10
x-amz-server-side-encryption
AES256
279132e34471a44f9e9c889082127894.png
valueofferother.com/new_sweeps_1/assets/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://valueofferother.com/new_sweeps_1/assets/279132e34471a44f9e9c889082127894.png
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

Response headers

Cache-Control
max-age=315360000
ETag
"665888d9-150d"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
5389
Date
Mon, 18 Nov 2024 14:11:48 GMT
Content-Type
image/png
Last-Modified
Thu, 30 May 2024 14:10:33 GMT
Server
openresty
redirect_bin_withoutcomm.js
valueofferother.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://valueofferother.com/redirect_bin_withoutcomm.js
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
08ca65844ece69d2290142a7582b89bed3a6171d7017bef06258792d51a1d392

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"66d76db0-f12"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Mon, 18 Nov 2024 14:11:48 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Tue, 03 Sep 2024 20:12:32 GMT
Server
openresty
Vary
Accept-Encoding
common.js
valueofferother.com/new_sweeps_1/assets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://valueofferother.com/new_sweeps_1/assets/common.js
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
f979c2613b3123e22507887df92e83ec58bec43d8fbf9e4ed36b6aa5f69cfcfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"66913c38-174d"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Mon, 18 Nov 2024 14:11:48 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Fri, 12 Jul 2024 14:22:48 GMT
Server
openresty
Vary
Accept-Encoding
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/assets/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a4a80fdb1c1f9ab2c6adc8167c02e29ccb147ea8bb4e95c142fb4c7b711558a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 14:11:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 14:11:49 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 18 Nov 2024 12:29:47 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css_sprites_min.webp
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/css_sprites_min.webp
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/new_sweeps_1/assets/common.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2141:e200:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f3d5ec259a242aa753543912bdae36f00ca1e476c353e605ec9bc66efe93893

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/

Response headers

x-amz-version-id
bY_eqERLdHE4EDNyDygaPc4xWIdMvp8d
etag
"d0b534ede596b61fea7cef1175cc3c8c"
age
81838
via
1.1 6365f8c2e6435e0ce1ea9fe112f73a92.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
4210
x-amz-cf-id
fNyE9h-EZA8wuQqW_brThXc6xgCGaEYRIcTwWWcn6rrFlhwxi44eYw==
date
Sun, 17 Nov 2024 15:27:52 GMT
content-type
image/webp
last-modified
Fri, 12 Jul 2024 13:09:50 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P10
x-amz-server-side-encryption
AES256
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f3.1e100.net
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://valueofferother.com
Referer
https://fonts.googleapis.com/

Response headers

age
225561
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 23:32:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 23:32:28 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v29/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f3.1e100.net
Software
sffe /
Resource Hash
96a874a36a161a53381e9c5b16dcc188a04da68d463130aaf505c0f08de38782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://valueofferother.com
Referer
https://fonts.googleapis.com/

Response headers

age
411688
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 19:50:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 19:50:21 GMT
last-modified
Wed, 06 Nov 2024 17:30:50 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39608
x-xss-protection
0
server
sffe
addstyle.css
valueofferother.com/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://valueofferother.com/addstyle.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.220.101.99 , Ukraine, ASN34259 (HighLoadSystems TOV "Highload Systems", UA),
Reverse DNS
srv-s99.antiddos.eu
Software
openresty /
Resource Hash
f31bcfdd87c563d7a8718912a630922b2838a3e3da45f9ec7a81269e457a4ee3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/new_sweeps_1/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-US&city=El%20Segundo&clickid=7d4b3bz3v1z46daf&campaign=7073&user_id=1&clickcost=0&lander=2481&time=1731921105&browser_version=130.0.0.0&device_model=Desktop&device_brand=Desktop&resolution=Desktop&os_name=Linux&os_version=Unknown&country=United%20States&country_code=US&isp=i3D.net%20B.V&ip=162.245.206.245&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&lpkey=177a317493e294b505&target={target}&device=DESKTOP&country=US&ts=id2&trafficsource=2&domain=herbstp.com&uclick=bz3v1z46&uclickhash=bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Content-Encoding
gzip
ETag
W/"6733587b-218d"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Date
Mon, 18 Nov 2024 14:11:49 GMT
Content-Type
text/css
Last-Modified
Tue, 12 Nov 2024 13:30:35 GMT
Server
openresty
Vary
Accept-Encoding
banner_blackfriday_23.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/banner_blackfriday_23.png
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/addstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2141:e200:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2b42f77e136e582966e56e583f3bddd6a61218644aea311901a858b0cb1154b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/

Response headers

x-amz-version-id
o.xXgBqTl9FRLf5BQfEd2cX8VtdImFzv
etag
"cdaaec1ffcc765083dfa8726c33ae57d"
age
10509
via
1.1 6365f8c2e6435e0ce1ea9fe112f73a92.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
52992
x-amz-cf-id
LA5kUxM3HL-dWevVdeR5w2hd5ku1i_8QdzpQjli0ICsgvlY-kIzhXg==
date
Mon, 18 Nov 2024 11:16:42 GMT
content-type
image/png
last-modified
Thu, 02 Nov 2023 18:54:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P10
x-amz-server-side-encryption
AES256
newsurvey_comm_4_11zon.webp
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/withoutbg/newsurvey_comm_4_11zon.webp
Requested by
Host: valueofferother.com
URL: https://valueofferother.com/addstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2141:e200:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
730191b0d624b9b67d3f094778c83ce3078e581831bdd459069f84f2df698dd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://valueofferother.com/

Response headers

x-amz-version-id
WLz_ydqyKAwQEZA9fbTORvWZDAn8lzN7
etag
"7f4adbd052f9a615d72543385a1939ef"
age
22891
via
1.1 6365f8c2e6435e0ce1ea9fe112f73a92.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
12604
x-amz-cf-id
FOa45FYM3Nmw4FiuP4Upzi-cLLcTeGIVXn2x-KX2E1zR7jJtAYKhDQ==
date
Mon, 18 Nov 2024 07:50:20 GMT
content-type
image/webp
last-modified
Fri, 12 Jul 2024 13:27:13 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P10
x-amz-server-side-encryption
AES256
2d57582017fdd1a91d6bf3a47b940401.ico
valueofferother.com/new_sweeps_1/assets/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
valueofferother.com
URL
https://valueofferother.com/new_sweeps_1/assets/2d57582017fdd1a91d6bf3a47b940401.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap object| jQuery111109486356610601812 function| $_GET object| months function| days object| time object| d string| dateNow object| now string| targets string| target string| dmn string| redirect_url string| back_url_link object| $curr object| data function| showOfferWall function| daysInMonth function| overflowP function| showDisclaimer function| preventS function| comment function| showModal function| showOfferWallU function| startTimer function| loadingOffers

6 Cookies

Domain/Path Name / Value
valueofferother.com/new_sweeps_1 Name: referrer
Value:
.subdimesionful.com/ Name: sfd
Value: LLkGXGM/8Hp7/dQsTHoWIIbGmrN75SVdrPyZNh612tqGwfJmFwLkmw==
.subdimesionful.com/ Name: tib
Value: Giz7r+ZpQqM1j8wQdKmnU4bGmrN75SVdrPyZNh612tqGwfJmFwLkmw==
.subdimesionful.com/ Name: c21250
Value: LLkGXGM/8HraDXlRjJYgWk4NhFZNbFv34zDEu0aY4OaltMGNrfv03A==
herbstp.com/ Name: uclick
Value: bz3v1z46
herbstp.com/ Name: uclickhash
Value: bz3v1z46-bz3v1z46-p2ej-2tuq-q5a1wj-g6oj3y-9z6jwj-f1da65

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
d3e1y4kxkqljcb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
herbstp.com
salesnetworktrackinginhouse3.com
subalae.mynationmypride.eu.org
subdimesionful.com
valueofferother.com
ypoupfpfpppdkkfkf545efffeeeeieeddd.s3.us-east-2.amazonaws.com
valueofferother.com
142.251.35.163
172.67.157.124
2600:9000:2141:e200:b:4623:cac0:21
2607:f8b0:4006:80e::200a
2a04:4e42:600::649
3.5.130.212
35.195.74.163
35.240.19.90
91.220.101.74
91.220.101.99
007785d2855c00679a7018fa451829913be6ef575711edff9400ac56740b7932
02549bbbcf9535ed0f87d8dbe822024e9f1daeccc457e2bac0e7660083bd3a55
08ca65844ece69d2290142a7582b89bed3a6171d7017bef06258792d51a1d392
2f3d5ec259a242aa753543912bdae36f00ca1e476c353e605ec9bc66efe93893
468e9eccd09ef14e0e66c1206e8186135e6837299def580350b4ab7b4f8e1983
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
730191b0d624b9b67d3f094778c83ce3078e581831bdd459069f84f2df698dd7
8a4a80fdb1c1f9ab2c6adc8167c02e29ccb147ea8bb4e95c142fb4c7b711558a
96a874a36a161a53381e9c5b16dcc188a04da68d463130aaf505c0f08de38782
9ab4f4c2fbb7f22fd22e510a5797ecb47fb1c05c60c9c7ddc578d3841adaf33f
ad19c1ef7f94f4d1c20c7d726cca2a261ce66d2b4f5cabb4bc354040e32967cb
b78faf24b6b8e67285c0664e356c36423d965963b3b926748506ee3af6bfa7a6
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
d0cf533a69b1b62310a8b9daf458dae00841325f0adbdf794c785f5fef48f3c7
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
e22a27f9378e7ceaf4e9820b2ec87ffca4e68343e861392b2794e14f7e24421d
e4fdd7ac61625aa75e3f51d703a222a51b1c9be1f843a0c5b95a82105dd77cb4
f2b42f77e136e582966e56e583f3bddd6a61218644aea311901a858b0cb1154b
f31bcfdd87c563d7a8718912a630922b2838a3e3da45f9ec7a81269e457a4ee3
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f979c2613b3123e22507887df92e83ec58bec43d8fbf9e4ed36b6aa5f69cfcfb
fafd6babd411cc0548f90383b78db705ab1087a1e9641f71dfa6d8eae439193d
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1