| skilledskillemergency.com/w601gb677?dev=r&key=9ced2453f41586bc39632e754938332a&kw=[%220phu7h5mgqot%22]&refer=https://send.cm/0phu7h5mgqot&res=13.31&scrHeight=864&scrWidth=1536&ship=&sub1=22.12.v.5&sub2=1&sub3=inline_layer&tz=2&uuid=a07c743b-bbbf-4123-b3af-225b060c2628:1:1&v=22.12.v.5&yxzvevq=76 | 172.240.108.68 | | 1.6 kB |
URL skilledskillemergency.com/w601gb677?dev=r&key=9ced2453f41586bc39632e754938332a&kw=[%220phu7h5mgqot%22]&refer=https://send.cm/0phu7h5mgqot&res=13.31&scrHeight=864&scrWidth=1536&ship=&sub1=22.12.v.5&sub2=1&sub3=inline_layer&tz=2&uuid=a07c743b-bbbf-4123-b3af-225b060c2628:1:1&v=22.12.v.5&yxzvevq=76 IP172.240.108.68:0
File typeHTML document, ASCII text, with very long lines (732) Hashd0b7360426bb5e13a66fe0a18b853b98 37783a4c14844498e862542b101fc4ee1ab48136 1d0f3c3a360cb680d89bb82e62487be3bd93d5940e547601ddae1fb146c76afc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /w601gb677?dev=r&key=9ced2453f41586bc39632e754938332a&kw=[%220phu7h5mgqot%22]&refer=https://send.cm/0phu7h5mgqot&res=13.31&scrHeight=864&scrWidth=1536&ship=&sub1=22.12.v.5&sub2=1&sub3=inline_layer&tz=2&uuid=a07c743b-bbbf-4123-b3af-225b060c2628:1:1&v=22.12.v.5&yxzvevq=76 HTTP/1.1
Host: skilledskillemergency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 07:51:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15895175; expires=Sat, 11 May 2024 07:51:32 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTg5NTE3NSwiayI6IjljZWQyNDUzZjQxNTg2YmMzOTYzMmU3NTQ5MzgzMzJhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDM1Nzk3LCJwaWQiOjMyMjQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6MjgsInB0Ijo0LCJwayI6Inc2MDFnYjY3NyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zZW5kLmNtLzBwaHU3aDVtZ3FvdCIsImFyIjpbXX19.6Xp2vshSKprqz583odMBwV3xkHuGcoHDVhN6FL8Gqkc; expires=Fri, 10 May 2024 07:52:32 GMT
uid_id2=a07c743b-bbbf-4123-b3af-225b060c2628:1:1; expires=Fri, 17 May 2024 07:51:32 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c1cf5a374f9b9f0ab3cbae7d28d1f111
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| skilledskillemergency.com/api/users?token=L3c2MDFnYjY3Nz9kZXY9ciZrZXk9OWNlZDI0NTNmNDE1ODZiYzM5NjMyZTc1NDkzODMzMmEma3c9JTVCJTIyMHBodTdoNW1ncW90JTIyJTVEJnBzdD0xNzE1MzI3NTUyJnJlZmVyPWh0dHBzJTNBJTJGJTJGc2VuZC5jbSUyRjBwaHU3aDVtZ3FvdCZyZXM9MTMuMzEmcm10Yz10JnNjckhlaWdodD04NjQmc2NyV2lkdGg9MTUzNiZzaGlwPSZzaHU9ZWM4M2U4MmIxMzZhYTk5YTVkYzI0YjhhZjFmODMzNjE5MDgzM2UzMjJhNzNmMTYyZmFmYTVhN2NkNTY3ZTcwMTEwMDhkYmFiZTllZWZlYTdhZDg0MDcwZjMwOWNlZTYyY2YxYmE1N2U2MzkwZjI3MmJjM2VjYzZhNDU0MmQ5ZDFkMmE2YzQzYWQzYWQxMDRmNTA1MDRiNzk2YjA5OTg5YjA4ZmYyMDZiYWM3OTg2Nzc2OWNlMTBhMDdjNTVlNTI2NzMmc3ViMT0yMi4xMi52LjUmc3ViMj0xJnN1YjM9aW5saW5lX2xheWVyJnR6PTImdXVpZD1hMDdjNzQzYi1iYmJmLTQxMjMtYjNhZi0yMjViMDYwYzI2MjglM0ExJTNBMSZ2PTIyLjEyLnYuNSZ5eHp2ZXZxPTc2&uuid=a07c743b-bbbf-4123-b3af-225b060c2628%3A1%3A1&pii=&in=false | 172.240.108.68 | | 0 B |
URL skilledskillemergency.com/api/users?token=L3c2MDFnYjY3Nz9kZXY9ciZrZXk9OWNlZDI0NTNmNDE1ODZiYzM5NjMyZTc1NDkzODMzMmEma3c9JTVCJTIyMHBodTdoNW1ncW90JTIyJTVEJnBzdD0xNzE1MzI3NTUyJnJlZmVyPWh0dHBzJTNBJTJGJTJGc2VuZC5jbSUyRjBwaHU3aDVtZ3FvdCZyZXM9MTMuMzEmcm10Yz10JnNjckhlaWdodD04NjQmc2NyV2lkdGg9MTUzNiZzaGlwPSZzaHU9ZWM4M2U4MmIxMzZhYTk5YTVkYzI0YjhhZjFmODMzNjE5MDgzM2UzMjJhNzNmMTYyZmFmYTVhN2NkNTY3ZTcwMTEwMDhkYmFiZTllZWZlYTdhZDg0MDcwZjMwOWNlZTYyY2YxYmE1N2U2MzkwZjI3MmJjM2VjYzZhNDU0MmQ5ZDFkMmE2YzQzYWQzYWQxMDRmNTA1MDRiNzk2YjA5OTg5YjA4ZmYyMDZiYWM3OTg2Nzc2OWNlMTBhMDdjNTVlNTI2NzMmc3ViMT0yMi4xMi52LjUmc3ViMj0xJnN1YjM9aW5saW5lX2xheWVyJnR6PTImdXVpZD1hMDdjNzQzYi1iYmJmLTQxMjMtYjNhZi0yMjViMDYwYzI2MjglM0ExJTNBMSZ2PTIyLjEyLnYuNSZ5eHp2ZXZxPTc2&uuid=a07c743b-bbbf-4123-b3af-225b060c2628%3A1%3A1&pii=&in=false IP172.240.108.68:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=L3c2MDFnYjY3Nz9kZXY9ciZrZXk9OWNlZDI0NTNmNDE1ODZiYzM5NjMyZTc1NDkzODMzMmEma3c9JTVCJTIyMHBodTdoNW1ncW90JTIyJTVEJnBzdD0xNzE1MzI3NTUyJnJlZmVyPWh0dHBzJTNBJTJGJTJGc2VuZC5jbSUyRjBwaHU3aDVtZ3FvdCZyZXM9MTMuMzEmcm10Yz10JnNjckhlaWdodD04NjQmc2NyV2lkdGg9MTUzNiZzaGlwPSZzaHU9ZWM4M2U4MmIxMzZhYTk5YTVkYzI0YjhhZjFmODMzNjE5MDgzM2UzMjJhNzNmMTYyZmFmYTVhN2NkNTY3ZTcwMTEwMDhkYmFiZTllZWZlYTdhZDg0MDcwZjMwOWNlZTYyY2YxYmE1N2U2MzkwZjI3MmJjM2VjYzZhNDU0MmQ5ZDFkMmE2YzQzYWQzYWQxMDRmNTA1MDRiNzk2YjA5OTg5YjA4ZmYyMDZiYWM3OTg2Nzc2OWNlMTBhMDdjNTVlNTI2NzMmc3ViMT0yMi4xMi52LjUmc3ViMj0xJnN1YjM9aW5saW5lX2xheWVyJnR6PTImdXVpZD1hMDdjNzQzYi1iYmJmLTQxMjMtYjNhZi0yMjViMDYwYzI2MjglM0ExJTNBMSZ2PTIyLjEyLnYuNSZ5eHp2ZXZxPTc2&uuid=a07c743b-bbbf-4123-b3af-225b060c2628%3A1%3A1&pii=&in=false HTTP/1.1
Host: skilledskillemergency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skilledskillemergency.com/api/users?token=L3c2MDFnYjY3Nz9rZXk9MGYyMmMxZmQ2MDlmMTNjYjc5NDdjOGNhYmZlMWE5MGQmc3VibWV0cmljPTE1ODk1MTc1
Cookie: u_pl=15895175; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTg5NTE3NSwiayI6IjljZWQyNDUzZjQxNTg2YmMzOTYzMmU3NTQ5MzgzMzJhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDM1Nzk3LCJwaWQiOjMyMjQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6MjgsInB0Ijo0LCJwayI6Inc2MDFnYjY3NyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zZW5kLmNtLzBwaHU3aDVtZ3FvdCIsImFyIjpbXX19.6Xp2vshSKprqz583odMBwV3xkHuGcoHDVhN6FL8Gqkc; uid_id2=a07c743b-bbbf-4123-b3af-225b060c2628:1:1; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Fri, 10 May 2024 07:51:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://nylonnickel.xyz/c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=39fa98048128ab04b381b0bd9b3f2048&COST_CPC=&PLACEMENT_ID=15895175&CAMPAIGN_ID=1036794&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2918465
Set-Cookie: uid_id2=a07c743b-bbbf-4123-b3af-225b060c2628:1:1; expires=Fri, 17 May 2024 07:51:32 GMT
pdhtkv=true; expires=Sat, 11 May 2024 07:51:33 GMT
uncs=1; expires=Sat, 11 May 2024 07:51:33 GMT
pdhtkv28=true; expires=Sat, 11 May 2024 07:51:33 GMT
uncs28=1; expires=Sat, 11 May 2024 07:51:33 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d4c4c78aa4c3e787d5765e157da3ac2
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| skilledskillemergency.com/favicon.ico | 172.240.127.234 | | 0 B |
URL skilledskillemergency.com/favicon.ico IP172.240.127.234:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: skilledskillemergency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skilledskillemergency.com/api/users?token=L3c2MDFnYjY3Nz9rZXk9MGYyMmMxZmQ2MDlmMTNjYjc5NDdjOGNhYmZlMWE5MGQmc3VibWV0cmljPTE1ODk1MTc1
Cookie: u_pl=15895175; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTg5NTE3NSwiayI6IjljZWQyNDUzZjQxNTg2YmMzOTYzMmU3NTQ5MzgzMzJhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDM1Nzk3LCJwaWQiOjMyMjQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6MjgsInB0Ijo0LCJwayI6Inc2MDFnYjY3NyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zZW5kLmNtLzBwaHU3aDVtZ3FvdCIsImFyIjpbXX19.6Xp2vshSKprqz583odMBwV3xkHuGcoHDVhN6FL8Gqkc; uid_id2=a07c743b-bbbf-4123-b3af-225b060c2628:1:1; cjs=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 07:51:33 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 75b8b746783a51b58b9b1825b0bfbce4
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| nylonnickel.xyz/c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=39fa98048128ab04b381b0bd9b3f2048&COST_CPC=&PLACEMENT_ID=15895175&CAMPAIGN_ID=1036794&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2918465 | 192.64.81.118 | | 0 B |
URL nylonnickel.xyz/c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=39fa98048128ab04b381b0bd9b3f2048&COST_CPC=&PLACEMENT_ID=15895175&CAMPAIGN_ID=1036794&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2918465 IP192.64.81.118:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=39fa98048128ab04b381b0bd9b3f2048&COST_CPC=&PLACEMENT_ID=15895175&CAMPAIGN_ID=1036794&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2918465 HTTP/1.1
Host: nylonnickel.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skilledskillemergency.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 10 May 2024 07:51:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=usoj8wqna6; expires=Sat, 11-May-2024 07:51:33 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=usoj8wqna6-usoj8wqna6-fyyd-0-us8pwj-g5us0-g5pm3y-cf47eb; expires=Sat, 11-May-2024 07:51:33 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=2cd6eusoj8wqna6d22&sub_id=15895175
Strict-Transport-Security: max-age=31536000
|
|
| rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=2cd6eusoj8wqna6d22&sub_id=15895175 | 188.114.97.1 | | 0 B |
URL rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=2cd6eusoj8wqna6d22&sub_id=15895175 IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=2cd6eusoj8wqna6d22&sub_id=15895175 HTTP/1.1
Host: rqqlj.canopusacrux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skilledskillemergency.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 07:51:33 GMT
content-length: 0
location: https://rqqlj.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793
set-cookie: 4l9EZwXc2kSH_LKKjogwWA=1; max-age=345600; path=/; samesite=lax
__pl=7d7cd92a-3cb6-4b7c-b451-8c83076eecd8; expires=Sun, 10 May 2026 07:51:33 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYnHZ8RZQ5mJXfkaLoXfFecvUfk72zjF80XL8LinP0XnQ1rm0V6PXdrhbvusGtdqqf5WEU2CLDf5dVNR2rnq9pmWsFy0p%2B5KE%2BqMas7fb2OHCEp61sivc9WCshpIOWQ0W%2Fn8IWAuPeAR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881858428c6d5691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rqqlj.check-tl-ver-94-2.com/space-robot/assets/corner.png | 104.21.33.96 | | 300 B |
URL rqqlj.check-tl-ver-94-2.com/space-robot/assets/corner.png IP104.21.33.96:0
File typePNG image data, 44 x 44, 8-bit colormap, non-interlaced Hashf66c38fa2cd7c50bd1989d41da28fb80 e1de333eca72647f3c1831083fe678cfa8fe9eab 3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2
GET /space-robot/assets/corner.png HTTP/1.1
Host: rqqlj.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:33 GMT
content-type: image/png
content-length: 300
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-12c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2448
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDBxFbstrWX2RJQzkfHvVxnUAcbkw9RwXk%2F7fHRPXXpt7P9RnP%2FRyB2%2BSTJ5hfB8nu2MCDt99nGztKLfyD7%2F%2BfLoxEkknE44YrKwY0riujXqGdDCAETrFamR3UOc2sDXa3ZMzWB2%2F1uskDbdIls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88185844ee8d56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rqqlj.check-tl-ver-94-2.com
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-2.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:50:52 GMT
expires: Fri, 09 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
age: 108042
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rqqlj.check-tl-ver-94-2.com/space-robot/assets/apple-touch-icon.png | 104.21.33.96 | | 23 kB |
URL rqqlj.check-tl-ver-94-2.com/space-robot/assets/apple-touch-icon.png IP104.21.33.96:0
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hashf500ba7eee0ae7d1ceb44236ac253165 0614de220ecadb48038ed894d91120ba102c8367 ba5a3083c38d71a2191ee7e614a96812d1f9d88bbfb360d3b61dbb1ffcd51de5
GET /space-robot/assets/apple-touch-icon.png HTTP/1.1
Host: rqqlj.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:34 GMT
content-type: image/png
content-length: 23177
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-5a89"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2449
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTPEd9fGM2vWxgyQES3NMf2kmeuXU0UZZv8kvJFXpjQuv0mDgBlT2tmJNlgu%2B%2Fg4NVBI7Lu9%2BscSP8KsLhIH6Cc8nd0WL%2F%2FS1ZJuxdarm%2FP1IZq5ikriMNc35FmrMj7tvyK6ETahCZtIzhuR7GM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88185846790056ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rqqlj.check-tl-ver-94-2.com/space-robot/assets/favicon-16x16.png | 104.21.33.96 | | 1.2 kB |
URL rqqlj.check-tl-ver-94-2.com/space-robot/assets/favicon-16x16.png IP104.21.33.96:0
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hash9d35b617fd258f648c37812252297dd3 7e32fd007f1c6fe1466d15439173082c0fbe82da e8a768f8122da75777dc64b6d35e756a1848c4f330f293920c18480df085000a
GET /space-robot/assets/favicon-16x16.png HTTP/1.1
Host: rqqlj.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:34 GMT
content-type: image/png
content-length: 1163
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-48b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8yEX7TpuGRxEGpPcycDFxSrZXY4Cvq07ukcNF3fGWusNrMtw7zNh5Eon7cHm8N8Hb0qS31eXK37tFJbHEnT2CT89yNCD9eDZu0u8U3EXgykqOBkpLDB6A0bYxx4VLepV9aV0H0Pib4ORLih91Ig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88185846790256ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rqqlj.check-tl-ver-94-2.com/space-robot/assets/main.js?v=3 | 104.21.33.96 | | 5.7 kB |
URL rqqlj.check-tl-ver-94-2.com/space-robot/assets/main.js?v=3 IP104.21.33.96:0
File typeJavaScript source, ASCII text, with very long lines (2745) Hash01c51ed0a287b5ddf6793778cfa3a72c ebd2613cd806b8e080f556b0d254c0f7a6c738a9 4c0224d810d4f0ac617ddd4ab215e0084aeec230d8944780a129c0046de2dad5
GET /space-robot/assets/main.js?v=3 HTTP/1.1
Host: rqqlj.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:33 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1255"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2BeGZXpSjfHCwHhx6075se6Tgs1rHwqIlVUzTLZwdxTEsPnewL5PkSgymJ%2FmyjzzXhtNSwRRFdHSRVvLq9uwPoJTNNI7bb5CamC8tWf0RUp0eFnCi6q3TFSYYw%2BGFSS3SzqbW%2FR6jhkzxg4JGx0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88185844ee8f56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js | 142.250.74.35 | | 9.3 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (28368) Hash9900403b65514fad7df39a4e788a6e45 75f9ba061ef4e72bb23528c700f2a11c56d637e9 a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:28:12 GMT
expires: Sat, 10 May 2025 06:28:12 GMT
cache-control: public, max-age=31536000
age: 5002
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.35 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 104636
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pa.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793 | 104.21.33.96 | | 3.8 kB |
URL pa.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793 IP104.21.33.96:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (474) Hash01041709ecf6a3f0b549820730593c03 55775e4279d24a34f601bf8180d9f280b8131e0d 51907b3319c05ec1c1a7466f4017f4dcc7b6dc59a29ed962bfd36572f223bb51
GET /space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793 HTTP/1.1
Host: pa.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-2.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:34 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xXqGsDtM%2BoCZxnR859tq63tSlGE2lVRRGJun9Suic9YiU8INvSrrURGE3FOLX0j0z70QlsVgBAwDrLrEneL55gBpL7k8EnH4JNu5h0JIxnpgDxPi%2BgPt3sHoAlgTkC5fw%2B1Q7c5D%2FT5hJY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881858481b5356ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pa.check-tl-ver-94-2.com
DNT: 1
Connection: keep-alive
Referer: https://pa.check-tl-ver-94-2.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:50:52 GMT
expires: Fri, 09 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
age: 108042
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rqqlj.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793 | 104.21.33.96 | | 28 kB |
URL rqqlj.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793 IP104.21.33.96:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (474) Hash01041709ecf6a3f0b549820730593c03 55775e4279d24a34f601bf8180d9f280b8131e0d 51907b3319c05ec1c1a7466f4017f4dcc7b6dc59a29ed962bfd36572f223bb51
GET /space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793 HTTP/1.1
Host: rqqlj.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skilledskillemergency.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:33 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=myyl4dhBHprm5u%2F0oc7aWx%2BaeWlnC6DT%2B53ElEI%2B7%2B1LZFZAw0H7QHcsCeC91XS6MDUA0AW5GMo55ORLcNB38bmxtwCxmIqhRfjCm3c5YOHpyuC%2BrdBIGOj3GrtiTG%2F0Ha8DTi2Ht3cGe2crX4w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881858435808b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnstatic.check-tl-ver-94-2.com/ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA | 104.21.33.96 | | 9.6 kB |
URL cdnstatic.check-tl-ver-94-2.com/ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA IP104.21.33.96:0
File typeJavaScript source, ASCII text, with very long lines (28370), with CRLF, LF line terminators Hashdd2ee4bb74245ebe50e3c8c00f257fe4 1d21907a65f443cd44ec09da7924488ba491c8df b45a2bdd8dc35968239a48b988dd676ff64550c5c060b40af7bcaa1024492b4e
GET /ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA HTTP/1.1
Host: cdnstatic.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pa.check-tl-ver-94-2.com/
Cookie: __psu=e5e7424e-f2a9-4f9c-a9e7-09a4c4717332
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:34 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXzx1x0wbDMFIoe5pi%2FwjSzv5KNmcMIgMztESSDNPvZPhVVe09QmOQ7ka4dhaDGQCat5h%2F5pZY9qhSEQKjX0PPEnJXXC%2B8kcGGRdZCudjjLlAIwQfZ4%2BWzz4%2BNwtbQYk79xU66KR0VqxwH7QAbmYtKej"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88185849ce4256ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rqqlj.check-tl-ver-94-2.com/space-robot/assets/trls.js | 104.21.33.96 | | 6.1 kB |
URL rqqlj.check-tl-ver-94-2.com/space-robot/assets/trls.js IP104.21.33.96:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (357), with CRLF line terminators Hash7f5c725b2c23b9687fa08d162a17427a 94973f1227871750d2ef13a367ce691f1a062527 c9611ce748d6c7c99d3f374a0b687db2e2428fc5ec9c4e7ae71b2e4305ac60e3
GET /space-robot/assets/trls.js HTTP/1.1
Host: rqqlj.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:33 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-2f4d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qlD9wjCb7P5GvpvQCUu4xjxTTQRCHEqf4mVz33djxvqf9PRWhkLFYlzfU%2Fiyjqe61nU555L6f6oXYJQdVMFADh1myX%2FMA6Mtyxkiog5pVhizg1mlWWCNKWg2loMfTZYEGs5Y11FOGVVOz8x1kE0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88185844de8156ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.35 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pa.check-tl-ver-94-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 104636
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pb.check-tl-ver-94-2.com/space-robot/assets/corner.png | 104.21.33.96 | | 300 B |
URL pb.check-tl-ver-94-2.com/space-robot/assets/corner.png IP104.21.33.96:0
File typePNG image data, 44 x 44, 8-bit colormap, non-interlaced Hashf66c38fa2cd7c50bd1989d41da28fb80 e1de333eca72647f3c1831083fe678cfa8fe9eab 3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2
GET /space-robot/assets/corner.png HTTP/1.1
Host: pb.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pb.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:35 GMT
content-type: image/png
content-length: 300
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-12c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7mtFkMkCWdyWJ3kNRNh0OzGgpKCLTXv9nCdPbThrt8%2B6w00u8yLPo5N2DbgGpTEqGp6HvStb0s7HK1kvlVKxEiZlpFfK25WXF5eL1Zfm7yqlbmmFrXNZEPFhdx62tQ%2F0QRzOC18uXhYtDk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818584be99c56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pb.check-tl-ver-94-2.com
DNT: 1
Connection: keep-alive
Referer: https://pb.check-tl-ver-94-2.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:50:52 GMT
expires: Fri, 09 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
age: 108043
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdnstatic.check-tl-ver-94-2.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-94-2.com&timeout=30&tb=true&nrid=77b9b0abdc154390b6df13e6bd9a35a7 | 104.21.33.96 | | 15 kB |
URL cdnstatic.check-tl-ver-94-2.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-94-2.com&timeout=30&tb=true&nrid=77b9b0abdc154390b6df13e6bd9a35a7 IP104.21.33.96:0
File typegzip compressed data, from Unix Hashcf2ce35a78da04feb285c11276febed5 5a942dddb571aca9ac509199df8526a502f1e5bb 4f6893ada583e0742d69b3f0b6755e61cd1800c440215f3dca1f9d36b71271d4
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-94-2.com&timeout=30&tb=true&nrid=77b9b0abdc154390b6df13e6bd9a35a7 HTTP/1.1
Host: cdnstatic.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pb.check-tl-ver-94-2.com/
Cookie: __psu=e5e7424e-f2a9-4f9c-a9e7-09a4c4717332
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:35 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JozIH6Hswqv3QBDjZedi3plnorl5qOAmkOLBqmOcYObfTTEaFT%2B2DHKPnrnX%2FRRjE21LYYg%2BAtUWygJNaTr6NeZ9EJpOwsSr7SqQuz6hvnoeIy88P%2BEqqLuVTQKanWFt7oeY9UGQ7RgVU4dlGg1r7v7L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818584c7a8156ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js | 142.250.74.35 | | 9.3 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (28368) Hash9900403b65514fad7df39a4e788a6e45 75f9ba061ef4e72bb23528c700f2a11c56d637e9 a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pb.check-tl-ver-94-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:28:12 GMT
expires: Sat, 10 May 2025 06:28:12 GMT
cache-control: public, max-age=31536000
age: 5003
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pb.check-tl-ver-94-2.com/space-robot/assets/apple-touch-icon.png | 104.21.33.96 | | 23 kB |
URL pb.check-tl-ver-94-2.com/space-robot/assets/apple-touch-icon.png IP104.21.33.96:0
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hashf500ba7eee0ae7d1ceb44236ac253165 0614de220ecadb48038ed894d91120ba102c8367 ba5a3083c38d71a2191ee7e614a96812d1f9d88bbfb360d3b61dbb1ffcd51de5
GET /space-robot/assets/apple-touch-icon.png HTTP/1.1
Host: pb.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pb.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:35 GMT
content-type: image/png
content-length: 23177
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-5a89"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZbnEhBuu5unCUSFOXyYJSLT8yfEQg5aWu6PomH3180leyDCWWkzHPD%2F4cLMsSJU88j7xOnfucg%2BQpNfQrZzKz2t1ehgmBxx7QNr6Y%2B1qwL0yWWe4JcAdnizd%2BrryeMvJkvMyRirJ55ArMLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818584ccb0a56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.35 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pb.check-tl-ver-94-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 104637
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.highcpmgate.com/g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec | 172.240.108.68 | | 1.4 kB |
URL www.highcpmgate.com/g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec IP172.240.108.68:0
File typeHTML document, ASCII text, with very long lines (420) Hash665f57a76f8279ac1fbf4858ba907a43 426bc28729de4435546e9fc92a26541b84c91e6d 90d5214b7b4bb501eb7406bd72519c0c7f6790f41de000d78c59695a923823c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 07:51:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=23070551; expires=Sat, 11 May 2024 07:51:35 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA3MDU1MSwiayI6Ijk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzk1OTI5LCJwaWQiOjE4MjM3NzAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzEsImFpZCI6MjgsInB0Ijo0LCJwayI6ImcwcmN5YWFhYjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.U2ebwFjEv1emnUSOTmNQTe-4rPP39OWIepgfVbZEwNQ; expires=Fri, 10 May 2024 07:52:35 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 859775c36056c88a8d751d5be1927506
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MzI3NTU1JnJtdGM9dCZzaHU9NTFmMjdiMWJmNWM5ZTJiMzIwY2E2NDQwNTYxNWE2ZDNhOGE2Y2M3N2IzZWYxY2JjZWU0Zjc1NjJjYjA0OTg0YzM4YWRmYTNkZDU1NjNmZTUxNzhiOTBiYTJiMDI3MWJkMWNiODMyYWI5OWI5NjJiZTIxNjk5Y2EyNjA2NzBjZjFhMGJkODQ2NmE5MzI1MjgwOTljZjcwOGZhMTZjM2NiY2UzZDZlM2M4ODA0MmVmNWJhYmEyNzBiMjVjMjM3ZTlhMzVmOGRi&uuid=&pii=&in=false | 192.243.61.225 | | 0 B |
URL www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MzI3NTU1JnJtdGM9dCZzaHU9NTFmMjdiMWJmNWM5ZTJiMzIwY2E2NDQwNTYxNWE2ZDNhOGE2Y2M3N2IzZWYxY2JjZWU0Zjc1NjJjYjA0OTg0YzM4YWRmYTNkZDU1NjNmZTUxNzhiOTBiYTJiMDI3MWJkMWNiODMyYWI5OWI5NjJiZTIxNjk5Y2EyNjA2NzBjZjFhMGJkODQ2NmE5MzI1MjgwOTljZjcwOGZhMTZjM2NiY2UzZDZlM2M4ODA0MmVmNWJhYmEyNzBiMjVjMjM3ZTlhMzVmOGRi&uuid=&pii=&in=false IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MzI3NTU1JnJtdGM9dCZzaHU9NTFmMjdiMWJmNWM5ZTJiMzIwY2E2NDQwNTYxNWE2ZDNhOGE2Y2M3N2IzZWYxY2JjZWU0Zjc1NjJjYjA0OTg0YzM4YWRmYTNkZDU1NjNmZTUxNzhiOTBiYTJiMDI3MWJkMWNiODMyYWI5OWI5NjJiZTIxNjk5Y2EyNjA2NzBjZjFhMGJkODQ2NmE5MzI1MjgwOTljZjcwOGZhMTZjM2NiY2UzZDZlM2M4ODA0MmVmNWJhYmEyNzBiMjVjMjM3ZTlhMzVmOGRi&uuid=&pii=&in=false HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PWE5NjljYTVjOWFkMjYxMTc2MmYxMWI3OWE1MjZlMmQyJnN1Ym1ldHJpYz0yMzA3MDU1MQ
Cookie: u_pl=23070551; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA3MDU1MSwiayI6Ijk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzk1OTI5LCJwaWQiOjE4MjM3NzAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzEsImFpZCI6MjgsInB0Ijo0LCJwayI6ImcwcmN5YWFhYjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.U2ebwFjEv1emnUSOTmNQTe-4rPP39OWIepgfVbZEwNQ; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Fri, 10 May 2024 07:51:36 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39f76a12bcbf3af028a8b7ab316fd085&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296
Set-Cookie: iprc3826924f4c3e8d7677f6acd7a768a82f=5206192; expires=Sat, 11 May 2024 07:51:36 GMT
pdhtkv=true; expires=Sat, 11 May 2024 07:51:36 GMT
uncs=1; expires=Sat, 11 May 2024 07:51:36 GMT
pdhtkv28=true; expires=Sat, 11 May 2024 07:51:36 GMT
uncs28=1; expires=Sat, 11 May 2024 07:51:36 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38d15552464b6cbebaf29e410888a966
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39f76a12bcbf3af028a8b7ab316fd085&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296 | 192.64.81.118 | | 0 B |
URL wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39f76a12bcbf3af028a8b7ab316fd085&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296 IP192.64.81.118:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39f76a12bcbf3af028a8b7ab316fd085&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296 HTTP/1.1
Host: wifescamara.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 10 May 2024 07:51:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=usoj8wqnb4; expires=Sat, 11-May-2024 07:51:36 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=usoj8wqnb4-usoj8wqnb4-uoxs-0-usa30-9rq5dz-9rq5bl-c29105; expires=Sat, 11-May-2024 07:51:36 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=7205cusoj8wqnb4164&sub_id=23070551
Strict-Transport-Security: max-age=31536000
|
|
| gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=7205cusoj8wqnb4164&sub_id=23070551 | 172.67.131.194 | | 0 B |
URL gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=7205cusoj8wqnb4164&sub_id=23070551 IP172.67.131.194:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=dR1J35fCDkibR45g1XXjgg&click_id=7205cusoj8wqnb4164&sub_id=23070551 HTTP/1.1
Host: gzeao.canopusacrux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 07:51:37 GMT
content-length: 0
location: https://gzeao.check-tl-ver-154-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=7205cusoj8wqnb4164&sub_id=23070551&nrid=03304cdff34345dc9c3dd5adefe30595&hash=sWzCYRDb0yADdg9eq4IdYA&exp=1715327797
set-cookie: dR1J35fCDkibR45g1XXjgg=2; max-age=345600; path=/; samesite=lax
__pl=e143aade-7a70-4022-820c-34896116478a; expires=Sun, 10 May 2026 07:51:37 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIBGuWtZ%2FwVWkCLMpMcDp4cKR5TC3odaJRgZ6ze8xjqL4UDFZgMYHT%2B1S653Pjjop1sQFtnpXLi7Y26dd2GxmZ9lunBtwCAbDHll4V34rKJzkkNIqvrNxAhrVf4Wrj6S%2BdDTH%2FcMfQbj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881858587ebb0b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gzeao.check-tl-ver-154-1.com/favicon.ico | 172.67.139.242 | | 0 B |
URL gzeao.check-tl-ver-154-1.com/favicon.ico IP172.67.139.242:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: gzeao.check-tl-ver-154-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-154-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=7205cusoj8wqnb4164&sub_id=23070551&nrid=03304cdff34345dc9c3dd5adefe30595&hash=sWzCYRDb0yADdg9eq4IdYA&exp=1715327797
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 10 May 2024 07:51:37 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U42a4RSgwUL%2FL8Dv1gu5zxHDfYVrDr3u9NsnByOeLRzvLLMUg75BvV45sxk5ACaQ3C49YiLmV6frv7Cbil%2Fl3EEOwFlr5aJAUddALhMaNClFSgwNYL7myyOItYJdYzgftmxHvMFJnAXUCMzTaS6Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818585b896456cc-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gzeao.check-tl-ver-154-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=7205cusoj8wqnb4164&sub_id=23070551&nrid=03304cdff34345dc9c3dd5adefe30595&hash=sWzCYRDb0yADdg9eq4IdYA&exp=1715327797 | 172.67.139.242 | | 33 kB |
URL gzeao.check-tl-ver-154-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=7205cusoj8wqnb4164&sub_id=23070551&nrid=03304cdff34345dc9c3dd5adefe30595&hash=sWzCYRDb0yADdg9eq4IdYA&exp=1715327797 IP172.67.139.242:0
File typeHTML document, ASCII text, with very long lines (10169) Hash80f93dbb557a8864dc665d0ce557af58 963f36ccd9c2e63967ea3a66d051a8b4b7e08ab6 ee4d53ba73ffa074d944eae12df6386888e842ce4ca82d0ca6d6779256257f3b
GET /allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=7205cusoj8wqnb4164&sub_id=23070551&nrid=03304cdff34345dc9c3dd5adefe30595&hash=sWzCYRDb0yADdg9eq4IdYA&exp=1715327797 HTTP/1.1
Host: gzeao.check-tl-ver-154-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:37 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NgUGPnYJWleQJD0tKWTsJrmBvde%2BqCcWu4cjFJT5u%2F%2Fxy6mjQWipVtTBDrB1bXH7ZWe%2BSAjoxsj2t9lXZkqfS5XNPcKLKzPyQbRNvTIpwKk946kgRiWMZNPVoGROeUBGvF8b4cIBvbVfBLUVaRMX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881858592cc456a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rqqlj.check-tl-ver-94-2.com/space-robot/assets/style.css?v=4 | 104.21.33.96 | | 12 kB |
URL rqqlj.check-tl-ver-94-2.com/space-robot/assets/style.css?v=4 IP104.21.33.96:0
File typeJavaScript source, ASCII text, with very long lines (38231), with CRLF, LF line terminators Hash39d6bd805ca632ac9161dbb18266a956 961c0a07f35a7d51da7e56182195c12d3dc452a8 8cb9a787e96d21aaa27a4676470dc3baf6596fd13b2a51333f1949ac1da55a72
GET /space-robot/assets/style.css?v=4 HTTP/1.1
Host: rqqlj.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:33 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1986"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wFypHjryeZdv81gWUQwIxE%2FO%2BGMacSsG27WBMh5Buwc2codExj4Hg1Rj8dVlpBCOm2uaZbYe88nUL8VWY7nHzGiDkTiw3LlHF7vyxOU6Oag6pPufNMdeXFq7o65UQ8owzudEup5tmmrBNaTqXTI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88185844ee8756ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnstatic.check-tl-ver-94-2.com/ps/tb?id=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&sub_id=15895175&click_id=2cd6eusoj8wqna6d22&nrid=ca1028dba7f5e4d3f7962bf6605cea40&reason=tb_exit&attempt=3 | 104.21.33.96 | | 491 B |
URL cdnstatic.check-tl-ver-94-2.com/ps/tb?id=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&sub_id=15895175&click_id=2cd6eusoj8wqna6d22&nrid=ca1028dba7f5e4d3f7962bf6605cea40&reason=tb_exit&attempt=3 IP104.21.33.96:0
File typeHTML document, ASCII text, with CRLF line terminators Hashad99043e8917f5f994ab97c303a89f3d eb5b0e0541c8cba0064ceae978e4ab77d16224cb 79dd6d05dd3f77f42d90d78e05d5e57ebb118bada7e9a2e68462337ef4148e89
GET /ps/tb?id=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&sub_id=15895175&click_id=2cd6eusoj8wqna6d22&nrid=ca1028dba7f5e4d3f7962bf6605cea40&reason=tb_exit&attempt=3 HTTP/1.1
Host: cdnstatic.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pb.check-tl-ver-94-2.com/
Cookie: __psu=e5e7424e-f2a9-4f9c-a9e7-09a4c4717332
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:35 GMT
content-type: text/html
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jurgrgLIV0UHE4FXCo%2BxjGFxawvburPjMSRMOZx%2BzlpFD%2BjJU7A4WEFB%2Fv5ZAInFOHxvtAiwKtcbdfHQvRQjs91wxOwpjcGEDOTae9lxCFmBzuyU0H7lOxOA%2BiU7WAua0ZLv741UNWN41XyX5z4ZxjxA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818584d9c9356ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdnstatic.check-tl-ver-94-2.com/ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA | 104.21.33.96 | | 33 kB |
URL cdnstatic.check-tl-ver-94-2.com/ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA IP104.21.33.96:0
File typegzip compressed data, from Unix Hashd2b17a99bf3c325159da33a931d51b58 9c2ab05f621e638ca9cae7597d436b99a2c5092f b62ee61c26dd2964cc2f69f1dbff9e309d7b5cd2d7e2e2b18e2182f10fee2cf5
GET /ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA HTTP/1.1
Host: cdnstatic.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-2.com/
Cookie: __psu=e5e7424e-f2a9-4f9c-a9e7-09a4c4717332
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:34 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Khs1Y17Eaysbq0Wr2AFkpLfgQxl9dsP1lK0A5vuTPKTGHYKje9GBGzbS0uMPQhsiTE3SwJgkX61o2P96P7eljffaop2T4mq6K6QOltb5eP8WyXjmHnTrxwJgs90ZgQwMFzyzlDmsuhtV9OV0s452E18p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88185846992156ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| pa.check-tl-ver-94-2.com/space-robot/assets/style.css?v=4 | 104.21.33.96 | | 12 kB |
URL pa.check-tl-ver-94-2.com/space-robot/assets/style.css?v=4 IP104.21.33.96:0
File typeJavaScript source, ASCII text, with very long lines (38231), with CRLF, LF line terminators Hash39d6bd805ca632ac9161dbb18266a956 961c0a07f35a7d51da7e56182195c12d3dc452a8 8cb9a787e96d21aaa27a4676470dc3baf6596fd13b2a51333f1949ac1da55a72
GET /space-robot/assets/style.css?v=4 HTTP/1.1
Host: pa.check-tl-ver-94-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pa.check-tl-ver-94-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=2cd6eusoj8wqna6d22&sub_id=15895175&nrid=77b9b0abdc154390b6df13e6bd9a35a7&hash=LDe-PwYNwy-EOyGAqDpU6Q&exp=1715327793
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:34 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1986"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5NLGJtEAb%2FcymUa99yasKEAarNDnOVnEDfFSo9XwVnI%2BN%2BHal3nQnkUCSt%2FpXcGtzKBmiTUty7eYpqhqbUpDJQtgQF52kb1L6egIdSu4%2BcHls%2B3HxiJTNQ1XPoAQjKX%2F585h%2B8605N7HQ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88185848bc5256ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glugherg.net/sftouch?userId=008058bc37424068e513336786e123f6&z=6662145&p_rid=9ceef9d5-0bba-4fb1-a4e4-0cbec42f60eb&p_src=sf&branchId=0&rb=ooSnXJP0Mv2uwqLv1FnI_sMMX0jdDXbLgyJtitz7oefDfwzqf1KQirlisFD7CB49D15DbAzLMw5PhLr1nVFKjQyPdvU4hrj224buoPqh121Ama7Pr6n_y2Ov7gKGsmrsdLbQ1uAn-8VYe5mO2pnw6lyJL3w92pY77lHxwo9Y6kfUjNQEgbm7gKryVyFuZFH_GueS8zX8UPT1mKWfko5NKVL_Q6OGYjW0Pbb9fvWDRYM= | 139.45.197.237 | | 2 B |
URL glugherg.net/sftouch?userId=008058bc37424068e513336786e123f6&z=6662145&p_rid=9ceef9d5-0bba-4fb1-a4e4-0cbec42f60eb&p_src=sf&branchId=0&rb=ooSnXJP0Mv2uwqLv1FnI_sMMX0jdDXbLgyJtitz7oefDfwzqf1KQirlisFD7CB49D15DbAzLMw5PhLr1nVFKjQyPdvU4hrj224buoPqh121Ama7Pr6n_y2Ov7gKGsmrsdLbQ1uAn-8VYe5mO2pnw6lyJL3w92pY77lHxwo9Y6kfUjNQEgbm7gKryVyFuZFH_GueS8zX8UPT1mKWfko5NKVL_Q6OGYjW0Pbb9fvWDRYM= IP139.45.197.237:0
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sftouch?userId=008058bc37424068e513336786e123f6&z=6662145&p_rid=9ceef9d5-0bba-4fb1-a4e4-0cbec42f60eb&p_src=sf&branchId=0&rb=ooSnXJP0Mv2uwqLv1FnI_sMMX0jdDXbLgyJtitz7oefDfwzqf1KQirlisFD7CB49D15DbAzLMw5PhLr1nVFKjQyPdvU4hrj224buoPqh121Ama7Pr6n_y2Ov7gKGsmrsdLbQ1uAn-8VYe5mO2pnw6lyJL3w92pY77lHxwo9Y6kfUjNQEgbm7gKryVyFuZFH_GueS8zX8UPT1mKWfko5NKVL_Q6OGYjW0Pbb9fvWDRYM= HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=008058bc37424068e513336786e123f6; oaidts=1715327498
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:51:38 GMT
content-type: text/plain
content-length: 2
x-trace-id: a76dbec0874cf717d92c370568ad8dd0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://glugherg.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=008058bc37424068e513336786e123f6&z=6662145&p_rid=9ceef9d5-0bba-4fb1-a4e4-0cbec42f60eb&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=008058bc37424068e513336786e123f6&z=6662145&p_rid=9ceef9d5-0bba-4fb1-a4e4-0cbec42f60eb&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=008058bc37424068e513336786e123f6&z=6662145&p_rid=9ceef9d5-0bba-4fb1-a4e4-0cbec42f60eb&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:51:38 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008058bc37424068e513336786e123f6; expires=Sat, 10 May 2025 07:51:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| glugherg.net/favicon.ico | 139.45.197.237 | | 0 B |
IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=008058bc37424068e513336786e123f6; oaidts=1715327498
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 10 May 2024 07:51:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
|
|
| glugherg.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9ceef9d5-0bba-4fb1-a4e4-0cbec42f60eb | 139.45.197.237 | | 12 B |
URL glugherg.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9ceef9d5-0bba-4fb1-a4e4-0cbec42f60eb IP139.45.197.237:0
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9ceef9d5-0bba-4fb1-a4e4-0cbec42f60eb HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1381
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=008058bc37424068e513336786e123f6; oaidts=1715327498
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:51:38 GMT
content-type: application/json; charset=utf-8
content-length: 12
access-control-allow-origin: https://glugherg.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| glugherg.net/?z=6662145&syncedCookie=true&rhd=false | 139.45.197.237 | 302 Found | 0 B |
URL User Request POST HTTP/2glugherg.net/?z=6662145&syncedCookie=true&rhd=false IP139.45.197.237:443
CertificateIssuerLet's Encrypt Subjectglugherg.net Fingerprint32:41:21:37:65:99:C2:A0:C3:78:74:04:E3:8D:18:A9:B6:60:97:57 ValiditySun, 14 Apr 2024 05:10:47 GMT - Sat, 13 Jul 2024 05:10:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /?z=6662145&syncedCookie=true&rhd=false HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 520
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/afu.php?zoneid=6662145&var=6662145&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=008058bc37424068e513336786e123f6; oaidts=1715327498
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 10 May 2024 07:51:38 GMT
content-length: 0
location: https://secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=812705033417400671&cost=0.001050&zoneid=6662145&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0
x-trace-id: 997bafa60169acf443b02076393f264a
link: <https://secureltrk.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://glugherg.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008058bc37424068e513336786e123f6; expires=Sat, 10 May 2025 07:51:38 GMT; path=/; secure; SameSite=None
oaidts=1715327498; expires=Sat, 10 May 2025 07:51:38 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 17 May 2024 07:51:38 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=812705033417400671&cost=0.001050&zoneid=6662145&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 | 176.97.112.149 | 307 Temporary Redirect | 0 B |
URL User Request GET HTTP/2secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=812705033417400671&cost=0.001050&zoneid=6662145&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 IP176.97.112.149:443 ASN#43180 Virtual Systems LLC
CertificateIssuerLet's Encrypt Subjectsecureltrk.com Fingerprint91:A8:57:2C:3B:9E:B5:B7:A7:E4:55:0C:08:59:E7:45:9D:A9:4C:9D ValidityFri, 22 Mar 2024 12:23:21 GMT - Thu, 20 Jun 2024 12:23:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?key=964a6cb724a8ed441ad5&visitor_id=812705033417400671&cost=0.001050&zoneid=6662145&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 HTTP/1.1
Host: secureltrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Fri, 10 May 2024 07:51:39 GMT
location: https://g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cout42ta6vts73c58pi0
server: Caddy
set-cookie: uclick=kbiDkAxfON41grf0OmCYv/dzCVK0Mj3BVeby73l196uupWoV72gC7OqAXZisDF53LtpfPQ==; Max-Age=31536000; SameSite=Lax
bcid=cout42ta6vts73c58pi0; Max-Age=31536000; SameSite=Lax
cid=cout42ta6vts73c58pi0; Max-Age=31536000; SameSite=Lax
x-request-id: 11900e7e-2987-4f7d-8c22-7961f3f4f519
content-length: 0
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/images/check-icon.png | 188.114.97.1 | 200 OK | 45 kB |
URL GET HTTP/3prfectnewoffers.net/images/check-icon.png IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typePNG image data, 900 x 520, 8-bit/color RGBA, non-interlaced Hash678be8aead34ae53e3a53f79ba30c820 a90e388c192e1287fb9132385e0e9960a1f7c15e 79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
GET /images/check-icon.png HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ik4waFZOXC9aYWJDYmtIZ21obGk1ZUhRPT0iLCJ2YWx1ZSI6Iis0WXJLQ1dwaDMreUdGYk82MHFzUk5kZ2RRTThtYWxDXC9WY2JkYlhkbGd6enNZbktyY2FDTVJTZXczMEJFWk03IiwibWFjIjoiMzVkOWIxYTQ3NTJjMWZhMjYzNDBiMGQ0Y2I3NWE4NTg2MjA4NGU1MTg1YjNlYWIyMGQxZDdiZTg1ZTQ5Y2VjNCJ9; c=eyJpdiI6InlBYVFmR010RVdBa1I2RGlibHF1d3c9PSIsInZhbHVlIjoiVFozNmt6MjhseGRuWm9aY3dURnloQzdQbnNIT2dZYU5jMGF1bzBibU0rcFwvXC8wK2g4dkVRT0Nkc2JDSEtnbHRpIiwibWFjIjoiNzVkMjUzYmEyMzFkNjU3MGU0NWIxNGZlYWIxZWI2ZjM0YzZmMmFjOTA3NjA2M2U4Nzg2NzdiMWJhZDYyOTE3MCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/png
content-length: 45018
last-modified: Fri, 26 Apr 2024 12:53:43 GMT
etag: "662ba3d7-afda"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 2859
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YD3JSgFfFopqxu7%2FWH4v3kNQIC21v0%2BjsvZQt9w0wcSGGlFHT3I8Wpn005MRaMW8VsPAe%2B2Uu%2B6h8M7vnn1PSroObHof03my%2FDoPak%2FsTWu5ez3jGa87M5qOyRME%2FtI7yySHGHQ9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818586b2c1a56bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/media/sad-face.svg | 188.114.97.1 | 200 OK | 1.1 kB |
URL GET HTTP/3prfectnewoffers.net/media/sad-face.svg IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typegzip compressed data, from Unix Hash947bcdd5b2ee2f8ec62ee27b97b36ba2 0f3b4f810f99c3e7eb6c3f3458a3380d8f79d8d9 c8a9257207d3f2f2f8da78eecfa46031b0c5f91308d04ef5be266f9ee4a8184f
GET /media/sad-face.svg HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ik4waFZOXC9aYWJDYmtIZ21obGk1ZUhRPT0iLCJ2YWx1ZSI6Iis0WXJLQ1dwaDMreUdGYk82MHFzUk5kZ2RRTThtYWxDXC9WY2JkYlhkbGd6enNZbktyY2FDTVJTZXczMEJFWk03IiwibWFjIjoiMzVkOWIxYTQ3NTJjMWZhMjYzNDBiMGQ0Y2I3NWE4NTg2MjA4NGU1MTg1YjNlYWIyMGQxZDdiZTg1ZTQ5Y2VjNCJ9; c=eyJpdiI6InlBYVFmR010RVdBa1I2RGlibHF1d3c9PSIsInZhbHVlIjoiVFozNmt6MjhseGRuWm9aY3dURnloQzdQbnNIT2dZYU5jMGF1bzBibU0rcFwvXC8wK2g4dkVRT0Nkc2JDSEtnbHRpIiwibWFjIjoiNzVkMjUzYmEyMzFkNjU3MGU0NWIxNGZlYWIxZWI2ZjM0YzZmMmFjOTA3NjA2M2U4Nzg2NzdiMWJhZDYyOTE3MCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 12:57:38 GMT
vary: Accept-Encoding
etag: W/"662ba4c2-5dc"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2859
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TuhlxipJJLTEB3vn%2FKI%2BglgdW4eBiSB75SGWXeXamt87Y4ZVvrnXGk569oSqBPKDencUumhPCk8bRSBZcNi2EHqLi%2FNfgIl26eoegQqs0s3iZ0%2BKmQ%2Bc7wy%2FAZtQ3P1aBElBG8GD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818586b3c3756bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mgkstatic33.b-cdn.net/43461/images/logo.png | 194.242.11.186 | 200 OK | 12 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/logo.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 436 x 130, 8-bit/color RGBA, non-interlaced Hash34156c9cf33b3a62f654c05dce790379 3e937d90138e64ceb158a1d7940e88551e7d3ae4 d13af073b360ef22d6fae9f4553a70389ba215b9d4dff52a9e2358417be6921c
GET /43461/images/logo.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/png
content-length: 12510
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "34156c9cf33b3a62f654c05dce790379"
last-modified: Wed, 13 Mar 2024 15:17:34 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000008b1c89a4d0b15148-0065f29eca-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 864461ec3802b51d-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/14/2024 12:49:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d5dc9fe4bf628b9088cc8dca4e3b0dd9
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png | 194.242.11.186 | 200 OK | 4.0 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 71 x 72, 8-bit/color RGBA, non-interlaced Hashaa55fd19e5efcaea20c5baf81e722bbc 6e5466aa0c4bf4586f1d6e53ae63f9c1fc1a3f56 3d25d49488fafac19a1fd40686a0d901d245e613db1d0b1ddb9a38fa101c659e
GET /43461/images/Icon-ionic-md-trophy.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/png
content-length: 3992
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "aa55fd19e5efcaea20c5baf81e722bbc"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000052d3ae9d438c6d95-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b73bf9f0b45-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6c86fb1fb212dd72639d36c3e761f6a5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png | 194.242.11.186 | 200 OK | 3.8 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 78 x 78, 8-bit/color RGBA, non-interlaced Hash2973d7d42cbc07bd0099eec135a5de96 a657b46c370c998c751368bd9231d9729e2b8d23 cd37a4eede36ce73ad4388f7f6a0483c87455e888b16eaee0c9e076abf7882dc
GET /43461/images/Icon-awesome-download.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/png
content-length: 3776
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "2973d7d42cbc07bd0099eec135a5de96"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000096a6b8a15cae6941-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b74dc1c0b55-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4fae0f08adfe20d363854212789bf169
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png | 194.242.11.186 | 200 OK | 3.7 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced Hashe26549054b8a37aff472cc3c68ca9f92 6d982d6d54f9f1af0ee1b88992dd25a16c66d77d 7cdbc2c72709df7bd0a11927adf1f751a7fc681d3e032267a2b9c4e328dcf40b
GET /43461/images/Icon-awesome-rocket.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/png
content-length: 3717
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "e26549054b8a37aff472cc3c68ca9f92"
last-modified: Wed, 13 Mar 2024 15:17:28 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001277ebaeb444c088-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 87f725d979d356c4-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2024 07:09:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 970dff8f89e262ffd9050c987ca78f6f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 188.114.97.1 | 200 OK | 1.1 kB |
URL GET HTTP/3prfectnewoffers.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typegzip compressed data, from Unix Hash25eec44662632e8143aaf9f870b0c647 812b7b17ff9bbff517764dec617cefbe68f3ff67 a08dbef141737d414f4c3f4c52f0715e6b589f88fcfbfa7284c0291401c50bfa
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ik4waFZOXC9aYWJDYmtIZ21obGk1ZUhRPT0iLCJ2YWx1ZSI6Iis0WXJLQ1dwaDMreUdGYk82MHFzUk5kZ2RRTThtYWxDXC9WY2JkYlhkbGd6enNZbktyY2FDTVJTZXczMEJFWk03IiwibWFjIjoiMzVkOWIxYTQ3NTJjMWZhMjYzNDBiMGQ0Y2I3NWE4NTg2MjA4NGU1MTg1YjNlYWIyMGQxZDdiZTg1ZTQ5Y2VjNCJ9; c=eyJpdiI6InlBYVFmR010RVdBa1I2RGlibHF1d3c9PSIsInZhbHVlIjoiVFozNmt6MjhseGRuWm9aY3dURnloQzdQbnNIT2dZYU5jMGF1bzBibU0rcFwvXC8wK2g4dkVRT0Nkc2JDSEtnbHRpIiwibWFjIjoiNzVkMjUzYmEyMzFkNjU3MGU0NWIxNGZlYWIxZWI2ZjM0YzZmMmFjOTA3NjA2M2U4Nzg2NzdiMWJhZDYyOTE3MCJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 09:31:53 GMT
etag: W/"663b4689-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CZeruWjN56soqsf1thJ%2BQcb%2F8uxhrhMtZIHafNOHvxqHQFstfuJJMshn2kln0Wk%2FLlUfHUalh%2B2D4FwQOSl6Va%2FRjnjGP2GwtoZBbvqdrIsUp95zkQknOGWBfEXUSLjr%2FzHUnnHO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818586b3c3e56bd-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 12 May 2024 07:51:40 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| mgkstatic33.b-cdn.net/43461/images/Polygon-10.png | 194.242.11.186 | 200 OK | 465 B |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Polygon-10.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 46 x 69, 8-bit/color RGBA, non-interlaced Hash250d763ae00c38fc8d960305e2f11950 130acf813f4c80c9cc7db53decc8799c28e3eb43 d074af86e879deab518c017c9078083a6dc2214d6ca96b892c245bab5c94ceb1
GET /43461/images/Polygon-10.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/png
content-length: 465
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "250d763ae00c38fc8d960305e2f11950"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003cd7736e5659ab25-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 87b0bdba1c7756ae-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/27/2024 18:05:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cfc6d3d7e88aa0c54ac0c1f11b2b94d6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/js/l.js?id=f699e0c1aa11fe1bdd00 | 188.114.97.1 | 200 OK | 114 kB |
URL GET HTTP/3prfectnewoffers.net/js/l.js?id=f699e0c1aa11fe1bdd00 IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typegzip compressed data, from Unix Size114 kB (113964 bytes) Hashbd46a9ec63e548bee2a9ecd5ef013fd2 512cba0747ac2cad4d221000625b26237b90ba56 b5ab6036f67abfca7a2fa4c50542fac6a78a694a12037c3f8d5e6414ba1838cd
GET /js/l.js?id=f699e0c1aa11fe1bdd00 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ik4waFZOXC9aYWJDYmtIZ21obGk1ZUhRPT0iLCJ2YWx1ZSI6Iis0WXJLQ1dwaDMreUdGYk82MHFzUk5kZ2RRTThtYWxDXC9WY2JkYlhkbGd6enNZbktyY2FDTVJTZXczMEJFWk03IiwibWFjIjoiMzVkOWIxYTQ3NTJjMWZhMjYzNDBiMGQ0Y2I3NWE4NTg2MjA4NGU1MTg1YjNlYWIyMGQxZDdiZTg1ZTQ5Y2VjNCJ9; c=eyJpdiI6InlBYVFmR010RVdBa1I2RGlibHF1d3c9PSIsInZhbHVlIjoiVFozNmt6MjhseGRuWm9aY3dURnloQzdQbnNIT2dZYU5jMGF1bzBibU0rcFwvXC8wK2g4dkVRT0Nkc2JDSEtnbHRpIiwibWFjIjoiNzVkMjUzYmEyMzFkNjU3MGU0NWIxNGZlYWIxZWI2ZjM0YzZmMmFjOTA3NjA2M2U4Nzg2NzdiMWJhZDYyOTE3MCJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Apr 2024 12:57:38 GMT
vary: Accept-Encoding
etag: W/"662ba4c2-66f42"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2859
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIkB6%2BW2OMX87S9IZ39J4thulu8mFa0Tj2xLemErgiWNP%2BY2ZSsVq%2BMKg2i%2F3o14vweck3OF0xMhlKNhUjB8nC7hKq1LJY3JPUdHrqW0tPzPZo2ZW3vQoR9pzOgnBqZEiZH4A%2B3R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818586b3c4556bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif | 194.242.11.186 | 200 OK | 18 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeGIF image data, version 89a, 64 x 64 Hash313d1440d21ae95e5dcfa2f447f14456 8c850ce459c6b12090b887f19b3d824f49049a23 f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb
GET /43461/images/0PTcCKIlgr.gif HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/gif
content-length: 17963
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "313d1440d21ae95e5dcfa2f447f14456"
last-modified: Wed, 13 Mar 2024 15:17:39 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000020d12b6785ad2760-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 877c41d2ee4e56be-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/21/2024 09:13:16
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 0421b413f8d3af1ddbe3434c239ce9c5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png | 194.242.11.186 | 200 OK | 101 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 522 x 848, 8-bit/color RGBA, non-interlaced Size101 kB (101329 bytes) Hash8d3c7b42fdd79ef3c7d81aee046465c8 933e6035c9082dc87418519e8c4e6550c3f1d8a1 f6d18c1ec94df13f3f335ee98f1cdc6010656e117c6a5bd0b47812580c188123
GET /43461/images/phone-with-shadow-bitbotapp.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/png
content-length: 101329
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "8d3c7b42fdd79ef3c7d81aee046465c8"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001497924583aa2f5c-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc830eae56a4-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a2796d692c63f0234b722d1491c38eb9
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png | 194.242.11.186 | 200 OK | 405 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 960 x 795, 8-bit/color RGBA, non-interlaced Size405 kB (405350 bytes) Hashb961c9e7e178aa1bb10a1ed8bbc37f76 5a4ae86e986118b8792a85c6c561e07c1f23ee03 15775556fc3dd033df8b911c03448a47cc4e14f26e36aecc2ac378f76c9307d8
GET /43461/images/robot-and-phone-final-img.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/png
content-length: 405350
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "b961c9e7e178aa1bb10a1ed8bbc37f76"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000d699074756f91dc7-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 87f725dc9d3e56c9-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2024 07:09:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f816f82dd35765b6a7d127febd86a96f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/hero-img-new.jpg | 194.242.11.186 | 200 OK | 394 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/hero-img-new.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x935, components 3 Size394 kB (393575 bytes) Hash8867f07ab37b30a70556531fab9ab745 b38438f367b8db496568700d6f07ffc17a185151 d74199bd755af51a2080d1caad0f8655afebbd5da7b56ee3302699c7bd856b0a
GET /43461/images/hero-img-new.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/jpeg
content-length: 393575
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "8867f07ab37b30a70556531fab9ab745"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000001c2614e59fb41b02-0065f1c7cc-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 87f725f5199256c9-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2024 07:10:03
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7856359701a9bfde2b1e4d61ca6d34df
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-2.jpg | 194.242.11.186 | 200 OK | 242 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-2.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x788, components 3 Size242 kB (241782 bytes) Hash87ea1d39178e8229c5e1d3f4820d371b ffbc7e6774a0e1fdcbc0fa2dea5fa1ee91b2095f 762daaf85334b0f65ee1a790a52257782cef0f4481df7ce04715bfd2acf0f633
GET /43461/images/bg-img-2.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/jpeg
content-length: 241782
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "87ea1d39178e8229c5e1d3f4820d371b"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx0000090b60f5f7e80b015-0065f29eca-52830f45-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 87b0bdbe6fd55685-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/27/2024 18:05:31
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9ce84614feadad1000b7ba76aa5e9451
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-3.jpg | 194.242.11.186 | 200 OK | 246 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-3.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x473, components 3 Size246 kB (246271 bytes) Hash1b514cd6bf37cbbb0738a585510fd600 e171926ee51ece136dc499e19c1adbb118f26f35 9d89491bdea31bb858e17bb9add38046eefa867be00184f3b653798969e3a7ea
GET /43461/images/bg-img-3.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/jpeg
content-length: 246271
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "1b514cd6bf37cbbb0738a585510fd600"
last-modified: Wed, 13 Mar 2024 15:17:38 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000000225d7167c00f3db-0065f29eca-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8673df3bdb3556cb-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/20/2024 07:08:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9c06e1f443cab635e301091412cf2b60
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/mockup-three-phone.png | 194.242.11.186 | 200 OK | 965 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/mockup-three-phone.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 1920 x 808, 8-bit/color RGBA, non-interlaced Size965 kB (964789 bytes) Hashd656e316c5f67a3d7eadc3a4e8a9c1f2 41d0a52bb6ad7351526c739589b85b9c275e963d 2236f4e50c3ddd56f65a30164785676c5d3a1569fa9297418679f25f6ff0bd90
GET /43461/images/mockup-three-phone.png HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/png
content-length: 964789
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "d656e316c5f67a3d7eadc3a4e8a9c1f2"
last-modified: Wed, 13 Mar 2024 15:17:29 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000002dd9f695ca30bbb0-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 87f731f95c8d5684-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2024 07:18:15
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 75b2099dceafc4d23342ff6052f602cd
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-4.jpg | 194.242.11.186 | 200 OK | 375 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-4.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x692, components 3 Size375 kB (374893 bytes) Hashca2af1e0db4ffa75dc11257debbca866 9a4ecbbbb46dc174daa5eb39d804d00914602fdf 26c2c413b4a6d8f79064e6a92528e0a886da3e41f99acf7e5b8a01ff082f3f97
GET /43461/images/bg-img-4.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/jpeg
content-length: 374893
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "ca2af1e0db4ffa75dc11257debbca866"
last-modified: Wed, 13 Mar 2024 15:17:41 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000003769d44dac3c04af-0065f1c7cc-5280acec-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 869c8b777cce0b55-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: fe49ad1642ce8157e9f3482e7a9a4964
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 | 188.114.97.1 | 200 OK | 71 kB |
URL GET HTTP/3prfectnewoffers.net/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typePNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced Hash416250f60d785a2e02f17e054d2e4e44 21572c9751e5a3dc20395befa0fcb349c32c4811 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
GET /images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99
Cookie: XSRF-TOKEN=eyJpdiI6Ik4waFZOXC9aYWJDYmtIZ21obGk1ZUhRPT0iLCJ2YWx1ZSI6Iis0WXJLQ1dwaDMreUdGYk82MHFzUk5kZ2RRTThtYWxDXC9WY2JkYlhkbGd6enNZbktyY2FDTVJTZXczMEJFWk03IiwibWFjIjoiMzVkOWIxYTQ3NTJjMWZhMjYzNDBiMGQ0Y2I3NWE4NTg2MjA4NGU1MTg1YjNlYWIyMGQxZDdiZTg1ZTQ5Y2VjNCJ9; c=eyJpdiI6InlBYVFmR010RVdBa1I2RGlibHF1d3c9PSIsInZhbHVlIjoiVFozNmt6MjhseGRuWm9aY3dURnloQzdQbnNIT2dZYU5jMGF1bzBibU0rcFwvXC8wK2g4dkVRT0Nkc2JDSEtnbHRpIiwibWFjIjoiNzVkMjUzYmEyMzFkNjU3MGU0NWIxNGZlYWIxZWI2ZjM0YzZmMmFjOTA3NjA2M2U4Nzg2NzdiMWJhZDYyOTE3MCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:41 GMT
content-type: image/png
content-length: 70857
last-modified: Fri, 26 Apr 2024 12:57:43 GMT
etag: "662ba4c7-114c9"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 2783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tmk6FhMgm1%2BbJqF%2BX97YhQncOAH7GYzl4bd%2B90rIQX474ZvhUdT7aa%2BT%2BjgURpzzZ0LHUl4tqUexxRUnGAU1RNUwZg7%2FQ%2FvIqhjo5058jZefvhioK4mAS%2BkDAqSqq6hBDtqguOfj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881858714c9d56bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:35:00 GMT
expires: Fri, 09 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 105401
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/js/redirect.js?id=7205070985cfaaa84a2b | 188.114.97.1 | 200 OK | 49 kB |
URL GET HTTP/3prfectnewoffers.net/js/redirect.js?id=7205070985cfaaa84a2b IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typegzip compressed data, from Unix Hash13967775e436c07cf9cadb9ad32abc19 5f0579e84fb104e16001bae44de09d4d0fa13a48 43be8dcab9b5557cc7c52f0ff336ac58959a726e9e59ddeea83fa0f491eaff66
GET /js/redirect.js?id=7205070985cfaaa84a2b HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ik4waFZOXC9aYWJDYmtIZ21obGk1ZUhRPT0iLCJ2YWx1ZSI6Iis0WXJLQ1dwaDMreUdGYk82MHFzUk5kZ2RRTThtYWxDXC9WY2JkYlhkbGd6enNZbktyY2FDTVJTZXczMEJFWk03IiwibWFjIjoiMzVkOWIxYTQ3NTJjMWZhMjYzNDBiMGQ0Y2I3NWE4NTg2MjA4NGU1MTg1YjNlYWIyMGQxZDdiZTg1ZTQ5Y2VjNCJ9; c=eyJpdiI6InlBYVFmR010RVdBa1I2RGlibHF1d3c9PSIsInZhbHVlIjoiVFozNmt6MjhseGRuWm9aY3dURnloQzdQbnNIT2dZYU5jMGF1bzBibU0rcFwvXC8wK2g4dkVRT0Nkc2JDSEtnbHRpIiwibWFjIjoiNzVkMjUzYmEyMzFkNjU3MGU0NWIxNGZlYWIxZWI2ZjM0YzZmMmFjOTA3NjA2M2U4Nzg2NzdiMWJhZDYyOTE3MCJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Apr 2024 12:57:43 GMT
vary: Accept-Encoding
etag: W/"662ba4c7-ab2"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2859
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fv3UltHeqzP%2BkdSHY82oAn%2FzoJ8hGipRB7HuVpfdB7bdzyWx61KUD%2FzI0rjZp4apyei5MC%2BVEDygTj8Ghy7qUl3c6d14IiIAnTY0BWxB%2FlChVTB0%2FHR1gBvUb0htxCd3pegQdOF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818586b3c4156bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:35:00 GMT
expires: Fri, 09 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 105401
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:35:00 GMT
expires: Fri, 09 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 105401
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/favicon.png | 194.242.11.186 | 200 OK | 1.8 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/favicon.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash482ce499d40d67a9f4e12e5c992e98ce 9b8ce74d23795fdafa1bd6ca98a45a402e77dcc8 a7e3b96b4eab4a0a983b1db97750021b9d18574877b51f5a23a600514694a887
GET /43461/images/favicon.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:41 GMT
content-type: image/png
content-length: 1805
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "482ce499d40d67a9f4e12e5c992e98ce"
last-modified: Wed, 13 Mar 2024 15:17:45 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000931254d7e4b970d6-0065f1c7a0-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 874b2f61f8dd56ba-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/15/2024 10:17:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5be5240b0c4b938b3dadcb9820ed59fa
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99 | 188.114.97.1 | 200 OK | 22 kB |
URL GET HTTP/3prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99 IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeASCII text, with very long lines (19895) Hashf996a15d4340ce7f6a994015a99c95d9 e59e2ce631dcf0619e149659a0052285e374def4 f93e02936033f95f052bec10b8041b15ec34b661a699957113f8646875c81718
GET /css/forms.css?id=f996a15d4340ce7f6a99 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ik4waFZOXC9aYWJDYmtIZ21obGk1ZUhRPT0iLCJ2YWx1ZSI6Iis0WXJLQ1dwaDMreUdGYk82MHFzUk5kZ2RRTThtYWxDXC9WY2JkYlhkbGd6enNZbktyY2FDTVJTZXczMEJFWk03IiwibWFjIjoiMzVkOWIxYTQ3NTJjMWZhMjYzNDBiMGQ0Y2I3NWE4NTg2MjA4NGU1MTg1YjNlYWIyMGQxZDdiZTg1ZTQ5Y2VjNCJ9; c=eyJpdiI6InlBYVFmR010RVdBa1I2RGlibHF1d3c9PSIsInZhbHVlIjoiVFozNmt6MjhseGRuWm9aY3dURnloQzdQbnNIT2dZYU5jMGF1bzBibU0rcFwvXC8wK2g4dkVRT0Nkc2JDSEtnbHRpIiwibWFjIjoiNzVkMjUzYmEyMzFkNjU3MGU0NWIxNGZlYWIxZWI2ZjM0YzZmMmFjOTA3NjA2M2U4Nzg2NzdiMWJhZDYyOTE3MCJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 12:57:38 GMT
vary: Accept-Encoding
etag: W/"662ba4c2-570a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2994
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wnf05XqbF%2F9QXRTZ4S5Pyw5bOop9KGGcxsolqD%2FdUgA2tDzzXI3VW1%2FPPWOdBdgUImwkJXRIT82bG30%2FDRYMUAdGhDtISnEWllXQsV878aG96MEWriqJxpnJkRt4UwX1qb7JhLCs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818586b1c0f56bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mgkstatic33.b-cdn.net/43461/build/funnel.css | 194.242.11.186 | 200 OK | 83 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/build/funnel.css IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeASCII text, with very long lines (45962) Hash670878add58e57bb842fb7530256b6f7 4e642526889846d2b06727762c71c5ec59a60f16 8db1af5a48d72fa1716165f347f781448ac6228b5fd21ec8b9008c2758e87b83
GET /43461/build/funnel.css HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=3600
etag: W/"670878add58e57bb842fb7530256b6f7"
last-modified: Wed, 13 Mar 2024 15:17:25 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003038141ea2822112-0065f1c7cc-5280ad0f-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 877c41ce290a56be-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/21/2024 09:13:15
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e03db0b4f8d53f64cf8ab38409841b29
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/brush-stroke.svg | 194.242.11.186 | 200 OK | 124 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/brush-stroke.svg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size124 kB (124282 bytes) Hash2affaa6cbada4631a14b44e4390b0358 e7ad09b7af15b3c1aaff622222a654343e358dfe d8783d3e7e17ac28d426e6d7b992027af21ba4f86976b1526b9a1e53a047d169
GET /43461/images/brush-stroke.svg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: W/"2affaa6cbada4631a14b44e4390b0358"
last-modified: Wed, 13 Mar 2024 15:17:35 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000005c4296c53e680ad2-0065f29eca-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b777a0b56ae-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6eee3bd4a9d11d60826ba4b1fe273485
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/build/funnel.js | 194.242.11.186 | 200 OK | 735 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/build/funnel.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
Size735 kB (735343 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /43461/build/funnel.js HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=3600
etag: W/"154334f976eb4c2bbea602efb4ad82ce"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000171f16e097b1d7c2-0065f29eca-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869b6440a89156bb-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 02:15:10
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7b273939c77f7dd702a1c9cfb19542bd
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap | 142.250.74.106 | 200 OK | 88 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap IP142.250.74.106:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1572) Hash6a4571112dc1d4b0e37c6df7eba27cac 196e9eec0684faa62878e6f5e476710bd11f27bd 84675537119f9cc7f7a12120e2cf7ebe9cf645accde5cffca6d6da0c6ed03b32
GET /css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 07:51:40 GMT
date: Fri, 10 May 2024 07:51:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cout42ta6vts73c58pi0 | 13.248.167.248 | 302 Found | 30 kB |
URL User Request GET HTTP/2g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cout42ta6vts73c58pi0 IP13.248.167.248:443
CertificateIssuerLet's Encrypt Subjectg.mtrck.org FingerprintB1:97:7C:87:E0:27:AF:43:D2:96:20:A4:78:6D:0C:61:EF:62:F7:69 ValidityThu, 14 Mar 2024 05:51:05 GMT - Wed, 12 Jun 2024 05:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cout42ta6vts73c58pi0 HTTP/1.1
Host: g.mtrck.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 07:51:39 GMT
location: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
server: Caddy, nginx
set-cookie: XSRF-TOKEN=eyJpdiI6IlZvOStLZXU5dURjSWtsOUt2ejBtMWc9PSIsInZhbHVlIjoidXlrUWJ3NE5QSiszUzk4WjZCTnN0M043UkFKQ1NhM3BreHVmbnhYeTE5cGdhVXJubUMvYXU4QXVDNENLay9RWGZzYjFkUmVxbDJ2M1NXbm94L2dya2lGV1hkZUtSUTNUeDlUOHp3eHQ1aXdIazRiNDBCemt3K3ZNNW13YldMSDkiLCJtYWMiOiJkOTU0OTk5ZjUyNTRjNGRkNDUzNzIzOGViNDk3ZWQzYzRhOGZkNWViMDE3NDU0NGRiZjc2Y2MxM2Q1NzkyNWIwIiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:51:39 GMT; Max-Age=7200; path=/; samesite=lax
clickbit_session=eyJpdiI6IndhbVlsV3ZmZnBONy9mekh1ZGJab3c9PSIsInZhbHVlIjoiVFY1bVI1R1JQcGovY1g2cGYrdlZ1ZTNiLzFibUhrVks0M1ZlZ0k0VWFqeUs5WnE3ZThaWDJsN3Bpa01ZMlp3dUM0cXFxWDhLWnMyQ0Fna3NzVTNoczhCYVNSMlZZVFNTNTVnc2srZVVSTnJ2dEo3aElnVTVJaWtBRktIdWozc04iLCJtYWMiOiJlMzRlNGZmOWQ3NjNhNGEyYzYwOTdiNTZkZjM1MWQ3ZDg0YTAzNjQ4NDlmMjVjNTFkMDg2MmM0NTAyYzVkMTRkIiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:51:39 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cid=eyJpdiI6IkE0bjVsSUwrNm1BSXVPOEg5SGs5d0E9PSIsInZhbHVlIjoiZmN2cldMNUhsSlN1WnBxd3pRcnc5UENUd2pLYmRPMkQ0YmdhaGttOEZNNXBNZ3J1c0ZUay85Wmczb2xQKytHWnEzb3NBSHBJa0dWY2FWU0J6MVVwazdiNGRidlRhMHNkZlVETlc4L3lxMGM9IiwibWFjIjoiOGIyN2FmYTJmOTYyYTUxMTRiMjAxZGU0NDI0ZjI2YzY1N2FhYTEwMGI1YjhmYzJkNjVkMTM4OTVkODVhZTkxYiIsInRhZyI6IiJ9; expires=Tue, 30-Aug-2078 18:08:18 GMT; Max-Age=1713780999; path=/; httponly; samesite=lax
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/locate | 188.114.97.1 | 200 OK | 144 B |
URL GET HTTP/3prfectnewoffers.net/locate IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hasha78c1f9242aa33a87bd5f7a7f6cf21af 61484ea912efce8fe8b9aef0eb79eacadecd0968 47ba1d847752b8b99d6b67a2eaa654648624b7035ae2780c5efcbb328b09749e
GET /locate HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6Ik4waFZOXC9aYWJDYmtIZ21obGk1ZUhRPT0iLCJ2YWx1ZSI6Iis0WXJLQ1dwaDMreUdGYk82MHFzUk5kZ2RRTThtYWxDXC9WY2JkYlhkbGd6enNZbktyY2FDTVJTZXczMEJFWk03IiwibWFjIjoiMzVkOWIxYTQ3NTJjMWZhMjYzNDBiMGQ0Y2I3NWE4NTg2MjA4NGU1MTg1YjNlYWIyMGQxZDdiZTg1ZTQ5Y2VjNCJ9
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ik4waFZOXC9aYWJDYmtIZ21obGk1ZUhRPT0iLCJ2YWx1ZSI6Iis0WXJLQ1dwaDMreUdGYk82MHFzUk5kZ2RRTThtYWxDXC9WY2JkYlhkbGd6enNZbktyY2FDTVJTZXczMEJFWk03IiwibWFjIjoiMzVkOWIxYTQ3NTJjMWZhMjYzNDBiMGQ0Y2I3NWE4NTg2MjA4NGU1MTg1YjNlYWIyMGQxZDdiZTg1ZTQ5Y2VjNCJ9; c=eyJpdiI6InlBYVFmR010RVdBa1I2RGlibHF1d3c9PSIsInZhbHVlIjoiVFozNmt6MjhseGRuWm9aY3dURnloQzdQbnNIT2dZYU5jMGF1bzBibU0rcFwvXC8wK2g4dkVRT0Nkc2JDSEtnbHRpIiwibWFjIjoiNzVkMjUzYmEyMzFkNjU3MGU0NWIxNGZlYWIxZWI2ZjM0YzZmMmFjOTA3NjA2M2U4Nzg2NzdiMWJhZDYyOTE3MCJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:41 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjBDTFNwbFdJb05Vc1Q5ODN3MXRGb2c9PSIsInZhbHVlIjoiYVFGYXB0Y0FyeHE0T0ZCN3JoU0FJSW12R1NmZWswTFFVcFRHZ2Q3THNHYXVTUEtSbDNNdFJIMnVOcVpyM3p6bCIsIm1hYyI6ImRhOGUyY2M5MDJkZTVhZWQyMTdlY2RlMmQ3ZjMwZjBmYjZlNzVlNWM5MGRlZjU5MTBlYzM2NDZlOTY5Y2QwZjYifQ%3D%3D; expires=Fri, 10-May-2024 09:51:41 GMT; Max-Age=7200; path=/
c=eyJpdiI6IlRmRU03cnNHQzRwZGZWbFNpck8zSHc9PSIsInZhbHVlIjoiVjdKSEpTOVgzNzU1WnpZVGc3TEl2SlZxTlNZWGFMd3lhU0VVUDR5NE8ramZWbHBTdHMrekZUVWxtdU1CYm5RbiIsIm1hYyI6ImZhYjVlNmU4ZWE4ODYwYzI3MTk5ODgwMmExNmRjNDljODI2ZDY1NzcxOTcyYTNlNWI5OTY3MjFkY2Y1OTA1ZmMifQ%3D%3D; expires=Fri, 10-May-2024 09:51:41 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EKQcj0DKjdxo2IM1HLksdlK3dCOfn0PA%2FNuBM%2FUQPH1visadMirKmGgDbB7MV%2FR0BCTwME%2FH22fDhoW3XIUnFLO90LMq2et3j0aLIa%2BNNHFXbzl9NnVBaBvHAV%2BHzCwTAzbO9yao"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881858715caf56bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/event?hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d | 188.114.97.1 | 201 Created | 2 B |
URL POST HTTP/3prfectnewoffers.net/event?hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /event?hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IjBDTFNwbFdJb05Vc1Q5ODN3MXRGb2c9PSIsInZhbHVlIjoiYVFGYXB0Y0FyeHE0T0ZCN3JoU0FJSW12R1NmZWswTFFVcFRHZ2Q3THNHYXVTUEtSbDNNdFJIMnVOcVpyM3p6bCIsIm1hYyI6ImRhOGUyY2M5MDJkZTVhZWQyMTdlY2RlMmQ3ZjMwZjBmYjZlNzVlNWM5MGRlZjU5MTBlYzM2NDZlOTY5Y2QwZjYifQ==
Content-Length: 182
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IjBDTFNwbFdJb05Vc1Q5ODN3MXRGb2c9PSIsInZhbHVlIjoiYVFGYXB0Y0FyeHE0T0ZCN3JoU0FJSW12R1NmZWswTFFVcFRHZ2Q3THNHYXVTUEtSbDNNdFJIMnVOcVpyM3p6bCIsIm1hYyI6ImRhOGUyY2M5MDJkZTVhZWQyMTdlY2RlMmQ3ZjMwZjBmYjZlNzVlNWM5MGRlZjU5MTBlYzM2NDZlOTY5Y2QwZjYifQ%3D%3D; c=eyJpdiI6IlRmRU03cnNHQzRwZGZWbFNpck8zSHc9PSIsInZhbHVlIjoiVjdKSEpTOVgzNzU1WnpZVGc3TEl2SlZxTlNZWGFMd3lhU0VVUDR5NE8ramZWbHBTdHMrekZUVWxtdU1CYm5RbiIsIm1hYyI6ImZhYjVlNmU4ZWE4ODYwYzI3MTk5ODgwMmExNmRjNDljODI2ZDY1NzcxOTcyYTNlNWI5OTY3MjFkY2Y1OTA1ZmMifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 201 Created
date: Fri, 10 May 2024 07:51:41 GMT
content-type: application/json
cache-control: no-cache, private
access-control-allow-origin: https://prfectnewoffers.net
vary: Origin
set-cookie: XSRF-TOKEN=eyJpdiI6IlFvS1pRVXZINERwQjNzRzk0eGNOYWc9PSIsInZhbHVlIjoiekJ1YVpaWnNHdm0xYUwrdkQ0NEdWUlhGajd6bEVGMzMrSjNOQnpKZlZadlFIZloyWmd5cTRFMG9ZdmcxZ2kwVCIsIm1hYyI6ImUyYTc5NzNmMDdkNzJjZmM4ZjJkMjgxZjcyOGM2MzA1YmVjZjVkYWJkYmNmYmM3ZWMxY2RlNmE3Y2U5OGUwZWUifQ%3D%3D; expires=Fri, 10-May-2024 09:51:41 GMT; Max-Age=7200; path=/
c=eyJpdiI6IldZUTJGV1RNNEFpZ0dGTTAxZmNYVmc9PSIsInZhbHVlIjoiNkdPXC95Z0pCNGFvNkx1dHdoMHVnUjNFcWNCc2oya003N1ZEc2dPWHVIekZhcUxZMlJ1cWU4K1pCbkpROURhVXIiLCJtYWMiOiJmMGY0YmM5OWE3Y2JmNzk3M2JlNDU2ODIzNTIzYThiNzY4YzBmYjgyYTM3MjViMDViNWFiMTIyYjRhOGE3ZThmIn0%3D; expires=Fri, 10-May-2024 09:51:41 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U1BXwoHz1JymbXa7QsVjoiP%2Fb4h6Xwhfkh0gGxTxPOHFKO%2FsbKxsjDT4eu9zX28lc43zquKMubkCWEqRc456hPb6R2NdnEeHGkYLP6RMLcIir%2B1adRudK8JhnEOiB5quTGswEXy6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881858727e6f56bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= | 188.114.97.1 | 200 OK | 30 kB |
URL User Request GET HTTP/2prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:51:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Ik4waFZOXC9aYWJDYmtIZ21obGk1ZUhRPT0iLCJ2YWx1ZSI6Iis0WXJLQ1dwaDMreUdGYk82MHFzUk5kZ2RRTThtYWxDXC9WY2JkYlhkbGd6enNZbktyY2FDTVJTZXczMEJFWk03IiwibWFjIjoiMzVkOWIxYTQ3NTJjMWZhMjYzNDBiMGQ0Y2I3NWE4NTg2MjA4NGU1MTg1YjNlYWIyMGQxZDdiZTg1ZTQ5Y2VjNCJ9; expires=Fri, 10-May-2024 09:51:39 GMT; Max-Age=7200; path=/
c=eyJpdiI6InlBYVFmR010RVdBa1I2RGlibHF1d3c9PSIsInZhbHVlIjoiVFozNmt6MjhseGRuWm9aY3dURnloQzdQbnNIT2dZYU5jMGF1bzBibU0rcFwvXC8wK2g4dkVRT0Nkc2JDSEtnbHRpIiwibWFjIjoiNzVkMjUzYmEyMzFkNjU3MGU0NWIxNGZlYWIxZWI2ZjM0YzZmMmFjOTA3NjA2M2U4Nzg2NzdiMWJhZDYyOTE3MCJ9; expires=Fri, 10-May-2024 09:51:39 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XV%2F%2BzYdcRsUzSN%2F98HFd6CZTYsnf3ZDORB9gYBvJX6XpU1qTmMInbj9jAcr7C%2B%2FdCQzS4%2BAmhRfNDK0kYo6zvMAoVjSFW706haIvvJoG4%2FEFxkc88wo2KSIA2AwXM1urKXVUFM6x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881858685941b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/css/flow.css?id=1a2dada5ba76c1b29ae1 | 188.114.97.1 | 200 OK | 385 B |
URL GET HTTP/3prfectnewoffers.net/css/flow.css?id=1a2dada5ba76c1b29ae1 IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeASCII text, with very long lines (387), with no line terminators Hash716b5bae177d32d4cd7705aea9c3aea6 528d34269613ca77e628a9f9e96c860db310b30e 5a4a12046a65a7d262113515770984da1c25d37e7e85cb169de334467043d386
GET /css/flow.css?id=1a2dada5ba76c1b29ae1 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c0214a0-ba81-41c7-9273-1ac50f03b30d&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ik4waFZOXC9aYWJDYmtIZ21obGk1ZUhRPT0iLCJ2YWx1ZSI6Iis0WXJLQ1dwaDMreUdGYk82MHFzUk5kZ2RRTThtYWxDXC9WY2JkYlhkbGd6enNZbktyY2FDTVJTZXczMEJFWk03IiwibWFjIjoiMzVkOWIxYTQ3NTJjMWZhMjYzNDBiMGQ0Y2I3NWE4NTg2MjA4NGU1MTg1YjNlYWIyMGQxZDdiZTg1ZTQ5Y2VjNCJ9; c=eyJpdiI6InlBYVFmR010RVdBa1I2RGlibHF1d3c9PSIsInZhbHVlIjoiVFozNmt6MjhseGRuWm9aY3dURnloQzdQbnNIT2dZYU5jMGF1bzBibU0rcFwvXC8wK2g4dkVRT0Nkc2JDSEtnbHRpIiwibWFjIjoiNzVkMjUzYmEyMzFkNjU3MGU0NWIxNGZlYWIxZWI2ZjM0YzZmMmFjOTA3NjA2M2U4Nzg2NzdiMWJhZDYyOTE3MCJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:51:40 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 12:57:10 GMT
vary: Accept-Encoding
etag: W/"662ba4a6-181"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2859
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oqhthcMqoOWG1Ra5SinCkqShcxGWtqJuPW5TE28gj%2FSmYe3dERu9JLf81xraqxuCb3Ch%2FMgpsUA2dlByAQea0tSln3rpUyjuRX76Ylj6rOxWWkHUrztAK6woYfcRZkd52XVj%2F9sy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818586b1c1256bd-OSL
alt-svc: h3=":443"; ma=86400
|
|