| nature-nest-retreat.com/new-player-ad/img/logo.png | 212.117.190.104 | | 7.2 kB |
URL nature-nest-retreat.com/new-player-ad/img/logo.png IP212.117.190.104:0
File typePNG image data, 298 x 48, 8-bit/color RGBA, non-interlaced Hash9fa0c2649b56a64bf24ec059fd49b982 802c9d794cc845927439ce8a3077975199015ebb a513d2e457125cd443461746199793cd61f2e4511a9acfcda504f70b5000c774
GET /new-player-ad/img/logo.png HTTP/1.1
Host: nature-nest-retreat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nature-nest-retreat.com/new-player-ad/?index.html?ymid=806716300305899520&mrs=1&zoneid=2022559&tbz=2022558&prpsrc={propagated_source}&tag=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:53:07 GMT
content-type: image/png
content-length: 7171
last-modified: Wed, 24 Apr 2024 12:54:40 GMT
etag: "66290110-1c03"
expires: Thu, 25 Apr 2024 17:53:07 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| nature-nest-retreat.com/new-player-ad/img/burger.png | 212.117.190.104 | | 295 B |
URL nature-nest-retreat.com/new-player-ad/img/burger.png IP212.117.190.104:0
File typePNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced Hashfdea660170d6a7330b24d167c2c3d1d6 c95db01c09abcd2c3b3375ea2baa1443d1473af0 415ba400194f72a1511c8cd22b4bfe13acfeebbf3e9ff958d1e39cbb738d07c8
GET /new-player-ad/img/burger.png HTTP/1.1
Host: nature-nest-retreat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nature-nest-retreat.com/new-player-ad/?index.html?ymid=806716300305899520&mrs=1&zoneid=2022559&tbz=2022558&prpsrc={propagated_source}&tag=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:53:07 GMT
content-type: image/png
content-length: 295
last-modified: Wed, 24 Apr 2024 12:54:40 GMT
etag: "66290110-127"
expires: Thu, 25 Apr 2024 17:53:07 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| nature-nest-retreat.com/new-player-ad/img/search-icon.png | 212.117.190.104 | | 516 B |
URL nature-nest-retreat.com/new-player-ad/img/search-icon.png IP212.117.190.104:0
File typePNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced Hash34123928575ef4cf3df12db2fa095e99 8d5873549768bcbf278e04c6baf6404c2971b07b 0ff5216f552496405eca9c9449f77dd8a913bce909fa9ae8662cb85969f96272
GET /new-player-ad/img/search-icon.png HTTP/1.1
Host: nature-nest-retreat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nature-nest-retreat.com/new-player-ad/?index.html?ymid=806716300305899520&mrs=1&zoneid=2022559&tbz=2022558&prpsrc={propagated_source}&tag=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:53:07 GMT
content-type: image/png
content-length: 516
last-modified: Wed, 24 Apr 2024 12:54:40 GMT
etag: "66290110-204"
expires: Thu, 25 Apr 2024 17:53:07 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| nature-nest-retreat.com/new-player-ad/img/btn-icon.png | 212.117.190.104 | | 395 B |
URL nature-nest-retreat.com/new-player-ad/img/btn-icon.png IP212.117.190.104:0
File typePNG image data, 52 x 56, 8-bit gray+alpha, non-interlaced Hash06f18f63c3036edde4e88c1d5f200104 33c1e2780dc0a6f595afc2d87ed438ccb3d8922b 005e42b95bb1fef26b792467deeba4e0aeadc51bb9726d20dc301c1c80d99d2d
GET /new-player-ad/img/btn-icon.png HTTP/1.1
Host: nature-nest-retreat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nature-nest-retreat.com/new-player-ad/?index.html?ymid=806716300305899520&mrs=1&zoneid=2022559&tbz=2022558&prpsrc={propagated_source}&tag=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:53:07 GMT
content-type: image/png
content-length: 395
last-modified: Wed, 24 Apr 2024 12:54:40 GMT
etag: "66290110-18b"
expires: Thu, 25 Apr 2024 17:53:07 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| nature-nest-retreat.com/new-player-ad/img/player-ui-l.png | 212.117.190.104 | | 663 B |
URL nature-nest-retreat.com/new-player-ad/img/player-ui-l.png IP212.117.190.104:0
File typePNG image data, 144 x 100, 8-bit gray+alpha, non-interlaced Hash5159265d4e4ecc1bfa2e8b028fc0534d 443e7f825760d81906a5c1a4ca660e0385b435fe 46a01582282a1e9326a84e445ba3da470e059b5d091d326e45271b698d6d62a1
GET /new-player-ad/img/player-ui-l.png HTTP/1.1
Host: nature-nest-retreat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nature-nest-retreat.com/new-player-ad/?index.html?ymid=806716300305899520&mrs=1&zoneid=2022559&tbz=2022558&prpsrc={propagated_source}&tag=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:53:07 GMT
content-type: image/png
content-length: 663
last-modified: Wed, 24 Apr 2024 12:54:40 GMT
etag: "66290110-297"
expires: Thu, 25 Apr 2024 17:53:07 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| nature-nest-retreat.com/new-player-ad/img/player-ui-r.png | 212.117.190.104 | | 1.1 kB |
URL nature-nest-retreat.com/new-player-ad/img/player-ui-r.png IP212.117.190.104:0
File typePNG image data, 226 x 100, 8-bit/color RGBA, non-interlaced Hash74174fa53d52a184fa0a586f988f0d94 6fc2f64667c7cfabd7ae7a2409d20de7a501d9a3 4e0fbe743a42b8a641daec0745e3a80e22ed9df424b7e0e0c852ba27b9b409d3
GET /new-player-ad/img/player-ui-r.png HTTP/1.1
Host: nature-nest-retreat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nature-nest-retreat.com/new-player-ad/?index.html?ymid=806716300305899520&mrs=1&zoneid=2022559&tbz=2022558&prpsrc={propagated_source}&tag=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:53:07 GMT
content-type: image/png
content-length: 1118
last-modified: Wed, 24 Apr 2024 12:54:40 GMT
etag: "66290110-45e"
expires: Thu, 25 Apr 2024 17:53:07 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| nature-nest-retreat.com/new-player-ad/img/views.png | 212.117.190.104 | | 461 B |
URL nature-nest-retreat.com/new-player-ad/img/views.png IP212.117.190.104:0
File typePNG image data, 32 x 28, 8-bit/color RGBA, non-interlaced Hash0ad8de150ced2f4ab8828c02c23ab95c b7620db8dc0ef0075c79de9c0f3409d292413b80 efb233df0a528dd04d7b9725ad679738f043478ced654fe0e9a9b59b205d447b
GET /new-player-ad/img/views.png HTTP/1.1
Host: nature-nest-retreat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nature-nest-retreat.com/new-player-ad/?index.html?ymid=806716300305899520&mrs=1&zoneid=2022559&tbz=2022558&prpsrc={propagated_source}&tag=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:53:07 GMT
content-type: image/png
content-length: 461
last-modified: Wed, 24 Apr 2024 12:54:40 GMT
etag: "66290110-1cd"
expires: Thu, 25 Apr 2024 17:53:07 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| nature-nest-retreat.com/new-player-ad/img/stars.png | 212.117.190.104 | | 589 B |
URL nature-nest-retreat.com/new-player-ad/img/stars.png IP212.117.190.104:0
File typePNG image data, 169 x 28, 8-bit/color RGBA, non-interlaced Hash586e70ae8cf2f823dc7876917d90be92 33d61043ae53a9377ad37bfd5b84c73f770c4105 894bcd381abf4e10bbbe8802a7c52396d8b6b73cdf9d2837caf8f6a0d7aea707
GET /new-player-ad/img/stars.png HTTP/1.1
Host: nature-nest-retreat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nature-nest-retreat.com/new-player-ad/?index.html?ymid=806716300305899520&mrs=1&zoneid=2022559&tbz=2022558&prpsrc={propagated_source}&tag=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:53:07 GMT
content-type: image/png
content-length: 589
last-modified: Wed, 24 Apr 2024 12:54:40 GMT
etag: "66290110-24d"
expires: Thu, 25 Apr 2024 17:53:07 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| nature-nest-retreat.com/new-player-ad/img/pics-1.jpg | 212.117.190.104 | | 12 kB |
URL nature-nest-retreat.com/new-player-ad/img/pics-1.jpg IP212.117.190.104:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 510x286, components 3 Hash2dd6166a802411555e0a268dc6a9afd3 51292ca9e4adbee0595472cdb1f544696daaf3a1 f1deddeda4d99bf8606c651fb11d360d2a11940b6af312b2c227fb7e57cac41d
GET /new-player-ad/img/pics-1.jpg HTTP/1.1
Host: nature-nest-retreat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nature-nest-retreat.com/new-player-ad/?index.html?ymid=806716300305899520&mrs=1&zoneid=2022559&tbz=2022558&prpsrc={propagated_source}&tag=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:53:07 GMT
content-type: image/jpeg
content-length: 11487
last-modified: Wed, 24 Apr 2024 12:54:40 GMT
etag: "66290110-2cdf"
expires: Thu, 25 Apr 2024 17:53:07 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| nature-nest-retreat.com/new-player-ad/img/pics-2.jpg | 212.117.190.104 | | 7.3 kB |
URL nature-nest-retreat.com/new-player-ad/img/pics-2.jpg IP212.117.190.104:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 510x286, components 3 Hash707610691d0e8f477af1bb0932f5a68c 5c0eeeb03fa1109abcdd172bc966b4bf1614de8b b1fe8b31da9d0886a6eae464bd8cba4577a295f12af2f3e1ffa8b681e4686716
GET /new-player-ad/img/pics-2.jpg HTTP/1.1
Host: nature-nest-retreat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nature-nest-retreat.com/new-player-ad/?index.html?ymid=806716300305899520&mrs=1&zoneid=2022559&tbz=2022558&prpsrc={propagated_source}&tag=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:53:07 GMT
content-type: image/jpeg
content-length: 7284
last-modified: Wed, 24 Apr 2024 12:54:40 GMT
etag: "66290110-1c74"
expires: Thu, 25 Apr 2024 17:53:07 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| lvw7k4d3j.com/dupa.gif?z=2022558&zoneid=2022558&var=null&ymid=null&pb=88b2fafef69a29a6faeb196b288a15721713988387&psp=l6u7WuHx3r-uwdhthzZzQJzS2Omak-SXY6rRl5hTLRxa-QVLZRjibL6VNG7LxnbXOTo8T2iwr10_8tXX_uITRuzYNwGBNgjPWzEzMawxdmlBoTcyNepbytOT0sK5fQQSIwd-kzNkX9nzmfZ95399z1Wt_i5ybq7qBW3sFNpfCDCrLDKtdGIdgt4woodcTnU1tCBnHpkIh7Da1VvpCiuDdWdcBQtW_V0_fLDTkx0WBmb8fAUmLz1bJytlFJqhpY5DW9puq1onOo_Mu4wBYcjvqmdKyGdO&prpsrc={propagated_source}&fdl=1&nojs=0&abvar=0&febuild=1.0.229&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3490027191720448&eclog=0&im=1&pload=461&rlp=%5B0%2C1%2C62%2C38%2C2%2C45%2C46%2C45%5D&pload=62&rlp=%5B0%2C0%2C0%2C0%2C1%2C39%2C22%2C0%5D | 212.117.190.201 | | 43 B |
URL lvw7k4d3j.com/dupa.gif?z=2022558&zoneid=2022558&var=null&ymid=null&pb=88b2fafef69a29a6faeb196b288a15721713988387&psp=l6u7WuHx3r-uwdhthzZzQJzS2Omak-SXY6rRl5hTLRxa-QVLZRjibL6VNG7LxnbXOTo8T2iwr10_8tXX_uITRuzYNwGBNgjPWzEzMawxdmlBoTcyNepbytOT0sK5fQQSIwd-kzNkX9nzmfZ95399z1Wt_i5ybq7qBW3sFNpfCDCrLDKtdGIdgt4woodcTnU1tCBnHpkIh7Da1VvpCiuDdWdcBQtW_V0_fLDTkx0WBmb8fAUmLz1bJytlFJqhpY5DW9puq1onOo_Mu4wBYcjvqmdKyGdO&prpsrc={propagated_source}&fdl=1&nojs=0&abvar=0&febuild=1.0.229&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3490027191720448&eclog=0&im=1&pload=461&rlp=%5B0%2C1%2C62%2C38%2C2%2C45%2C46%2C45%5D&pload=62&rlp=%5B0%2C0%2C0%2C0%2C1%2C39%2C22%2C0%5D IP212.117.190.201:0
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /dupa.gif?z=2022558&zoneid=2022558&var=null&ymid=null&pb=88b2fafef69a29a6faeb196b288a15721713988387&psp=l6u7WuHx3r-uwdhthzZzQJzS2Omak-SXY6rRl5hTLRxa-QVLZRjibL6VNG7LxnbXOTo8T2iwr10_8tXX_uITRuzYNwGBNgjPWzEzMawxdmlBoTcyNepbytOT0sK5fQQSIwd-kzNkX9nzmfZ95399z1Wt_i5ybq7qBW3sFNpfCDCrLDKtdGIdgt4woodcTnU1tCBnHpkIh7Da1VvpCiuDdWdcBQtW_V0_fLDTkx0WBmb8fAUmLz1bJytlFJqhpY5DW9puq1onOo_Mu4wBYcjvqmdKyGdO&prpsrc={propagated_source}&fdl=1&nojs=0&abvar=0&febuild=1.0.229&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3490027191720448&eclog=0&im=1&pload=461&rlp=%5B0%2C1%2C62%2C38%2C2%2C45%2C46%2C45%5D&pload=62&rlp=%5B0%2C0%2C0%2C0%2C1%2C39%2C22%2C0%5D HTTP/1.1
Host: lvw7k4d3j.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2404241253730978c1ce5a4ec48923d1c04a; OACCAP=ACv5nwAAAAAAAAAB; OACBLOCK=ACv5nwAAAABmKJHQ; OXCCLK=ACv5nwAAAAAAAAAB; OXPCLK=AAJu2QAAAAAAAAAB; ppucnt=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:53:08 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.redirect-pixel
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| ak.aunsaick.com/4/5744973 | 23.36.76.217 | | 742 B |
URL ak.aunsaick.com/4/5744973 IP23.36.76.217:0 ASN#20940 Akamai International B.V.
File typeHTML document, ASCII text Hash8bd7b8ef91979ec130d8101370789593 0cf68acf2c1d1b629a6595790d789784e63b4563 2d3b91a4b57ff4b0c727f2b7d47c04a92f5f74073763a850ea5cf25b62511eef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4/5744973 HTTP/1.1
Host: ak.aunsaick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 45ee9bcc6ca370c0c1d8de505c80307b
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://secureltrk.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
expires: Wed, 24 Apr 2024 17:53:08 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 24 Apr 2024 17:53:08 GMT
content-length: 742
vary: Accept-Encoding
set-cookie: OAID=008048f1e9884cb8f9c53d11f4b1a6d5; expires=Thu, 24 Apr 2025 17:53:08 GMT; path=/; secure; SameSite=None
oaidts=1713981188; expires=Thu, 24 Apr 2025 17:53:08 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2
|
|
| ak.aunsaick.com/favicon.ico | 23.36.76.217 | | 0 B |
URL ak.aunsaick.com/favicon.ico IP23.36.76.217:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ak.aunsaick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=008048f1e9884cb8f9c53d11f4b1a6d5; oaidts=1713981188
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
expires: Wed, 24 Apr 2024 17:53:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 24 Apr 2024 17:53:09 GMT
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=008048f1e9884cb8f9c53d11f4b1a6d5 | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=008048f1e9884cb8f9c53d11f4b1a6d5 IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=008048f1e9884cb8f9c53d11f4b1a6d5 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008048f1e9884cb8f9c53d11f4b1a6d5; expires=Thu, 24 Apr 2025 17:53:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=807058200150151915&cost=0.002804&zoneid=5744973&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 | 176.97.112.149 | 307 Temporary Redirect | 0 B |
URL User Request GET HTTP/2secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=807058200150151915&cost=0.002804&zoneid=5744973&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 IP176.97.112.149:443 ASN#43180 Virtual Systems LLC
CertificateIssuerLet's Encrypt Subjectsecureltrk.com Fingerprint91:A8:57:2C:3B:9E:B5:B7:A7:E4:55:0C:08:59:E7:45:9D:A9:4C:9D ValidityFri, 22 Mar 2024 12:23:21 GMT - Thu, 20 Jun 2024 12:23:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?key=964a6cb724a8ed441ad5&visitor_id=807058200150151915&cost=0.002804&zoneid=5744973&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 HTTP/1.1
Host: secureltrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Wed, 24 Apr 2024 17:53:09 GMT
location: https://g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cokke1da6vts73ddgb5g
server: Caddy
set-cookie: uclick=nOiMwV5fa9011bGmOmCY5Gjl09xohb2rH+Po2YLtIya2BPGxtWjXgWVc56RgX82WPjTRDg==; Max-Age=31536000; SameSite=Lax
bcid=cokke1da6vts73ddgb5g; Max-Age=31536000; SameSite=Lax
cid=cokke1da6vts73ddgb5g; Max-Age=31536000; SameSite=Lax
x-request-id: 95659504-5105-490f-b622-3382a151b2d1
content-length: 0
X-Firefox-Spdy: h2
|
|
| g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cokke1da6vts73ddgb5g | 13.248.167.248 | 302 Found | 7.8 kB |
URL User Request GET HTTP/2g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cokke1da6vts73ddgb5g IP13.248.167.248:443
CertificateIssuerLet's Encrypt Subjectg.mtrck.org FingerprintB1:97:7C:87:E0:27:AF:43:D2:96:20:A4:78:6D:0C:61:EF:62:F7:69 ValidityThu, 14 Mar 2024 05:51:05 GMT - Wed, 12 Jun 2024 05:51:04 GMT
Hash30a6f69d95bc169f481b1522ddfa2476 344203ac7166af6f971cc87c39b9b07cfac76ff4 9c35214d348de7b7b95788edb67e0b0631269e25d1d2f22cb62033c37a916483
GET /c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cokke1da6vts73ddgb5g HTTP/1.1
Host: g.mtrck.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Wed, 24 Apr 2024 17:53:09 GMT
location: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
server: Caddy, nginx
set-cookie: XSRF-TOKEN=eyJpdiI6IldGMkdYQXduS3dVSlowK0dVMWxRWnc9PSIsInZhbHVlIjoiNDRIRllnK1pzUkZBMVJ3VXZtYXBTOG5jMFpBbXVTcXk1T0g3QmhyK29nRU9PNnR4SmZYTnE2R0QyRXZUd2NiNEtDNXR0aGkrR251cW4zd0NsZlpBSjcxQU5FTUtUNjJ0VWFTQkJsUFRhVmVkMkVLSXE5TEIvMUVSR0hSVitwbzgiLCJtYWMiOiI4ODEwNmFjODYwZGFkNGNlYTFjMDdkOWVlNjQ4OGU1MzZlZjc4MTYzNDc3ZGVhZGIwZmUzMjQzOTc3MjJhMmM2IiwidGFnIjoiIn0%3D; expires=Wed, 24-Apr-2024 19:53:09 GMT; Max-Age=7200; path=/; samesite=lax
clickbit_session=eyJpdiI6Ilo1NjZLdEEzNWREWmpZRWx0Ym1nc3c9PSIsInZhbHVlIjoiaGVqTEszNWcwcEhXd01LNWJ4Q0NyRUR2UkpFY2hydFhZaUc2bkhXT2w4R0M3cGJuR3FIQlJtd1lCRm14QUlqMzVYcHREamtLdWJoZVlRUG9vbWUxeS8xNGRYK2kxbWloSXZyNDhaQ0F6c3BFdTVoS3FiZHlsOWhyaFpRY2hGYjAiLCJtYWMiOiIzYTQxYTMxYjhkZTY0MTI5OWJhMDM0ZDc2YjM4Yjk5Yjg4Y2RiODUwODRkZDdkZDIyZjJjNWNmOTVkYzc4MTM5IiwidGFnIjoiIn0%3D; expires=Wed, 24-Apr-2024 19:53:09 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cid=eyJpdiI6IkFJd0J5elNNWjl2NlN3REpZTDdhWnc9PSIsInZhbHVlIjoic3JZQ2YvQi9Kb2tZZjhObnFvbVNpU3pWWDJsSW5nUnYrRkhZenRsOFE1d1RZL0JUS0RxTFBMaU5odFpSSHA3OCtoQ0x1WFozUGJKYys2T2pvTHl4K09aSTZuVzN5RENQTUYxV1IzbDhqUGs9IiwibWFjIjoiZDJhZTA3NTIzNTFkZmM4ZWI3YWZkM2RjZTI3MzdlNDk4MGM3MTBmNDVmMWU4ZWU2NGJkYTNmYmQyYWVlMTc0ZiIsInRhZyI6IiJ9; expires=Mon, 15-Aug-2078 04:09:48 GMT; Max-Age=1713780999; path=/; httponly; samesite=lax
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/images/check-icon.png | 172.67.191.215 | 200 OK | 45 kB |
URL GET HTTP/3prfectnewoffers.net/images/check-icon.png IP172.67.191.215:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typePNG image data, 900 x 520, 8-bit/color RGBA, non-interlaced Hash678be8aead34ae53e3a53f79ba30c820 a90e388c192e1287fb9132385e0e9960a1f7c15e 79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
GET /images/check-icon.png HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IkhNSmxiTU00Wk53bjR1K09IZWVqSVE9PSIsInZhbHVlIjoiU2VJdXZQYWNqNFRFRHJ0OWNFM1NXM3JlVmY4TzJcL290Qjh6T05hM1JwMHFMbktOYXFLQU5VVW9ieWd0UEFkOVAiLCJtYWMiOiJhNzdkY2FhYjFlNjVhZjc1OWQ0YjI4MTZjZTAzZWI0M2NmM2I1YWVmNDg5N2JkMjE5MjdhNmY2NjQwNDQwOTY2In0%3D; c=eyJpdiI6IkVNR0RPWWVVSkt6Qnk4YjQxR2YzdHc9PSIsInZhbHVlIjoiQzZ1VjlwYjFGNVdWZ1RhSHNaTEhBbGNlSUtwb0Fqc1wvZU1Iak1BY25yRTd4b3dyUFdYWDFXVVwvRWtXQW16R0lGIiwibWFjIjoiZjFlZmFlMWYxMmZiNmU2ZTYxOTg4MTkyYmNjYWIzZmVjYmM3ZWMwNTRhZTdmYzkzZDVhZDliNDEyMDc2NmExNSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: image/png
content-length: 45018
last-modified: Wed, 17 Apr 2024 15:39:41 GMT
etag: "661fed3d-afda"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 2779
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OoCDjf5GItmNp%2BRF0cJ429aO4E3eB9DFoqJ8Orv%2Fb8QFXGtYOgQd4lU2JOfpVptYw7YxHajrqa7uoQabc2f4ry7%2FC2ybkV23Ow6s2ObZmXm%2FvBuo6YD33cEXpyxDFOucC8wf5iU3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797f3847ac8b50c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png | 194.242.11.186 | 200 OK | 3.8 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 78 x 78, 8-bit/color RGBA, non-interlaced Hash2973d7d42cbc07bd0099eec135a5de96 a657b46c370c998c751368bd9231d9729e2b8d23 cd37a4eede36ce73ad4388f7f6a0483c87455e888b16eaee0c9e076abf7882dc
GET /43461/images/Icon-awesome-download.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: image/png
content-length: 3776
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "2973d7d42cbc07bd0099eec135a5de96"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000096a6b8a15cae6941-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b74dc1c0b55-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: aaece477d49332dd96f5b3e64ed6a0a4
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png | 194.242.11.186 | 200 OK | 3.7 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced Hashe26549054b8a37aff472cc3c68ca9f92 6d982d6d54f9f1af0ee1b88992dd25a16c66d77d 7cdbc2c72709df7bd0a11927adf1f751a7fc681d3e032267a2b9c4e328dcf40b
GET /43461/images/Icon-awesome-rocket.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: image/png
content-length: 3717
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "e26549054b8a37aff472cc3c68ca9f92"
last-modified: Wed, 13 Mar 2024 15:17:28 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001277ebaeb444c088-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc82efeb7130-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 209b1e6c9d36fa5ab9f0a5e3d8a0bfeb
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/logo.png | 194.242.11.186 | 200 OK | 12 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/logo.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 436 x 130, 8-bit/color RGBA, non-interlaced Hash34156c9cf33b3a62f654c05dce790379 3e937d90138e64ceb158a1d7940e88551e7d3ae4 d13af073b360ef22d6fae9f4553a70389ba215b9d4dff52a9e2358417be6921c
GET /43461/images/logo.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: image/png
content-length: 12510
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "34156c9cf33b3a62f654c05dce790379"
last-modified: Wed, 13 Mar 2024 15:17:34 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000008b1c89a4d0b15148-0065f29eca-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 864461ec3802b51d-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/14/2024 12:49:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 031e7ebc505a2e5759dafd5d8cce3531
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png | 194.242.11.186 | 200 OK | 4.0 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 71 x 72, 8-bit/color RGBA, non-interlaced Hashaa55fd19e5efcaea20c5baf81e722bbc 6e5466aa0c4bf4586f1d6e53ae63f9c1fc1a3f56 3d25d49488fafac19a1fd40686a0d901d245e613db1d0b1ddb9a38fa101c659e
GET /43461/images/Icon-ionic-md-trophy.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: image/png
content-length: 3992
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "aa55fd19e5efcaea20c5baf81e722bbc"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000052d3ae9d438c6d95-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b73bf9f0b45-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ea0668fb0abb6af51346f56b65e6e6a4
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Polygon-10.png | 194.242.11.186 | 200 OK | 465 B |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Polygon-10.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 46 x 69, 8-bit/color RGBA, non-interlaced Hash250d763ae00c38fc8d960305e2f11950 130acf813f4c80c9cc7db53decc8799c28e3eb43 d074af86e879deab518c017c9078083a6dc2214d6ca96b892c245bab5c94ceb1
GET /43461/images/Polygon-10.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: image/png
content-length: 465
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "250d763ae00c38fc8d960305e2f11950"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003cd7736e5659ab25-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc844d30b517-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f82677b413be8a67087aa16b5142b012
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif | 194.242.11.186 | 200 OK | 18 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeGIF image data, version 89a, 64 x 64 Hash313d1440d21ae95e5dcfa2f447f14456 8c850ce459c6b12090b887f19b3d824f49049a23 f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb
GET /43461/images/0PTcCKIlgr.gif HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: image/gif
content-length: 17963
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "313d1440d21ae95e5dcfa2f447f14456"
last-modified: Wed, 13 Mar 2024 15:17:39 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000020d12b6785ad2760-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 877c41d2ee4e56be-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/21/2024 09:13:16
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 15c4b2a436c3b3d3c904c20d3f5baad6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png | 194.242.11.186 | 200 OK | 101 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 522 x 848, 8-bit/color RGBA, non-interlaced Size101 kB (101329 bytes) Hash8d3c7b42fdd79ef3c7d81aee046465c8 933e6035c9082dc87418519e8c4e6550c3f1d8a1 f6d18c1ec94df13f3f335ee98f1cdc6010656e117c6a5bd0b47812580c188123
GET /43461/images/phone-with-shadow-bitbotapp.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: image/png
content-length: 101329
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "8d3c7b42fdd79ef3c7d81aee046465c8"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001497924583aa2f5c-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc830eae56a4-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c8f0bb6d1b057a1394b7ce5998f03b08
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png | 194.242.11.186 | 200 OK | 405 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 960 x 795, 8-bit/color RGBA, non-interlaced Size405 kB (405350 bytes) Hashb961c9e7e178aa1bb10a1ed8bbc37f76 5a4ae86e986118b8792a85c6c561e07c1f23ee03 15775556fc3dd033df8b911c03448a47cc4e14f26e36aecc2ac378f76c9307d8
GET /43461/images/robot-and-phone-final-img.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: image/png
content-length: 405350
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "b961c9e7e178aa1bb10a1ed8bbc37f76"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000d699074756f91dc7-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b76181e0b45-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 936af8ec885b39de69dfa74f42f0e87f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= | 172.67.191.215 | 200 OK | 405 kB |
URL User Request GET HTTP/2prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= IP172.67.191.215:443
CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (623) Size405 kB (404824 bytes) Hash622e6517f740775014668f8d582d2beb 2ba898cac0431bb554ff7e6f57a86babf7f764f0 44d91f07e26bd9aaa66d496b30c4c87928503a4e873b87587a4aad74d11a3003
GET /bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkhNSmxiTU00Wk53bjR1K09IZWVqSVE9PSIsInZhbHVlIjoiU2VJdXZQYWNqNFRFRHJ0OWNFM1NXM3JlVmY4TzJcL290Qjh6T05hM1JwMHFMbktOYXFLQU5VVW9ieWd0UEFkOVAiLCJtYWMiOiJhNzdkY2FhYjFlNjVhZjc1OWQ0YjI4MTZjZTAzZWI0M2NmM2I1YWVmNDg5N2JkMjE5MjdhNmY2NjQwNDQwOTY2In0%3D; expires=Wed, 24-Apr-2024 19:53:09 GMT; Max-Age=7200; path=/
c=eyJpdiI6IkVNR0RPWWVVSkt6Qnk4YjQxR2YzdHc9PSIsInZhbHVlIjoiQzZ1VjlwYjFGNVdWZ1RhSHNaTEhBbGNlSUtwb0Fqc1wvZU1Iak1BY25yRTd4b3dyUFdYWDFXVVwvRWtXQW16R0lGIiwibWFjIjoiZjFlZmFlMWYxMmZiNmU2ZTYxOTg4MTkyYmNjYWIzZmVjYmM3ZWMwNTRhZTdmYzkzZDVhZDliNDEyMDc2NmExNSJ9; expires=Wed, 24-Apr-2024 19:53:09 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NlMtpAM4vOxHSypQqetpYUWgR9asUEpMHM3Nrc%2Bos6kuxmC01wif6SM7gpsfT%2BFE6w20eu3sWvKJXtSspveHxg15qPKM6q0Lo2Q%2FySNCauycYhU6OLvrdXm9sxtErjVH0Ds0TYKl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797f381fd21569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-2.jpg | 194.242.11.186 | 200 OK | 242 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-2.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x788, components 3 Size242 kB (241782 bytes) Hash87ea1d39178e8229c5e1d3f4820d371b ffbc7e6774a0e1fdcbc0fa2dea5fa1ee91b2095f 762daaf85334b0f65ee1a790a52257782cef0f4481df7ce04715bfd2acf0f633
GET /43461/images/bg-img-2.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:10 GMT
content-type: image/jpeg
content-length: 241782
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
age: 0
cache-control: max-age=3600
etag: "87ea1d39178e8229c5e1d3f4820d371b"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx0000090b60f5f7e80b015-0065f29eca-52830f45-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8783c54cfa1a56ba-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/22/2024 07:06:21
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bc172734bb74be7c56ec09adeb0b67e8
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/build/funnel.css | 194.242.11.186 | 200 OK | 986 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/build/funnel.css IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeASCII text, with very long lines (45962) Size986 kB (986049 bytes) Hash670878add58e57bb842fb7530256b6f7 4e642526889846d2b06727762c71c5ec59a60f16 8db1af5a48d72fa1716165f347f781448ac6228b5fd21ec8b9008c2758e87b83
GET /43461/build/funnel.css HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=3600
etag: W/"670878add58e57bb842fb7530256b6f7"
last-modified: Wed, 13 Mar 2024 15:17:25 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003038141ea2822112-0065f1c7cc-5280ad0f-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 877c41ce290a56be-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/21/2024 09:13:15
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9fec1caf9c84553c19d0393a33d93549
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-3.jpg | 194.242.11.186 | 200 OK | 246 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-3.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x473, components 3 Size246 kB (246271 bytes) Hash1b514cd6bf37cbbb0738a585510fd600 e171926ee51ece136dc499e19c1adbb118f26f35 9d89491bdea31bb858e17bb9add38046eefa867be00184f3b653798969e3a7ea
GET /43461/images/bg-img-3.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:10 GMT
content-type: image/jpeg
content-length: 246271
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "1b514cd6bf37cbbb0738a585510fd600"
last-modified: Wed, 13 Mar 2024 15:17:38 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000000225d7167c00f3db-0065f29eca-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8673df3bdb3556cb-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/20/2024 07:08:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 30f2e19b91fad5664898c90635fd417e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-4.jpg | 194.242.11.186 | 200 OK | 375 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-4.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x692, components 3 Size375 kB (374893 bytes) Hashca2af1e0db4ffa75dc11257debbca866 9a4ecbbbb46dc174daa5eb39d804d00914602fdf 26c2c413b4a6d8f79064e6a92528e0a886da3e41f99acf7e5b8a01ff082f3f97
GET /43461/images/bg-img-4.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:10 GMT
content-type: image/jpeg
content-length: 374893
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "ca2af1e0db4ffa75dc11257debbca866"
last-modified: Wed, 13 Mar 2024 15:17:41 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000003769d44dac3c04af-0065f1c7cc-5280acec-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 869c8b777cce0b55-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f6ecdab270dab8947154afa407c60526
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 | 172.67.191.215 | 200 OK | 71 kB |
URL GET HTTP/3prfectnewoffers.net/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 IP172.67.191.215:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typePNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced Hash416250f60d785a2e02f17e054d2e4e44 21572c9751e5a3dc20395befa0fcb349c32c4811 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
GET /images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99
Cookie: XSRF-TOKEN=eyJpdiI6IkhNSmxiTU00Wk53bjR1K09IZWVqSVE9PSIsInZhbHVlIjoiU2VJdXZQYWNqNFRFRHJ0OWNFM1NXM3JlVmY4TzJcL290Qjh6T05hM1JwMHFMbktOYXFLQU5VVW9ieWd0UEFkOVAiLCJtYWMiOiJhNzdkY2FhYjFlNjVhZjc1OWQ0YjI4MTZjZTAzZWI0M2NmM2I1YWVmNDg5N2JkMjE5MjdhNmY2NjQwNDQwOTY2In0%3D; c=eyJpdiI6IkVNR0RPWWVVSkt6Qnk4YjQxR2YzdHc9PSIsInZhbHVlIjoiQzZ1VjlwYjFGNVdWZ1RhSHNaTEhBbGNlSUtwb0Fqc1wvZU1Iak1BY25yRTd4b3dyUFdYWDFXVVwvRWtXQW16R0lGIiwibWFjIjoiZjFlZmFlMWYxMmZiNmU2ZTYxOTg4MTkyYmNjYWIzZmVjYmM3ZWMwNTRhZTdmYzkzZDVhZDliNDEyMDc2NmExNSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:53:10 GMT
content-type: image/png
content-length: 70857
last-modified: Wed, 17 Apr 2024 15:49:32 GMT
etag: "661fef8c-114c9"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cache-control: max-age=14400
cf-cache-status: HIT
age: 2444
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOe%2B79lOe9NVFXuLWOuB7C8VvU91oZdj%2F16gFYCG8nLcuE89f4i5U3DaWu7umWpVhr4%2FCRCZH3FMSxt9CPXZGXcGy0pM7ht9%2F%2FXpsuTo0UnRvb1mtpn8KQ78LbXXeff773kjV7rA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797f38978f7b50c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 172.67.191.215 | 200 OK | 49 kB |
URL GET HTTP/3prfectnewoffers.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP172.67.191.215:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typegzip compressed data, from Unix Hash9a484f31c43845d7901af8ec6e3d9cfd 44412a2f95dd29b1d92bf07df53644856558f2e5 051619e83d94846d41a32a48b35dc5cd40ede2341e1005545c2c010279e0d67e
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IkhNSmxiTU00Wk53bjR1K09IZWVqSVE9PSIsInZhbHVlIjoiU2VJdXZQYWNqNFRFRHJ0OWNFM1NXM3JlVmY4TzJcL290Qjh6T05hM1JwMHFMbktOYXFLQU5VVW9ieWd0UEFkOVAiLCJtYWMiOiJhNzdkY2FhYjFlNjVhZjc1OWQ0YjI4MTZjZTAzZWI0M2NmM2I1YWVmNDg5N2JkMjE5MjdhNmY2NjQwNDQwOTY2In0%3D; c=eyJpdiI6IkVNR0RPWWVVSkt6Qnk4YjQxR2YzdHc9PSIsInZhbHVlIjoiQzZ1VjlwYjFGNVdWZ1RhSHNaTEhBbGNlSUtwb0Fqc1wvZU1Iak1BY25yRTd4b3dyUFdYWDFXVVwvRWtXQW16R0lGIiwibWFjIjoiZjFlZmFlMWYxMmZiNmU2ZTYxOTg4MTkyYmNjYWIzZmVjYmM3ZWMwNTRhZTdmYzkzZDVhZDliNDEyMDc2NmExNSJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=je5ZyHFOHCP5tk4MJCs5WmhhecYX645EOP0rWdIQrDOXVBe3UoQ%2F6kTmENB5whSKJx2El3A4K0ocZGvPACWAcq9qaE9xyhjBdA6o5FMuQT7x9Z4D8MundRIWJWJfwIGRZ5Jy%2BAmz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797f3849aeab50c-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 26 Apr 2024 17:53:09 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 573490
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 573490
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 573490
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/favicon.png | 194.242.11.186 | 200 OK | 1.8 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/favicon.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash482ce499d40d67a9f4e12e5c992e98ce 9b8ce74d23795fdafa1bd6ca98a45a402e77dcc8 a7e3b96b4eab4a0a983b1db97750021b9d18574877b51f5a23a600514694a887
GET /43461/images/favicon.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:11 GMT
content-type: image/png
content-length: 1805
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "482ce499d40d67a9f4e12e5c992e98ce"
last-modified: Wed, 13 Mar 2024 15:17:45 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000931254d7e4b970d6-0065f1c7a0-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 874b2f61f8dd56ba-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/15/2024 10:17:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4e592c88ecaaeeb23bab0ac1e6ae92ff
cdn-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=4XTkMdosgAEqB2RHgagNa2UDhgqJNsFzlKb0o0OWHnbZRhYOX_G7wYVytFMxW0qUZU4vWKYX0ckQWJssSMW5JFtXhfQ-9aa5W7k-WbLit9HjE4BS4-JIAFObRH51skq6
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Wed, 24 Apr 2024 17:51:24 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 122
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap | 142.250.74.106 | 200 OK | 88 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap IP142.250.74.106:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1572) Hash6a4571112dc1d4b0e37c6df7eba27cac 196e9eec0684faa62878e6f5e476710bd11f27bd 84675537119f9cc7f7a12120e2cf7ebe9cf645accde5cffca6d6da0c6ed03b32
GET /css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 17:53:10 GMT
date: Wed, 24 Apr 2024 17:53:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/event?hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf | 172.67.191.215 | 201 Created | 2 B |
URL POST HTTP/3prfectnewoffers.net/event?hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf IP172.67.191.215:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /event?hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IkRDak9hVVArRWNhWFZFVldIMnl2eXc9PSIsInZhbHVlIjoiQktRUlVnOWJEeW5xUXNGRU11NElcLzdhNkxqREY0b0FVUW1Dc25kWFh6SUdWR1JYUG0rNVltRVpZblZMY2NSXC9MIiwibWFjIjoiZmFiNzMyMWFhOWYxM2I4N2ZiMTZkYWI2YmFjMTQ1OTNlODI2NmM5NzU2NTljOTQzOWFiZjY1NzgxYTk1NTIzYSJ9
Content-Length: 182
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IkRDak9hVVArRWNhWFZFVldIMnl2eXc9PSIsInZhbHVlIjoiQktRUlVnOWJEeW5xUXNGRU11NElcLzdhNkxqREY0b0FVUW1Dc25kWFh6SUdWR1JYUG0rNVltRVpZblZMY2NSXC9MIiwibWFjIjoiZmFiNzMyMWFhOWYxM2I4N2ZiMTZkYWI2YmFjMTQ1OTNlODI2NmM5NzU2NTljOTQzOWFiZjY1NzgxYTk1NTIzYSJ9; c=eyJpdiI6IkNNMFc3VjVjU29lTkZKTWptUGRRZHc9PSIsInZhbHVlIjoiMmxPU1RGMVNtZWdreDVtXC9NWVB0N0FYbExCd1FZY2V6UnhQZk91NzB4K2lxMWdtaFQwSG5sTEVkZ0tod1lyOHoiLCJtYWMiOiI3ODQyNTNlMTM2ZGI3ZWEwZmFiNDkwNzRmZjc3OTI2M2YxM2Q1MWNjZWFkMDIxOWU0MDYzZWQxODNmOWRlOTkyIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 201 Created
date: Wed, 24 Apr 2024 17:53:11 GMT
content-type: application/json
cache-control: no-cache, private
access-control-allow-origin: https://prfectnewoffers.net
vary: Origin
set-cookie: XSRF-TOKEN=eyJpdiI6ImxSVWpDbkVIRzYyRmdsRVpueWlUZFE9PSIsInZhbHVlIjoiU3U5cFNydVFKTG0yOWE2WVBKd0pEeWVSOW1HXC81OTZjcHVlZHFheGUrVGdIblwvcnlmZ1d2MjNEbElMRXJ4djdLIiwibWFjIjoiNjgwOTNiOWQ4YmFiNmM5ZDI1OWRhYzRlMjFlMTA2MTZlYTdhODRiYmJlOTdkYjg3MTJkNDE1ZDMxM2JhYTBhNSJ9; expires=Wed, 24-Apr-2024 19:53:11 GMT; Max-Age=7200; path=/
c=eyJpdiI6InJhNG0yQ0Fyd1JUZUZFUnVXa1lxVHc9PSIsInZhbHVlIjoiSXZmWXU5QnFIc1VzZ2xuSThJVU5hSklLRjhFRWNyZTJ5SVFLTCthRW51bHF2MGt5VUt6SWVEUVUzME5MMDNKciIsIm1hYyI6IjM5NmQwYjVjYTdmMmJkODliZDliZGZlMDNjMTM0YTgzMWE4NGI2MDAwYTYxYWU2YTUwYWIwZDA3MmJjMDY4MTQifQ%3D%3D; expires=Wed, 24-Apr-2024 19:53:11 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKFaTcTkCVGw2ZVHHoNT%2FoA6F3YzZvRHFoQOrx2ns3iIOfC811P8tgk%2Bh4yDtCTixFc2y4znaVSI7bWUCB8PutjHSm32HcL33vD2sENmCbzDMKoJogt5zIgiwcgTUhnt8vX4voMZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797f38a9a5ab50c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/media/sad-face.svg | 172.67.191.215 | 200 OK | 1.5 kB |
URL GET HTTP/3prfectnewoffers.net/media/sad-face.svg IP172.67.191.215:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeSVG Scalable Vector Graphics image Hashbdcbafe1e1645bbc976b921ce3bd9f4e 425452c8d3c086c51b181cfe80a301203864f62d cfe7deb082ac3df432e92adddb66f59764d147cfbd5862742a16cec471fa86f0
GET /media/sad-face.svg HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IkhNSmxiTU00Wk53bjR1K09IZWVqSVE9PSIsInZhbHVlIjoiU2VJdXZQYWNqNFRFRHJ0OWNFM1NXM3JlVmY4TzJcL290Qjh6T05hM1JwMHFMbktOYXFLQU5VVW9ieWd0UEFkOVAiLCJtYWMiOiJhNzdkY2FhYjFlNjVhZjc1OWQ0YjI4MTZjZTAzZWI0M2NmM2I1YWVmNDg5N2JkMjE5MjdhNmY2NjQwNDQwOTY2In0%3D; c=eyJpdiI6IkVNR0RPWWVVSkt6Qnk4YjQxR2YzdHc9PSIsInZhbHVlIjoiQzZ1VjlwYjFGNVdWZ1RhSHNaTEhBbGNlSUtwb0Fqc1wvZU1Iak1BY25yRTd4b3dyUFdYWDFXVVwvRWtXQW16R0lGIiwibWFjIjoiZjFlZmFlMWYxMmZiNmU2ZTYxOTg4MTkyYmNjYWIzZmVjYmM3ZWMwNTRhZTdmYzkzZDVhZDliNDEyMDc2NmExNSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Apr 2024 15:49:32 GMT
vary: Accept-Encoding
etag: W/"661fef8c-5dc"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cache-control: max-age=14400
cf-cache-status: HIT
age: 2626
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTxVM6WoaGG3w7AeDmz93cfumRJhm4sMh3EymzYquHFVUxiNL8hVCJJ4lgsVyuQdiFIU%2Ft9XG8EbQma3JG0RV9sUY%2FY%2FDAtGEB8kC52SLx16y1d3A%2Fl%2Fi6eOQlExL%2BLFfP%2FcvLhK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797f3848ae3b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/js/redirect.js?id=7205070985cfaaa84a2b | 172.67.191.215 | 200 OK | 2.7 kB |
URL GET HTTP/3prfectnewoffers.net/js/redirect.js?id=7205070985cfaaa84a2b IP172.67.191.215:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeJavaScript source, ASCII text, with very long lines (2812), with no line terminators Hashdb1ca2ad2cadb6217bca95f7084e4dfa 7f0c9879b54c9220d7f62014dfd96dd1eacdb7c8 28e07720845339964050f6b68fd46908907d911a6abc687e2a41fc220ebf4f99
GET /js/redirect.js?id=7205070985cfaaa84a2b HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IkhNSmxiTU00Wk53bjR1K09IZWVqSVE9PSIsInZhbHVlIjoiU2VJdXZQYWNqNFRFRHJ0OWNFM1NXM3JlVmY4TzJcL290Qjh6T05hM1JwMHFMbktOYXFLQU5VVW9ieWd0UEFkOVAiLCJtYWMiOiJhNzdkY2FhYjFlNjVhZjc1OWQ0YjI4MTZjZTAzZWI0M2NmM2I1YWVmNDg5N2JkMjE5MjdhNmY2NjQwNDQwOTY2In0%3D; c=eyJpdiI6IkVNR0RPWWVVSkt6Qnk4YjQxR2YzdHc9PSIsInZhbHVlIjoiQzZ1VjlwYjFGNVdWZ1RhSHNaTEhBbGNlSUtwb0Fqc1wvZU1Iak1BY25yRTd4b3dyUFdYWDFXVVwvRWtXQW16R0lGIiwibWFjIjoiZjFlZmFlMWYxMmZiNmU2ZTYxOTg4MTkyYmNjYWIzZmVjYmM3ZWMwNTRhZTdmYzkzZDVhZDliNDEyMDc2NmExNSJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 17 Apr 2024 15:49:17 GMT
vary: Accept-Encoding
etag: W/"661fef7d-ab2"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 2667
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FBHotH3WaGvIq4Gmxz%2FfXCA5fBLn9dMs60tayUHMkmtxF1sTZGuf65c%2BuBkxoCnloHc6dTU9mqtltOBbyo8Hplmdx5TtfxHaZU6KXPalPVSw3V%2BABMRbHIJI4XTig%2Fc%2F0kuIADRv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797f3849aedb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99 | 172.67.191.215 | 200 OK | 22 kB |
URL GET HTTP/3prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99 IP172.67.191.215:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeASCII text, with very long lines (19895) Hashf996a15d4340ce7f6a994015a99c95d9 e59e2ce631dcf0619e149659a0052285e374def4 f93e02936033f95f052bec10b8041b15ec34b661a699957113f8646875c81718
GET /css/forms.css?id=f996a15d4340ce7f6a99 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IkhNSmxiTU00Wk53bjR1K09IZWVqSVE9PSIsInZhbHVlIjoiU2VJdXZQYWNqNFRFRHJ0OWNFM1NXM3JlVmY4TzJcL290Qjh6T05hM1JwMHFMbktOYXFLQU5VVW9ieWd0UEFkOVAiLCJtYWMiOiJhNzdkY2FhYjFlNjVhZjc1OWQ0YjI4MTZjZTAzZWI0M2NmM2I1YWVmNDg5N2JkMjE5MjdhNmY2NjQwNDQwOTY2In0%3D; c=eyJpdiI6IkVNR0RPWWVVSkt6Qnk4YjQxR2YzdHc9PSIsInZhbHVlIjoiQzZ1VjlwYjFGNVdWZ1RhSHNaTEhBbGNlSUtwb0Fqc1wvZU1Iak1BY25yRTd4b3dyUFdYWDFXVVwvRWtXQW16R0lGIiwibWFjIjoiZjFlZmFlMWYxMmZiNmU2ZTYxOTg4MTkyYmNjYWIzZmVjYmM3ZWMwNTRhZTdmYzkzZDVhZDliNDEyMDc2NmExNSJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: text/css
last-modified: Wed, 17 Apr 2024 15:49:32 GMT
vary: Accept-Encoding
etag: W/"661fef8c-570a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cache-control: max-age=14400
cf-cache-status: HIT
age: 2779
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2BMExzDfFDtKVV3YzrcJDaAqvCszqb7xdWV6oVf7djM8%2B%2FUTnV22CI2NpzBuavXKMwq72JP3sAgGQAesOHbolpk0Ex5blXdLKJAQjVtEPsZxED95UucYBdBmbph5y0K5OQLXkN%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797f3847ac1b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static-133.b-cdn.net/43461/images/hero-img-new.jpg | 194.242.11.186 | 200 OK | 394 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/hero-img-new.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x935, components 3 Size394 kB (393575 bytes) Hash8867f07ab37b30a70556531fab9ab745 b38438f367b8db496568700d6f07ffc17a185151 d74199bd755af51a2080d1caad0f8655afebbd5da7b56ee3302699c7bd856b0a
GET /43461/images/hero-img-new.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:10 GMT
content-type: image/jpeg
content-length: 393575
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
age: 0
cache-control: max-age=3600
etag: "8867f07ab37b30a70556531fab9ab745"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000001c2614e59fb41b02-0065f1c7cc-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8783c54c89b256ba-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/22/2024 07:06:21
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d8b5afbe838f04dffdc042c910f55e78
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/build/funnel.js | 194.242.11.186 | 200 OK | 735 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/build/funnel.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
Size735 kB (735343 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /43461/build/funnel.js HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=3600
etag: W/"154334f976eb4c2bbea602efb4ad82ce"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000171f16e097b1d7c2-0065f29eca-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869b6440a89156bb-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 02:15:10
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b0ba03e16d211adbd1136511bb138e19
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/locate | 172.67.191.215 | 200 OK | 144 B |
URL GET HTTP/3prfectnewoffers.net/locate IP172.67.191.215:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hasha78c1f9242aa33a87bd5f7a7f6cf21af 61484ea912efce8fe8b9aef0eb79eacadecd0968 47ba1d847752b8b99d6b67a2eaa654648624b7035ae2780c5efcbb328b09749e
GET /locate HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IkhNSmxiTU00Wk53bjR1K09IZWVqSVE9PSIsInZhbHVlIjoiU2VJdXZQYWNqNFRFRHJ0OWNFM1NXM3JlVmY4TzJcL290Qjh6T05hM1JwMHFMbktOYXFLQU5VVW9ieWd0UEFkOVAiLCJtYWMiOiJhNzdkY2FhYjFlNjVhZjc1OWQ0YjI4MTZjZTAzZWI0M2NmM2I1YWVmNDg5N2JkMjE5MjdhNmY2NjQwNDQwOTY2In0=
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IkhNSmxiTU00Wk53bjR1K09IZWVqSVE9PSIsInZhbHVlIjoiU2VJdXZQYWNqNFRFRHJ0OWNFM1NXM3JlVmY4TzJcL290Qjh6T05hM1JwMHFMbktOYXFLQU5VVW9ieWd0UEFkOVAiLCJtYWMiOiJhNzdkY2FhYjFlNjVhZjc1OWQ0YjI4MTZjZTAzZWI0M2NmM2I1YWVmNDg5N2JkMjE5MjdhNmY2NjQwNDQwOTY2In0%3D; c=eyJpdiI6IkVNR0RPWWVVSkt6Qnk4YjQxR2YzdHc9PSIsInZhbHVlIjoiQzZ1VjlwYjFGNVdWZ1RhSHNaTEhBbGNlSUtwb0Fqc1wvZU1Iak1BY25yRTd4b3dyUFdYWDFXVVwvRWtXQW16R0lGIiwibWFjIjoiZjFlZmFlMWYxMmZiNmU2ZTYxOTg4MTkyYmNjYWIzZmVjYmM3ZWMwNTRhZTdmYzkzZDVhZDliNDEyMDc2NmExNSJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:53:10 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkRDak9hVVArRWNhWFZFVldIMnl2eXc9PSIsInZhbHVlIjoiQktRUlVnOWJEeW5xUXNGRU11NElcLzdhNkxqREY0b0FVUW1Dc25kWFh6SUdWR1JYUG0rNVltRVpZblZMY2NSXC9MIiwibWFjIjoiZmFiNzMyMWFhOWYxM2I4N2ZiMTZkYWI2YmFjMTQ1OTNlODI2NmM5NzU2NTljOTQzOWFiZjY1NzgxYTk1NTIzYSJ9; expires=Wed, 24-Apr-2024 19:53:10 GMT; Max-Age=7200; path=/
c=eyJpdiI6IkNNMFc3VjVjU29lTkZKTWptUGRRZHc9PSIsInZhbHVlIjoiMmxPU1RGMVNtZWdreDVtXC9NWVB0N0FYbExCd1FZY2V6UnhQZk91NzB4K2lxMWdtaFQwSG5sTEVkZ0tod1lyOHoiLCJtYWMiOiI3ODQyNTNlMTM2ZGI3ZWEwZmFiNDkwNzRmZjc3OTI2M2YxM2Q1MWNjZWFkMDIxOWU0MDYzZWQxODNmOWRlOTkyIn0%3D; expires=Wed, 24-Apr-2024 19:53:10 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m29hBwaHvLMQay%2Fw9DnC%2BP%2B%2F87AhjcYczc%2BAr5zoHASH9ybpUGyMUnP2pql6JTpz2M4OMcE8CJMhB%2BA7yoLSOvhVvNWIqiOIFFzcgN9SjDMr9aXprtBApNSAq%2BOKAGl0ZFjvNCCQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797f389a942b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/js/l.js?id=f699e0c1aa11fe1bdd00 | 172.67.191.215 | 200 OK | 422 kB |
URL GET HTTP/3prfectnewoffers.net/js/l.js?id=f699e0c1aa11fe1bdd00 IP172.67.191.215:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
Size422 kB (421698 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/l.js?id=f699e0c1aa11fe1bdd00 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IkhNSmxiTU00Wk53bjR1K09IZWVqSVE9PSIsInZhbHVlIjoiU2VJdXZQYWNqNFRFRHJ0OWNFM1NXM3JlVmY4TzJcL290Qjh6T05hM1JwMHFMbktOYXFLQU5VVW9ieWd0UEFkOVAiLCJtYWMiOiJhNzdkY2FhYjFlNjVhZjc1OWQ0YjI4MTZjZTAzZWI0M2NmM2I1YWVmNDg5N2JkMjE5MjdhNmY2NjQwNDQwOTY2In0%3D; c=eyJpdiI6IkVNR0RPWWVVSkt6Qnk4YjQxR2YzdHc9PSIsInZhbHVlIjoiQzZ1VjlwYjFGNVdWZ1RhSHNaTEhBbGNlSUtwb0Fqc1wvZU1Iak1BY25yRTd4b3dyUFdYWDFXVVwvRWtXQW16R0lGIiwibWFjIjoiZjFlZmFlMWYxMmZiNmU2ZTYxOTg4MTkyYmNjYWIzZmVjYmM3ZWMwNTRhZTdmYzkzZDVhZDliNDEyMDc2NmExNSJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 17 Apr 2024 15:49:13 GMT
vary: Accept-Encoding
etag: W/"661fef79-66f42"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
cache-control: max-age=14400
cf-cache-status: HIT
age: 2658
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xV8W30um%2BlZCUGHoBGmRn5ppsMBICr2oPhgL3O1UIxM%2Bs9nYOEAorXC%2FblcoO3z5vwX%2BGPVWWMvI8fJYwU8ptwFWfBZ0QLnZPPPuadDnAiirFH0PG57AXvm8huaFm2FG7BsXzZeJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797f3849af3b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static-133.b-cdn.net/43461/images/brush-stroke.svg | 194.242.11.186 | 200 OK | 124 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/brush-stroke.svg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size124 kB (124282 bytes) Hash2affaa6cbada4631a14b44e4390b0358 e7ad09b7af15b3c1aaff622222a654343e358dfe d8783d3e7e17ac28d426e6d7b992027af21ba4f86976b1526b9a1e53a047d169
GET /43461/images/brush-stroke.svg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:10 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: W/"2affaa6cbada4631a14b44e4390b0358"
last-modified: Wed, 13 Mar 2024 15:17:35 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000005c4296c53e680ad2-0065f29eca-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b777a0b56ae-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5b7c471e90a4d165084c83ceb52c75e9
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/mockup-three-phone.png | 194.242.11.186 | 200 OK | 965 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/mockup-three-phone.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 1920 x 808, 8-bit/color RGBA, non-interlaced Size965 kB (964789 bytes) Hashd656e316c5f67a3d7eadc3a4e8a9c1f2 41d0a52bb6ad7351526c739589b85b9c275e963d 2236f4e50c3ddd56f65a30164785676c5d3a1569fa9297418679f25f6ff0bd90
GET /43461/images/mockup-three-phone.png HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:53:10 GMT
content-type: image/png
content-length: 964789
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "d656e316c5f67a3d7eadc3a4e8a9c1f2"
last-modified: Wed, 13 Mar 2024 15:17:29 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000002dd9f695ca30bbb0-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 877c41d43ddb56c5-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/21/2024 09:13:16
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3ba1976511262334aca5a0ba9c74ef06
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/css/flow.css?id=1a2dada5ba76c1b29ae1 | 172.67.191.215 | 200 OK | 385 B |
URL GET HTTP/3prfectnewoffers.net/css/flow.css?id=1a2dada5ba76c1b29ae1 IP172.67.191.215:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeASCII text, with very long lines (387), with no line terminators Hash716b5bae177d32d4cd7705aea9c3aea6 528d34269613ca77e628a9f9e96c860db310b30e 5a4a12046a65a7d262113515770984da1c25d37e7e85cb169de334467043d386
GET /css/flow.css?id=1a2dada5ba76c1b29ae1 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9be2bbfe-9028-4470-99cf-6fc26fabdedf&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IkhNSmxiTU00Wk53bjR1K09IZWVqSVE9PSIsInZhbHVlIjoiU2VJdXZQYWNqNFRFRHJ0OWNFM1NXM3JlVmY4TzJcL290Qjh6T05hM1JwMHFMbktOYXFLQU5VVW9ieWd0UEFkOVAiLCJtYWMiOiJhNzdkY2FhYjFlNjVhZjc1OWQ0YjI4MTZjZTAzZWI0M2NmM2I1YWVmNDg5N2JkMjE5MjdhNmY2NjQwNDQwOTY2In0%3D; c=eyJpdiI6IkVNR0RPWWVVSkt6Qnk4YjQxR2YzdHc9PSIsInZhbHVlIjoiQzZ1VjlwYjFGNVdWZ1RhSHNaTEhBbGNlSUtwb0Fqc1wvZU1Iak1BY25yRTd4b3dyUFdYWDFXVVwvRWtXQW16R0lGIiwibWFjIjoiZjFlZmFlMWYxMmZiNmU2ZTYxOTg4MTkyYmNjYWIzZmVjYmM3ZWMwNTRhZTdmYzkzZDVhZDliNDEyMDc2NmExNSJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:53:09 GMT
content-type: text/css
last-modified: Wed, 17 Apr 2024 15:49:17 GMT
vary: Accept-Encoding
etag: W/"661fef7d-181"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 2779
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gltabKfBP1kbI%2BSt%2BDaf1o9W1GwjLmaI2mIdolZkUBpn9FINFG7s%2FB72I%2Fh59NwN8vRkwgNMrlbzQbcMxews7hEsNLPvue8q0pBHp20dVDzNfy8PEHQrSZduQh%2FDEVUmR9s4cvJ3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797f3847ac3b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|