| bujerdaz.com/zone?&pub=0&zone_id=7017084&is_mobile=false&domain=id.watchest.net&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=e588bc49-8401-4d9d-9b74-c543fbb50d79&action=prerequest | 139.45.197.250 | | 0 B |
URL bujerdaz.com/zone?&pub=0&zone_id=7017084&is_mobile=false&domain=id.watchest.net&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=e588bc49-8401-4d9d-9b74-c543fbb50d79&action=prerequest IP139.45.197.250:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7017084&is_mobile=false&domain=id.watchest.net&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=e588bc49-8401-4d9d-9b74-c543fbb50d79&action=prerequest HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://id.watchest.net
DNT: 1
Connection: keep-alive
Referer: https://id.watchest.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 16:41:12 GMT
content-length: 0
x-trace-id: f89963fa3958d3d8d8a8519f66ac67ae
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://id.watchest.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| id.watchest.net/mrs/medias/cmn.css?v=48723594 | 188.114.96.1 | | 22 kB |
URL id.watchest.net/mrs/medias/cmn.css?v=48723594 IP188.114.96.1:0
Hash568640d91450c76e06a03c5ee7bda63a 557cd8b55c1e12ec05b4c87fb0a3dbf6b7ff7396 454561688e715888868a953d7df487034b1469a23d5da0d7799a24b953f45a4b
GET /mrs/medias/cmn.css?v=48723594 HTTP/1.1
Host: id.watchest.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://id.watchest.net/mrs/?bvmToken=mabkPl-6V4nlb1eqjk65W-8EVgSZiFFEhZaWlqPHm2qBD2wRMfQNGCR1MOiqzlIoRxI12zYHpaVJEbDxA8T3yFOvd34RGPpM2lqokimQaNr7jD9IuUl5J3IJ7X_Mn__N4IDCNmovDcEChnmiJpRaBwNWAuEL6x1qpimrPw15CYy-8nGHBtF1VnjvVYGGnW3Gaov-GHbTK0I9crv8SgNIsSxVHWwaQL2rE291u6Pz6r-lLru2whMrzpiz6a1VWvXfkAbrjIJXJHFl4U2tbeIVBNLMZ4nY8ErX8fderCNX2FFykQzpmtXk5ELl4ydyhlT5xMkV_eRhsas60sjK8n-FAvk7U22wsPJdEwEnhFtj57-SmgXW2l9TBGxg_zh2PQnADFBXQ10ObMgjWPF8d9jL3WBM04tJvO74xdwCn7PeG3BKJHBkuQ1R2YuxOY5WF6XbgRO9OaSq-BKv_5nTws-wvckaAzj616QW4KFFiVy0Z4fH1rNet_pyLl38Ot7THFL9kuvWN8OiH6-ACugqGzY0cZ5MDXqsYR9s9pr8t00kQZayR6B252qUsOO5Nbswu1W0i0tm2GcmTVJ9UcnfmcKw1rUypjj-8vtGRTgnrlQzdpctHfKyZDP3eOk85MnakLryesFkTgeiIU34Y4I7Q_eadQgGyMJb8fakIrX80cbjBDSnzJn9Go6A1oTZVuVMSF_iYKOc2N7CPsr8cnnSAyAlm7uzl9Tvf3iCCUC4iC85SLt-fFStwFO37MEjz4W7ZUMpRPv6hQY94G5Hpjc4daJBa5WPMhdgxnWVgZCbJwaR0IfmSmNuafhX3JYOMoXl3Z4xzqdzbWWFI54nzv2R64N3pC-3SfX6A5oN1-60QASOfmiJS2D1Xpo3tqQoLPDkqPvNkjbsPV5dmEr-LRnZNW3rUPe6prG1-9fh6uDRZY_gQhdgPtzhd-tK66tt_wHoMIrTvCz1kHcsoYmQw2wwEjDgVAMh9ADLqTwKSnB4AvMUT-2p5Ng-sUBLkKofH-A7z3XkZh4IlVwr1ilh8fx_2I4Myc5mRRZSPPkQlCTDg4bIev6qrTjc3XKlc3QYvqKExN-xmLRRHIHhRxtrN2cBfXufXM7xNUiUv_4Lk2VHupf8uLEzK0SFqChXexsqcSow7lY_lCVNFEwVykw7anvw_WROS5GlglLqM9AECUsotDFSLtqLWdHdiSJqyW81eBSNakPVfclkqp--MaBuDDOBs9a-qtKHlNNHnXxP9HauFOS-DE3cw2x6VZSlvYx7SWHFZyQBJMY3qCSnXGAsGMcI1FHEriAZAp0GeKKNyUdv8p7D2gq7U6z29rj-MT2nYjxbnOmiiQdIYn1DFe4ZtzxSmAkhMK0-4_yViUudZGfI9rmpe5i4eEXrBH4qZbSMY0GgMok7Xu4cwLRaJPlze0MPI7Wt4AtJWAjOhlOQlndcwtKLUU5xDJWTRkILx8Eht2N2mcNCZl0XkKTfer3-uE92&l=bm65b9ac77a2be7&moid=811745753696313344&mrsx=cot5j9tip8js431chu4g&oxid=90a5170dc9c40af3fdbeecda8caded939d2030ce9abaeafedf7b5f2e347b21d69f542c9292d8e6ba3cf8c892d7b42361fcfd9ab3c7f53ef9d8478b35586779375a3822b368a1eaf01e68529528ce1e59e3aa7f7be06b3091181e4bc1c0939058553ebcec4fabf32ec50624805fb4a3bdec4fd353bc0ab2c00e8bfe276c19aafd&sid=b2ab689a-b0a0-4fbd-9ad4-e600fcb634cb&suid=6765106&var1=bvmproads-mtn&var2=chrome&var3=mobile&var4=Mozilla%2F5.0%28iPad&var5=&var6=4983132&var7=8167540&var8=visafone-ng&var9=ios17
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:41:12 GMT
content-type: text/css
last-modified: Tue, 28 Nov 2023 09:05:07 GMT
vary: Accept-Encoding
etag: W/"6565ad43-911"
expires: Tue, 14 May 2024 16:41:12 GMT
cache-control: max-age=604800
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wwqc4T3ny9OqBMf3FrnNWUZSUV4hyAsiNr0TY0ShFoKzXPfAAsB7iJz4Dj7xajayMBEeGAuODrZobMWXzqO2NqeZdfM%2FIY8xl4XY4BPed0tpfgS9amZJ3KNADF%2FxvbuNFE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802a7fb2adcb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| id.watchest.net/mrs/medias/cmn.js?v=95741533 | 188.114.96.1 | | 1.2 kB |
URL id.watchest.net/mrs/medias/cmn.js?v=95741533 IP188.114.96.1:0
File typeJavaScript source, ASCII text Hashd1b65ad6a71b0ffa8e0b8d9dc3b4aaf6 7fb9e0bedef6bfa752772e563c4ad6879df6c760 165abb0283087cbb24d2a88a0586129decc26b1230bed54cd8eea4369c377950
GET /mrs/medias/cmn.js?v=95741533 HTTP/1.1
Host: id.watchest.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://id.watchest.net/mrs/?bvmToken=mabkPl-6V4nlb1eqjk65W-8EVgSZiFFEhZaWlqPHm2qBD2wRMfQNGCR1MOiqzlIoRxI12zYHpaVJEbDxA8T3yFOvd34RGPpM2lqokimQaNr7jD9IuUl5J3IJ7X_Mn__N4IDCNmovDcEChnmiJpRaBwNWAuEL6x1qpimrPw15CYy-8nGHBtF1VnjvVYGGnW3Gaov-GHbTK0I9crv8SgNIsSxVHWwaQL2rE291u6Pz6r-lLru2whMrzpiz6a1VWvXfkAbrjIJXJHFl4U2tbeIVBNLMZ4nY8ErX8fderCNX2FFykQzpmtXk5ELl4ydyhlT5xMkV_eRhsas60sjK8n-FAvk7U22wsPJdEwEnhFtj57-SmgXW2l9TBGxg_zh2PQnADFBXQ10ObMgjWPF8d9jL3WBM04tJvO74xdwCn7PeG3BKJHBkuQ1R2YuxOY5WF6XbgRO9OaSq-BKv_5nTws-wvckaAzj616QW4KFFiVy0Z4fH1rNet_pyLl38Ot7THFL9kuvWN8OiH6-ACugqGzY0cZ5MDXqsYR9s9pr8t00kQZayR6B252qUsOO5Nbswu1W0i0tm2GcmTVJ9UcnfmcKw1rUypjj-8vtGRTgnrlQzdpctHfKyZDP3eOk85MnakLryesFkTgeiIU34Y4I7Q_eadQgGyMJb8fakIrX80cbjBDSnzJn9Go6A1oTZVuVMSF_iYKOc2N7CPsr8cnnSAyAlm7uzl9Tvf3iCCUC4iC85SLt-fFStwFO37MEjz4W7ZUMpRPv6hQY94G5Hpjc4daJBa5WPMhdgxnWVgZCbJwaR0IfmSmNuafhX3JYOMoXl3Z4xzqdzbWWFI54nzv2R64N3pC-3SfX6A5oN1-60QASOfmiJS2D1Xpo3tqQoLPDkqPvNkjbsPV5dmEr-LRnZNW3rUPe6prG1-9fh6uDRZY_gQhdgPtzhd-tK66tt_wHoMIrTvCz1kHcsoYmQw2wwEjDgVAMh9ADLqTwKSnB4AvMUT-2p5Ng-sUBLkKofH-A7z3XkZh4IlVwr1ilh8fx_2I4Myc5mRRZSPPkQlCTDg4bIev6qrTjc3XKlc3QYvqKExN-xmLRRHIHhRxtrN2cBfXufXM7xNUiUv_4Lk2VHupf8uLEzK0SFqChXexsqcSow7lY_lCVNFEwVykw7anvw_WROS5GlglLqM9AECUsotDFSLtqLWdHdiSJqyW81eBSNakPVfclkqp--MaBuDDOBs9a-qtKHlNNHnXxP9HauFOS-DE3cw2x6VZSlvYx7SWHFZyQBJMY3qCSnXGAsGMcI1FHEriAZAp0GeKKNyUdv8p7D2gq7U6z29rj-MT2nYjxbnOmiiQdIYn1DFe4ZtzxSmAkhMK0-4_yViUudZGfI9rmpe5i4eEXrBH4qZbSMY0GgMok7Xu4cwLRaJPlze0MPI7Wt4AtJWAjOhlOQlndcwtKLUU5xDJWTRkILx8Eht2N2mcNCZl0XkKTfer3-uE92&l=bm65b9ac77a2be7&moid=811745753696313344&mrsx=cot5j9tip8js431chu4g&oxid=90a5170dc9c40af3fdbeecda8caded939d2030ce9abaeafedf7b5f2e347b21d69f542c9292d8e6ba3cf8c892d7b42361fcfd9ab3c7f53ef9d8478b35586779375a3822b368a1eaf01e68529528ce1e59e3aa7f7be06b3091181e4bc1c0939058553ebcec4fabf32ec50624805fb4a3bdec4fd353bc0ab2c00e8bfe276c19aafd&sid=b2ab689a-b0a0-4fbd-9ad4-e600fcb634cb&suid=6765106&var1=bvmproads-mtn&var2=chrome&var3=mobile&var4=Mozilla%2F5.0%28iPad&var5=&var6=4983132&var7=8167540&var8=visafone-ng&var9=ios17
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:41:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 16 Dec 2022 13:14:33 GMT
vary: Accept-Encoding
etag: W/"639c6f39-7d3"
expires: Tue, 14 May 2024 16:41:12 GMT
cache-control: max-age=604800
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FTLTEu%2B%2FqHsMI4ZSebP%2Bgq6fXJLPaM8yuMTPHsWyURqtgO8mKXIKWjcZS%2ByHncMWnlDrDyr83UrPNEgpkdvySV1BWueNtKLWg36yRmC2omrPj02Gl6FX%2B%2Fa%2FZDSBPokZ%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802a7fb2ae1b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| jouteetu.net/custom | 139.45.197.251 | | 39 B |
IP139.45.197.251:0
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2262
Origin: https://id.watchest.net
DNT: 1
Connection: keep-alive
Referer: https://id.watchest.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 16:41:12 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f0e0ae0c1058b0f435de4ba89c48008c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://id.watchest.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | | 39 B |
IP139.45.197.251:0
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2263
Origin: https://id.watchest.net
DNT: 1
Connection: keep-alive
Referer: https://id.watchest.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 16:41:12 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: ea61efb5744900a707f2e6f4b7dd0fef
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://id.watchest.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | | 39 B |
IP139.45.197.251:0
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2260
Origin: https://id.watchest.net
DNT: 1
Connection: keep-alive
Referer: https://id.watchest.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 16:41:12 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: eada9b3a9ebddc4dcdcb06c359f00dd0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://id.watchest.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | | 0 B |
IP139.45.197.250:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://id.watchest.net/
Origin: https://id.watchest.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 16:41:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://id.watchest.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | | 94 B |
IP139.45.197.250:0
Hash27f77b2291d6acb397c5062dc4e884fb 74de1cf3959d3494959df79a51a73267285c0174 063a061152ea94cf3a9543bd324993573e4381fca1764a475582ec3151748886
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2882
Origin: https://id.watchest.net
DNT: 1
Connection: keep-alive
Referer: https://id.watchest.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 16:41:12 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://id.watchest.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | | 39 B |
IP139.45.197.251:0
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2272
Origin: https://id.watchest.net
DNT: 1
Connection: keep-alive
Referer: https://id.watchest.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 16:41:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 0bb530a4e0b0df0133152f7b42591cb7
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://id.watchest.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| bvmgo.click/click/ | 172.67.155.150 | | 10 kB |
IP172.67.155.150:0
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash50bc4b99690444780d388ef5e3091e3d ae75db7a6b7067cfaef4d737d91ec6ba4a390535 8455e1d337ef51ef8828d09f0d4c9d685d2b404e55961db3b00a7fa57dab3d26
GET /click/ HTTP/1.1
Host: bvmgo.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://id.watchest.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:19 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22bV1YiLCqDcqnAkFE6y1VgKwWQ8LI4fGga1xy5e2sWfA9Byi9mGlxJ3A9PajH6YFUH0HfuLZJVCON0qURPhVRdS58ZfhirAaz8g2kXo%2FpO1IUodjn2jMiGLc2SnqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802a8288fc35685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| oodrampi.com/sftouch?userId=0080559ddab8420cfe632c33674c4e03&z=6795341&p_rid=0b5d1a81-7e7e-4611-b690-90bc2aa902cf&p_src=sf&branchId=0&rb=UrSOZHFVCACiPoIfiSqWg1ENP5o4XiPdqm2E6PEER3d29Y2MEB77OCHabMpNLi6LK_OHexuiFB4-1LWytXwZssTmTcu6t3d4bCjaFTqn6Vbb0pxAp73wZ714FdMVZLm1zAzvSIyg7rNNLAffzwwrMy9plNtC32ppMxb-iWqL0WUkNUZ7MZ5t-xiEAmwZV5Jizx-H57L_DuKdHi4dC916eUVrsFIBc5sIv5lg7BnvCIY= | 139.45.197.239 | | 2 B |
URL oodrampi.com/sftouch?userId=0080559ddab8420cfe632c33674c4e03&z=6795341&p_rid=0b5d1a81-7e7e-4611-b690-90bc2aa902cf&p_src=sf&branchId=0&rb=UrSOZHFVCACiPoIfiSqWg1ENP5o4XiPdqm2E6PEER3d29Y2MEB77OCHabMpNLi6LK_OHexuiFB4-1LWytXwZssTmTcu6t3d4bCjaFTqn6Vbb0pxAp73wZ714FdMVZLm1zAzvSIyg7rNNLAffzwwrMy9plNtC32ppMxb-iWqL0WUkNUZ7MZ5t-xiEAmwZV5Jizx-H57L_DuKdHi4dC916eUVrsFIBc5sIv5lg7BnvCIY= IP139.45.197.239:0
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /sftouch?userId=0080559ddab8420cfe632c33674c4e03&z=6795341&p_rid=0b5d1a81-7e7e-4611-b690-90bc2aa902cf&p_src=sf&branchId=0&rb=UrSOZHFVCACiPoIfiSqWg1ENP5o4XiPdqm2E6PEER3d29Y2MEB77OCHabMpNLi6LK_OHexuiFB4-1LWytXwZssTmTcu6t3d4bCjaFTqn6Vbb0pxAp73wZ714FdMVZLm1zAzvSIyg7rNNLAffzwwrMy9plNtC32ppMxb-iWqL0WUkNUZ7MZ5t-xiEAmwZV5Jizx-H57L_DuKdHi4dC916eUVrsFIBc5sIv5lg7BnvCIY= HTTP/1.1
Host: oodrampi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oodrampi.com
DNT: 1
Connection: keep-alive
Referer: https://oodrampi.com/4/6795341?var=&clickid=cot5jc5ip8js431chveg
Cookie: OAID=0080559ddab8420cfe632c33674c4e03; oaidts=1715100080
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 16:41:20 GMT
content-type: text/plain
content-length: 2
x-trace-id: 86b36dc9d83ffb263535c5c095b66c58
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://oodrampi.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| oodrampi.com/favicon.ico | 139.45.197.239 | | 0 B |
IP139.45.197.239:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: oodrampi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oodrampi.com/4/6795341?var=&clickid=cot5jc5ip8js431chveg
Cookie: OAID=0080559ddab8420cfe632c33674c4e03; oaidts=1715100080
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 07 May 2024 16:41:20 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
|
|
| oodrampi.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=0b5d1a81-7e7e-4611-b690-90bc2aa902cf | 139.45.197.239 | | 12 B |
URL oodrampi.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=0b5d1a81-7e7e-4611-b690-90bc2aa902cf IP139.45.197.239:0
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=0b5d1a81-7e7e-4611-b690-90bc2aa902cf HTTP/1.1
Host: oodrampi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1415
Origin: https://oodrampi.com
DNT: 1
Connection: keep-alive
Referer: https://oodrampi.com/4/6795341?var=&clickid=cot5jc5ip8js431chveg
Cookie: OAID=0080559ddab8420cfe632c33674c4e03; oaidts=1715100080
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 16:41:20 GMT
content-type: application/json; charset=utf-8
content-length: 12
access-control-allow-origin: https://oodrampi.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=0080559ddab8420cfe632c33674c4e03&z=6795341&p_rid=0b5d1a81-7e7e-4611-b690-90bc2aa902cf&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=0080559ddab8420cfe632c33674c4e03&z=6795341&p_rid=0b5d1a81-7e7e-4611-b690-90bc2aa902cf&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=0080559ddab8420cfe632c33674c4e03&z=6795341&p_rid=0b5d1a81-7e7e-4611-b690-90bc2aa902cf&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oodrampi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 16:41:20 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080559ddab8420cfe632c33674c4e03; expires=Wed, 07 May 2025 16:41:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| oodrampi.com/?z=6795341&syncedCookie=true&rhd=false | 139.45.197.239 | 302 Found | 0 B |
URL User Request POST HTTP/2oodrampi.com/?z=6795341&syncedCookie=true&rhd=false IP139.45.197.239:443
CertificateIssuerLet's Encrypt Subjectoodrampi.com FingerprintFF:A4:93:48:F3:30:3C:F0:99:59:E8:DB:03:97:B4:AB:FE:40:1D:68 ValidityMon, 22 Apr 2024 05:31:51 GMT - Sun, 21 Jul 2024 05:31:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=6795341&syncedCookie=true&rhd=false HTTP/1.1
Host: oodrampi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 562
Origin: https://oodrampi.com
DNT: 1
Connection: keep-alive
Referer: https://oodrampi.com/afu.php?zoneid=6795341&var=6795341&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=0080559ddab8420cfe632c33674c4e03; oaidts=1715100080
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 07 May 2024 16:41:21 GMT
content-length: 0
location: https://secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=811751174742216941&cost=0.002670&zoneid=6795341&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0
x-trace-id: 28c1085abf624f7ec0f85a07b0555d35
link: <https://secureltrk.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://oodrampi.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080559ddab8420cfe632c33674c4e03; expires=Wed, 07 May 2025 16:41:21 GMT; path=/; secure; SameSite=None
oaidts=1715100080; expires=Wed, 07 May 2025 16:41:21 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 14 May 2024 16:41:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=811751174742216941&cost=0.002670&zoneid=6795341&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 | 176.97.112.149 | 307 Temporary Redirect | 0 B |
URL User Request GET HTTP/2secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=811751174742216941&cost=0.002670&zoneid=6795341&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 IP176.97.112.149:443 ASN#43180 Virtual Systems LLC
CertificateIssuerLet's Encrypt Subjectsecureltrk.com Fingerprint91:A8:57:2C:3B:9E:B5:B7:A7:E4:55:0C:08:59:E7:45:9D:A9:4C:9D ValidityFri, 22 Mar 2024 12:23:21 GMT - Thu, 20 Jun 2024 12:23:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?key=964a6cb724a8ed441ad5&visitor_id=811751174742216941&cost=0.002670&zoneid=6795341&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 HTTP/1.1
Host: secureltrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Tue, 07 May 2024 16:41:21 GMT
location: https://g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cot5jcda6vts73anjjng
server: Caddy
set-cookie: uclick=mryJk15bOts10LDyO2CYsRs81wF+BFYuO1zEz982kflYH0U41nZo+XwoBuR7+BX9CnYRZA==; Max-Age=31536000; SameSite=Lax
bcid=cot5jcda6vts73anjjng; Max-Age=31536000; SameSite=Lax
cid=cot5jcda6vts73anjjng; Max-Age=31536000; SameSite=Lax
x-request-id: 287bcfcd-7a2d-49c3-b6a9-f2988e1e66d7
content-length: 0
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/images/check-icon.png | 188.114.97.1 | 200 OK | 45 kB |
URL GET HTTP/3prfectnewoffers.net/images/check-icon.png IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typePNG image data, 900 x 520, 8-bit/color RGBA, non-interlaced Hash678be8aead34ae53e3a53f79ba30c820 a90e388c192e1287fb9132385e0e9960a1f7c15e 79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
GET /images/check-icon.png HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Imp2SndCT213MFwvZUdkNEVvZ3c4SEt3PT0iLCJ2YWx1ZSI6IlJUZkZcLzM0dzVVekhiYTQ0aHhpakRcL3NGR3h1d3J1WHNOVlg0OFBza1VcL0hrNUlOeDUxTzh1bjdGRkROMTQycDUiLCJtYWMiOiIyZGE0MjE1NTU0ZDg5NTFmYzFkNTg4ODE5YWRiMTFhODg4ZTE3ZGY3MzVhYjBkYTA5ZTI0Mzg5OWY4ODU3N2Q3In0%3D; c=eyJpdiI6ImhxNE93S0RKSExFTlV5b3dEOXVmQ3c9PSIsInZhbHVlIjoiZHJVVFptVlFTOXBrYVBPV0NnWjlibHl3c2JnZllad05MRkpGWVdpOUdPMXZKZDBITVJUN2RGa0NQbWRQdFplbiIsIm1hYyI6ImE1M2YzMzY3ZjQ0OGEzNzc3ODY5ZDZjNjJjMjQ1OWQ1NTlmZWZhZWNiMzUwYjk0OTdiOTQzNTA4MzIyNTdkMzMifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/png
content-length: 45018
last-modified: Fri, 26 Apr 2024 12:53:43 GMT
etag: "662ba3d7-afda"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 5065
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=asKL9ZtCuS12o0fu%2BSIF44Bda%2BlOsDfb0zOvR%2BRO3Zlsf%2BvpeqmIoYFWW7iYT4CCDhmvjUGBh9PR2zW82xDgYiidSqNfFjF7%2FDcAi5uFc98ORQRJFNMUFqsL85Iwk3MKclRMLiFY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802a839d8e256b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/css/flow.css?id=1a2dada5ba76c1b29ae1 | 188.114.97.1 | 200 OK | 642 B |
URL GET HTTP/3prfectnewoffers.net/css/flow.css?id=1a2dada5ba76c1b29ae1 IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeASCII text, with very long lines (311) Hash1a2dada5ba76c1b29ae13ddd11b16743 5076e9545fae3a01adce54e076706173de9f48c5 df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
GET /css/flow.css?id=1a2dada5ba76c1b29ae1 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Imp2SndCT213MFwvZUdkNEVvZ3c4SEt3PT0iLCJ2YWx1ZSI6IlJUZkZcLzM0dzVVekhiYTQ0aHhpakRcL3NGR3h1d3J1WHNOVlg0OFBza1VcL0hrNUlOeDUxTzh1bjdGRkROMTQycDUiLCJtYWMiOiIyZGE0MjE1NTU0ZDg5NTFmYzFkNTg4ODE5YWRiMTFhODg4ZTE3ZGY3MzVhYjBkYTA5ZTI0Mzg5OWY4ODU3N2Q3In0%3D; c=eyJpdiI6ImhxNE93S0RKSExFTlV5b3dEOXVmQ3c9PSIsInZhbHVlIjoiZHJVVFptVlFTOXBrYVBPV0NnWjlibHl3c2JnZllad05MRkpGWVdpOUdPMXZKZDBITVJUN2RGa0NQbWRQdFplbiIsIm1hYyI6ImE1M2YzMzY3ZjQ0OGEzNzc3ODY5ZDZjNjJjMjQ1OWQ1NTlmZWZhZWNiMzUwYjk0OTdiOTQzNTA4MzIyNTdkMzMifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 12:57:38 GMT
vary: Accept-Encoding
etag: W/"662ba4c2-181"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cache-control: max-age=14400
cf-cache-status: HIT
age: 4844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kr9zUwRi1JFd5E7aukdz12P%2F%2Fh0jLYTUvupatGisPam0MyvPFz6QPnObnAnITbRktONw6ilM%2Bt4xiuc%2BEYyEdfzClnQweShUQkBitfqz8WoW14iBuPsxmVil3MhOzjtSZZXydwRa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802a839d8d556b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png | 194.242.11.186 | 200 OK | 4.0 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 71 x 72, 8-bit/color RGBA, non-interlaced Hashaa55fd19e5efcaea20c5baf81e722bbc 6e5466aa0c4bf4586f1d6e53ae63f9c1fc1a3f56 3d25d49488fafac19a1fd40686a0d901d245e613db1d0b1ddb9a38fa101c659e
GET /43461/images/Icon-ionic-md-trophy.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/png
content-length: 3992
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "aa55fd19e5efcaea20c5baf81e722bbc"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000052d3ae9d438c6d95-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b73bf9f0b45-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 83b6de219096783104db2cbb7136e8c0
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png | 194.242.11.186 | 200 OK | 3.8 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 78 x 78, 8-bit/color RGBA, non-interlaced Hash2973d7d42cbc07bd0099eec135a5de96 a657b46c370c998c751368bd9231d9729e2b8d23 cd37a4eede36ce73ad4388f7f6a0483c87455e888b16eaee0c9e076abf7882dc
GET /43461/images/Icon-awesome-download.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/png
content-length: 3776
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "2973d7d42cbc07bd0099eec135a5de96"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000096a6b8a15cae6941-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b74dc1c0b55-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e2801000aeb17c32642caa80225a7084
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png | 194.242.11.186 | 200 OK | 3.7 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced Hashe26549054b8a37aff472cc3c68ca9f92 6d982d6d54f9f1af0ee1b88992dd25a16c66d77d 7cdbc2c72709df7bd0a11927adf1f751a7fc681d3e032267a2b9c4e328dcf40b
GET /43461/images/Icon-awesome-rocket.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/png
content-length: 3717
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "e26549054b8a37aff472cc3c68ca9f92"
last-modified: Wed, 13 Mar 2024 15:17:28 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001277ebaeb444c088-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 87f725d979d356c4-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2024 07:09:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 40da2cd9ecfad9704df412ffc1c1a4e6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Polygon-10.png | 194.242.11.186 | 200 OK | 465 B |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Polygon-10.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 46 x 69, 8-bit/color RGBA, non-interlaced Hash250d763ae00c38fc8d960305e2f11950 130acf813f4c80c9cc7db53decc8799c28e3eb43 d074af86e879deab518c017c9078083a6dc2214d6ca96b892c245bab5c94ceb1
GET /43461/images/Polygon-10.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/png
content-length: 465
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "250d763ae00c38fc8d960305e2f11950"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003cd7736e5659ab25-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 87b0bdba1c7756ae-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/27/2024 18:05:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d976f290420c4f1effb0d1902f461d50
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png | 194.242.11.186 | 200 OK | 405 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 960 x 795, 8-bit/color RGBA, non-interlaced Size405 kB (405350 bytes) Hashb961c9e7e178aa1bb10a1ed8bbc37f76 5a4ae86e986118b8792a85c6c561e07c1f23ee03 15775556fc3dd033df8b911c03448a47cc4e14f26e36aecc2ac378f76c9307d8
GET /43461/images/robot-and-phone-final-img.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/png
content-length: 405350
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "b961c9e7e178aa1bb10a1ed8bbc37f76"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000d699074756f91dc7-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 87f725dc9d3e56c9-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2024 07:09:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3dcedd84ea1600c6da6d8c193a817b30
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif | 194.242.11.186 | 200 OK | 18 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeGIF image data, version 89a, 64 x 64 Hash313d1440d21ae95e5dcfa2f447f14456 8c850ce459c6b12090b887f19b3d824f49049a23 f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb
GET /43461/images/0PTcCKIlgr.gif HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/gif
content-length: 17963
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "313d1440d21ae95e5dcfa2f447f14456"
last-modified: Wed, 13 Mar 2024 15:17:39 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000020d12b6785ad2760-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 877c41d2ee4e56be-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/21/2024 09:13:16
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bbe23cd79070a1a09b409917bb08f064
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| id.watchest.net/sw-check-permissions-20113.js?zoneId=7017084 | 188.114.96.1 | | 102 kB |
URL id.watchest.net/sw-check-permissions-20113.js?zoneId=7017084 IP188.114.96.1:0
Size102 kB (101601 bytes) Hash292994b7982a90285a39d650f09ed49c 41de17439ca91cfd9bf7ce1caef1626ca89232ee a4e2143521b7987224e24f4d0d814ac11f52f92f4ce9d1c568d7f3c7bc3d9f6f
GET /sw-check-permissions-20113.js?zoneId=7017084 HTTP/1.1
Host: id.watchest.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://id.watchest.net/mrs/?bvmToken=mabkPl-6V4nlb1eqjk65W-8EVgSZiFFEhZaWlqPHm2qBD2wRMfQNGCR1MOiqzlIoRxI12zYHpaVJEbDxA8T3yFOvd34RGPpM2lqokimQaNr7jD9IuUl5J3IJ7X_Mn__N4IDCNmovDcEChnmiJpRaBwNWAuEL6x1qpimrPw15CYy-8nGHBtF1VnjvVYGGnW3Gaov-GHbTK0I9crv8SgNIsSxVHWwaQL2rE291u6Pz6r-lLru2whMrzpiz6a1VWvXfkAbrjIJXJHFl4U2tbeIVBNLMZ4nY8ErX8fderCNX2FFykQzpmtXk5ELl4ydyhlT5xMkV_eRhsas60sjK8n-FAvk7U22wsPJdEwEnhFtj57-SmgXW2l9TBGxg_zh2PQnADFBXQ10ObMgjWPF8d9jL3WBM04tJvO74xdwCn7PeG3BKJHBkuQ1R2YuxOY5WF6XbgRO9OaSq-BKv_5nTws-wvckaAzj616QW4KFFiVy0Z4fH1rNet_pyLl38Ot7THFL9kuvWN8OiH6-ACugqGzY0cZ5MDXqsYR9s9pr8t00kQZayR6B252qUsOO5Nbswu1W0i0tm2GcmTVJ9UcnfmcKw1rUypjj-8vtGRTgnrlQzdpctHfKyZDP3eOk85MnakLryesFkTgeiIU34Y4I7Q_eadQgGyMJb8fakIrX80cbjBDSnzJn9Go6A1oTZVuVMSF_iYKOc2N7CPsr8cnnSAyAlm7uzl9Tvf3iCCUC4iC85SLt-fFStwFO37MEjz4W7ZUMpRPv6hQY94G5Hpjc4daJBa5WPMhdgxnWVgZCbJwaR0IfmSmNuafhX3JYOMoXl3Z4xzqdzbWWFI54nzv2R64N3pC-3SfX6A5oN1-60QASOfmiJS2D1Xpo3tqQoLPDkqPvNkjbsPV5dmEr-LRnZNW3rUPe6prG1-9fh6uDRZY_gQhdgPtzhd-tK66tt_wHoMIrTvCz1kHcsoYmQw2wwEjDgVAMh9ADLqTwKSnB4AvMUT-2p5Ng-sUBLkKofH-A7z3XkZh4IlVwr1ilh8fx_2I4Myc5mRRZSPPkQlCTDg4bIev6qrTjc3XKlc3QYvqKExN-xmLRRHIHhRxtrN2cBfXufXM7xNUiUv_4Lk2VHupf8uLEzK0SFqChXexsqcSow7lY_lCVNFEwVykw7anvw_WROS5GlglLqM9AECUsotDFSLtqLWdHdiSJqyW81eBSNakPVfclkqp--MaBuDDOBs9a-qtKHlNNHnXxP9HauFOS-DE3cw2x6VZSlvYx7SWHFZyQBJMY3qCSnXGAsGMcI1FHEriAZAp0GeKKNyUdv8p7D2gq7U6z29rj-MT2nYjxbnOmiiQdIYn1DFe4ZtzxSmAkhMK0-4_yViUudZGfI9rmpe5i4eEXrBH4qZbSMY0GgMok7Xu4cwLRaJPlze0MPI7Wt4AtJWAjOhlOQlndcwtKLUU5xDJWTRkILx8Eht2N2mcNCZl0XkKTfer3-uE92&l=bm65b9ac77a2be7&moid=811745753696313344&mrsx=cot5j9tip8js431chu4g&oxid=90a5170dc9c40af3fdbeecda8caded939d2030ce9abaeafedf7b5f2e347b21d69f542c9292d8e6ba3cf8c892d7b42361fcfd9ab3c7f53ef9d8478b35586779375a3822b368a1eaf01e68529528ce1e59e3aa7f7be06b3091181e4bc1c0939058553ebcec4fabf32ec50624805fb4a3bdec4fd353bc0ab2c00e8bfe276c19aafd&sid=b2ab689a-b0a0-4fbd-9ad4-e600fcb634cb&suid=6765106&var1=bvmproads-mtn&var2=chrome&var3=mobile&var4=Mozilla%2F5.0%28iPad&var5=&var6=4983132&var7=8167540&var8=visafone-ng&var9=ios17
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:41:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 19 Apr 2024 14:08:54 GMT
vary: Accept-Encoding
etag: W/"66227af6-236"
expires: Tue, 07 May 2024 21:27:35 GMT
cache-control: max-age=604800
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 587617
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8bPe9IhYTLDHZk3hz3jaxYOzTDri4xTbmgLUjQNDpy1SkNjWVrhrga3gZk6nYW4PeXdCUQ8zYPQ%2FGO0Xozai%2B0gl5PbrRlYr6%2FTLYLlq9oYuGNWZb5uSyk%2BJZOc1Ci7LCtU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802a7fd9f93b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mgkstatic33.b-cdn.net/43461/images/logo.png | 194.242.11.186 | 200 OK | 12 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/logo.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 436 x 130, 8-bit/color RGBA, non-interlaced Hash34156c9cf33b3a62f654c05dce790379 3e937d90138e64ceb158a1d7940e88551e7d3ae4 d13af073b360ef22d6fae9f4553a70389ba215b9d4dff52a9e2358417be6921c
GET /43461/images/logo.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/png
content-length: 12510
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "34156c9cf33b3a62f654c05dce790379"
last-modified: Wed, 13 Mar 2024 15:17:34 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000008b1c89a4d0b15148-0065f29eca-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 864461ec3802b51d-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/14/2024 12:49:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 250349cea8fffa622da0620cca375eda
cdn-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| oodrampi.com/4/6795341?var=&clickid=cot5jc5ip8js431chveg | 139.45.197.239 | | 19 kB |
URL oodrampi.com/4/6795341?var=&clickid=cot5jc5ip8js431chveg IP139.45.197.239:0
File typegzip compressed data, max speed, from Unix Hashaea17ba5929607d34fdd7a85f11e4cd8 d4c9a6d80b00cc1b5baaba71271ff0ffea23e59f a30c5f7358dc25726bd3b7ab674155d501744351d7bcf94974170eb83f903972
GET /4/6795341?var=&clickid=cot5jc5ip8js431chveg HTTP/1.1
Host: oodrampi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 16:41:20 GMT
content-type: text/html; charset=utf8
x-trace-id: 30bcae54fb1754dcefd6006ea7e894f5
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080559ddab8420cfe632c33674c4e03; expires=Wed, 07 May 2025 16:41:20 GMT; path=/; secure; SameSite=None
oaidts=1715100080; expires=Wed, 07 May 2025 16:41:20 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cot5jcda6vts73anjjng | 76.223.57.231 | 302 Found | 9.4 kB |
URL User Request GET HTTP/2g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cot5jcda6vts73anjjng IP76.223.57.231:443
CertificateIssuerLet's Encrypt Subjectg.mtrck.org FingerprintB1:97:7C:87:E0:27:AF:43:D2:96:20:A4:78:6D:0C:61:EF:62:F7:69 ValidityThu, 14 Mar 2024 05:51:05 GMT - Wed, 12 Jun 2024 05:51:04 GMT
Hashe2ef4644b224f01c8021f8ce81261b74 849f11aab6a451de827b2e4c3f6b2f8ceec6e45d 1d57a44d94afdb38a85b9543e9fecf70dc3b1159e2f206a6e9550970e4896a21
GET /c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cot5jcda6vts73anjjng HTTP/1.1
Host: g.mtrck.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Tue, 07 May 2024 16:41:21 GMT
location: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
server: Caddy, nginx
set-cookie: XSRF-TOKEN=eyJpdiI6IjdjNDlwdmRobVlxNkc2SFB3Zm5Va0E9PSIsInZhbHVlIjoiVWgzTElRNC92SzFJOXlwZ1hPMGhHL2kzSC9FRUdpTjRoZ3g3U29vd09RUTkwaGIzMUNIOEIvMFRjZFlaV1hpVmQ4MW12Uk1KRno2bDYyZ3FIaVVXUFRrczJ3cWJCY1NhbVYwNU1uYkpsT1ViV3hwNEZUUSt3TU9BQzJzNmEzazQiLCJtYWMiOiJkMWNiMWQ2MjczZGUwNTFlZGNkYTdmN2U2ZmQzMDlmNTAwMGM4NDNjZTM2MTRhYzI2MTM2ZTdiNjJkNDNkMTZlIiwidGFnIjoiIn0%3D; expires=Tue, 07-May-2024 18:41:21 GMT; Max-Age=7200; path=/; samesite=lax
clickbit_session=eyJpdiI6IjdjTXcxREhqd2NnVnNXdSt2MGhUU2c9PSIsInZhbHVlIjoiVlZTL1M5ZHZzZGlwSnJ6TVI5dkdoQmhDcHV4QVQ3cUpnbE9BWE9iUkR1eFJLdi96UXRHUG9yNEdSam5walJod3RKRzhjVEFWVmtRYzZSNW1PVndjNW1XbmlkSURacE4vN1UrcENOSm9wS3ZZUTJHakVOd0VEWEpGMDJRWmRyQTMiLCJtYWMiOiIzZDAwODk4YWVkNmRjMTI1NzhjODcwY2M0YjA1MTBhOWE3NDJiODQ0ODA3NGQyY2MyZTY2NjM3ZjQ0N2U1YTFkIiwidGFnIjoiIn0%3D; expires=Tue, 07-May-2024 18:41:21 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cid=eyJpdiI6IkJnWElKY2tTSFpNUEE2OEdWU0lxOFE9PSIsInZhbHVlIjoiWG5GS1NHOHFwMFZCQ0I0RXQxZFRKM0hvbkN1T204QTh2b2lwcUY4REVGR293cWJ1RGlTSm9uQW5oVC8zcXlLVG5xYmFOUVVTNnBKbldLelIrQU44cVE0VzVHS2pjbWxYNXNLNlNrZ2xTVVk9IiwibWFjIjoiMGUxZDA1NmYyYjc0OTUzNDAxZmNjZTU2NDFhZTM3NTEyMzFlOWYxZWYzMTQyNjJiOTUzNDZmOWY5MWU3YzYxMSIsInRhZyI6IiJ9; expires=Sun, 28-Aug-2078 02:58:00 GMT; Max-Age=1713780999; path=/; httponly; samesite=lax
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap | 142.250.74.106 | 200 OK | 4.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap IP142.250.74.106:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash8302b1576efba746bd0026d0805f3c83 1cac23dcc4059e576c2a01934d980621a5d88225 30e726d3e52d47f58fb685d56d2559224f21b220cb70107fab150ac877555cec
GET /css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 16:41:22 GMT
date: Tue, 07 May 2024 16:41:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/hero-img-new.jpg | 194.242.11.186 | 200 OK | 394 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/hero-img-new.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x935, components 3 Size394 kB (393575 bytes) Hash8867f07ab37b30a70556531fab9ab745 b38438f367b8db496568700d6f07ffc17a185151 d74199bd755af51a2080d1caad0f8655afebbd5da7b56ee3302699c7bd856b0a
GET /43461/images/hero-img-new.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/jpeg
content-length: 393575
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "8867f07ab37b30a70556531fab9ab745"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000001c2614e59fb41b02-0065f1c7cc-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 87f725f5199256c9-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2024 07:10:03
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: dfdb3117f0859ea9e56484824ec62f46
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-2.jpg | 194.242.11.186 | 200 OK | 242 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-2.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x788, components 3 Size242 kB (241782 bytes) Hash87ea1d39178e8229c5e1d3f4820d371b ffbc7e6774a0e1fdcbc0fa2dea5fa1ee91b2095f 762daaf85334b0f65ee1a790a52257782cef0f4481df7ce04715bfd2acf0f633
GET /43461/images/bg-img-2.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/jpeg
content-length: 241782
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "87ea1d39178e8229c5e1d3f4820d371b"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx0000090b60f5f7e80b015-0065f29eca-52830f45-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 87b0bdbe6fd55685-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/27/2024 18:05:31
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bbabc496e89f29dd659699bcd4369408
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-3.jpg | 194.242.11.186 | 200 OK | 246 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-3.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x473, components 3 Size246 kB (246271 bytes) Hash1b514cd6bf37cbbb0738a585510fd600 e171926ee51ece136dc499e19c1adbb118f26f35 9d89491bdea31bb858e17bb9add38046eefa867be00184f3b653798969e3a7ea
GET /43461/images/bg-img-3.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/jpeg
content-length: 246271
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "1b514cd6bf37cbbb0738a585510fd600"
last-modified: Wed, 13 Mar 2024 15:17:38 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000000225d7167c00f3db-0065f29eca-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8673df3bdb3556cb-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/20/2024 07:08:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cc7e5b0b539f8c3dec4bb80cde1a291d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/mockup-three-phone.png | 194.242.11.186 | 200 OK | 965 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/mockup-three-phone.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 1920 x 808, 8-bit/color RGBA, non-interlaced Size965 kB (964789 bytes) Hashd656e316c5f67a3d7eadc3a4e8a9c1f2 41d0a52bb6ad7351526c739589b85b9c275e963d 2236f4e50c3ddd56f65a30164785676c5d3a1569fa9297418679f25f6ff0bd90
GET /43461/images/mockup-three-phone.png HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/png
content-length: 964789
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "d656e316c5f67a3d7eadc3a4e8a9c1f2"
last-modified: Wed, 13 Mar 2024 15:17:29 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000002dd9f695ca30bbb0-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 87f731f95c8d5684-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2024 07:18:15
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2c3f9973164cbf97037ea1152e93b0fe
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/build/funnel.css | 194.242.11.186 | 200 OK | 396 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/build/funnel.css IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeASCII text, with very long lines (45962) Size396 kB (396196 bytes) Hash670878add58e57bb842fb7530256b6f7 4e642526889846d2b06727762c71c5ec59a60f16 8db1af5a48d72fa1716165f347f781448ac6228b5fd21ec8b9008c2758e87b83
GET /43461/build/funnel.css HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=3600
etag: W/"670878add58e57bb842fb7530256b6f7"
last-modified: Wed, 13 Mar 2024 15:17:25 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003038141ea2822112-0065f1c7cc-5280ad0f-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 877c41ce290a56be-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/21/2024 09:13:15
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c43a4edc7521e1237b269be955dea0aa
cdn-cache: REVALIDATED
content-encoding: br
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 | 188.114.97.1 | 200 OK | 71 kB |
URL GET HTTP/3prfectnewoffers.net/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typePNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced Hash416250f60d785a2e02f17e054d2e4e44 21572c9751e5a3dc20395befa0fcb349c32c4811 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
GET /images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99
Cookie: XSRF-TOKEN=eyJpdiI6Imp2SndCT213MFwvZUdkNEVvZ3c4SEt3PT0iLCJ2YWx1ZSI6IlJUZkZcLzM0dzVVekhiYTQ0aHhpakRcL3NGR3h1d3J1WHNOVlg0OFBza1VcL0hrNUlOeDUxTzh1bjdGRkROMTQycDUiLCJtYWMiOiIyZGE0MjE1NTU0ZDg5NTFmYzFkNTg4ODE5YWRiMTFhODg4ZTE3ZGY3MzVhYjBkYTA5ZTI0Mzg5OWY4ODU3N2Q3In0%3D; c=eyJpdiI6ImhxNE93S0RKSExFTlV5b3dEOXVmQ3c9PSIsInZhbHVlIjoiZHJVVFptVlFTOXBrYVBPV0NnWjlibHl3c2JnZllad05MRkpGWVdpOUdPMXZKZDBITVJUN2RGa0NQbWRQdFplbiIsIm1hYyI6ImE1M2YzMzY3ZjQ0OGEzNzc3ODY5ZDZjNjJjMjQ1OWQ1NTlmZWZhZWNiMzUwYjk0OTdiOTQzNTA4MzIyNTdkMzMifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 16:41:23 GMT
content-type: image/png
content-length: 70857
last-modified: Fri, 26 Apr 2024 12:57:10 GMT
etag: "662ba4a6-114c9"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
cache-control: max-age=14400
cf-cache-status: HIT
age: 4356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2GIfzE3BrSE3Q9e3assbzvdX1CnrrqJQzNsCdhS3HFGLcttKF8YMXgM41SIpK1x8lQNlTeREkMqumrQZKuSH4ANtRCJET6hQTwZOZW3EvvOM5ARBvGLXAhRYye%2BYo43e2WWHQjuS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802a840afad56b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static-133.b-cdn.net/43461/images/brush-stroke.svg | 194.242.11.186 | 200 OK | 96 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/brush-stroke.svg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash2affaa6cbada4631a14b44e4390b0358 e7ad09b7af15b3c1aaff622222a654343e358dfe d8783d3e7e17ac28d426e6d7b992027af21ba4f86976b1526b9a1e53a047d169
GET /43461/images/brush-stroke.svg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: W/"2affaa6cbada4631a14b44e4390b0358"
last-modified: Wed, 13 Mar 2024 15:17:35 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000005c4296c53e680ad2-0065f29eca-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b777a0b56ae-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 02ff7ddb2c56ac358e78b59657513390
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 301301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 301301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 301301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/favicon.png | 194.242.11.186 | 200 OK | 1.8 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/favicon.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash482ce499d40d67a9f4e12e5c992e98ce 9b8ce74d23795fdafa1bd6ca98a45a402e77dcc8 a7e3b96b4eab4a0a983b1db97750021b9d18574877b51f5a23a600514694a887
GET /43461/images/favicon.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:23 GMT
content-type: image/png
content-length: 1805
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "482ce499d40d67a9f4e12e5c992e98ce"
last-modified: Wed, 13 Mar 2024 15:17:45 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000931254d7e4b970d6-0065f1c7a0-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 874b2f61f8dd56ba-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/15/2024 10:17:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c286e9e89585c63af974b7d485e54a6e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png | 194.242.11.186 | 200 OK | 101 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 522 x 848, 8-bit/color RGBA, non-interlaced Size101 kB (101329 bytes) Hash8d3c7b42fdd79ef3c7d81aee046465c8 933e6035c9082dc87418519e8c4e6550c3f1d8a1 f6d18c1ec94df13f3f335ee98f1cdc6010656e117c6a5bd0b47812580c188123
GET /43461/images/phone-with-shadow-bitbotapp.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/png
content-length: 101329
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "8d3c7b42fdd79ef3c7d81aee046465c8"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001497924583aa2f5c-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc830eae56a4-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: eed054e014923c62616727e7558b2c3f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/event?hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3 | 188.114.97.1 | 201 Created | 2 B |
URL POST HTTP/3prfectnewoffers.net/event?hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3 IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /event?hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6ImdSMWFFd0cxb0k1T2FtYUdDaUkwdVE9PSIsInZhbHVlIjoiUFFOdkRXWDBsb2dYc3JmMVNPOUlLTEZPa1pZV1k0cUs0Q1wvaDJGS21uNW9tQ2ZqSkVDZGNOMDErZDEyXC96TW9WIiwibWFjIjoiMjUxNTEwNWVhM2ZlYThlOWNkOGRmYmMwZTRjYjBiMTA1NDZjYmExNDI4ZWE2MzJjNGYyMzU3OWMwNDBlMTRiMyJ9
Content-Length: 182
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6ImdSMWFFd0cxb0k1T2FtYUdDaUkwdVE9PSIsInZhbHVlIjoiUFFOdkRXWDBsb2dYc3JmMVNPOUlLTEZPa1pZV1k0cUs0Q1wvaDJGS21uNW9tQ2ZqSkVDZGNOMDErZDEyXC96TW9WIiwibWFjIjoiMjUxNTEwNWVhM2ZlYThlOWNkOGRmYmMwZTRjYjBiMTA1NDZjYmExNDI4ZWE2MzJjNGYyMzU3OWMwNDBlMTRiMyJ9; c=eyJpdiI6IjloT09DOHRCUFwvZGFoNWtrRVZta2N3PT0iLCJ2YWx1ZSI6IlRKc3pDVGZ3XC9sMUdWZGlOK3JEQnZiQ3RnTDlsMkhsWlJ4TkhLRTBcL092ZmxcL1VqejNUV0R6bXpCOUNSMUM5Z24iLCJtYWMiOiI5ZmZiZGQwZTgxMDVjMDg0YWVmN2RjMWUzNmQ1MWM5OWFiY2FlMTdjMzg2YmQxYjIyNmRkOGNmZGZkYzg0YjFlIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 201 Created
date: Tue, 07 May 2024 16:41:23 GMT
content-type: application/json
cache-control: no-cache, private
access-control-allow-origin: https://prfectnewoffers.net
vary: Origin
set-cookie: XSRF-TOKEN=eyJpdiI6ImV4bXFzbHdQTmpiRHVuXC9GQ3I2cjJRPT0iLCJ2YWx1ZSI6IkFOaXN0QkR1aFBwZDBwTWJLQUNzQlZURUFZb1NxMUJDRG5KMTFva0ljYkVYQTNzdFhMN2FcL2hqYWkrZG8zd3JHIiwibWFjIjoiNTAzMjZkODI0OTdhMDEwY2QyNWYwYzU3MDkwZTY2YmEwZGU4NWU4N2RmMGJmMzU4MmQ2NzMxMzc2YWY4MDhhNiJ9; expires=Tue, 07-May-2024 18:41:23 GMT; Max-Age=7200; path=/
c=eyJpdiI6IklJUTdqY1BmZEFMQjFLOEVnNUtkQlE9PSIsInZhbHVlIjoidEg1dFZtYTIrVTF0RlVJZ1ZxKzR3K1B0NWRNeHBiUlNVK2ZxYkQ1d0NUeUh6TXY0d2VINmQ3dlZyeThlNk1MNCIsIm1hYyI6IjJjMGIzZDE1OTNmMDZkMjYyNzZiZjYwOWVhZmU5ODU4NDNiNWZiODRmMTZiZDVjNDhjNzFjNDFlNDA1NGFlODIifQ%3D%3D; expires=Tue, 07-May-2024 18:41:23 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZM3JIekqLcA%2FzUr4Dprp964n9Olw%2BeIh44nxYoMmYr1sEM9Nq8qEdMEhkfnHXVDOfOJRl%2Fk%2Bu8B0E1N%2ByhPh27lrqwlSJmjAdmx5wRbvIhKo9qBUWOvzCvAwzEwCw92tQZqJxFW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802a841ca7456b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/js/redirect.js?id=7205070985cfaaa84a2b | 188.114.97.1 | 200 OK | 2.7 kB |
URL GET HTTP/3prfectnewoffers.net/js/redirect.js?id=7205070985cfaaa84a2b IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeJavaScript source, ASCII text, with very long lines (2812), with no line terminators Hashdb1ca2ad2cadb6217bca95f7084e4dfa 7f0c9879b54c9220d7f62014dfd96dd1eacdb7c8 28e07720845339964050f6b68fd46908907d911a6abc687e2a41fc220ebf4f99
GET /js/redirect.js?id=7205070985cfaaa84a2b HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Imp2SndCT213MFwvZUdkNEVvZ3c4SEt3PT0iLCJ2YWx1ZSI6IlJUZkZcLzM0dzVVekhiYTQ0aHhpakRcL3NGR3h1d3J1WHNOVlg0OFBza1VcL0hrNUlOeDUxTzh1bjdGRkROMTQycDUiLCJtYWMiOiIyZGE0MjE1NTU0ZDg5NTFmYzFkNTg4ODE5YWRiMTFhODg4ZTE3ZGY3MzVhYjBkYTA5ZTI0Mzg5OWY4ODU3N2Q3In0%3D; c=eyJpdiI6ImhxNE93S0RKSExFTlV5b3dEOXVmQ3c9PSIsInZhbHVlIjoiZHJVVFptVlFTOXBrYVBPV0NnWjlibHl3c2JnZllad05MRkpGWVdpOUdPMXZKZDBITVJUN2RGa0NQbWRQdFplbiIsIm1hYyI6ImE1M2YzMzY3ZjQ0OGEzNzc3ODY5ZDZjNjJjMjQ1OWQ1NTlmZWZhZWNiMzUwYjk0OTdiOTQzNTA4MzIyNTdkMzMifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Apr 2024 12:57:43 GMT
vary: Accept-Encoding
etag: W/"662ba4c7-ab2"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 5065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4fN0zODbWrunrxYBocADx4scr66WWJlcTiLnC5a3Or5osvOqVHD0nHeORLEW16kDyXH4RDeWMw4c90Zo1fiaFGx%2FiDFmymjNbiXYGUuJu%2FORS12B5ByZFJ7UlvN6KyeEp9n3K0qH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802a83a094356b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= | 188.114.97.1 | 200 OK | 30 kB |
URL User Request GET HTTP/2prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Imp2SndCT213MFwvZUdkNEVvZ3c4SEt3PT0iLCJ2YWx1ZSI6IlJUZkZcLzM0dzVVekhiYTQ0aHhpakRcL3NGR3h1d3J1WHNOVlg0OFBza1VcL0hrNUlOeDUxTzh1bjdGRkROMTQycDUiLCJtYWMiOiIyZGE0MjE1NTU0ZDg5NTFmYzFkNTg4ODE5YWRiMTFhODg4ZTE3ZGY3MzVhYjBkYTA5ZTI0Mzg5OWY4ODU3N2Q3In0%3D; expires=Tue, 07-May-2024 18:41:21 GMT; Max-Age=7200; path=/
c=eyJpdiI6ImhxNE93S0RKSExFTlV5b3dEOXVmQ3c9PSIsInZhbHVlIjoiZHJVVFptVlFTOXBrYVBPV0NnWjlibHl3c2JnZllad05MRkpGWVdpOUdPMXZKZDBITVJUN2RGa0NQbWRQdFplbiIsIm1hYyI6ImE1M2YzMzY3ZjQ0OGEzNzc3ODY5ZDZjNjJjMjQ1OWQ1NTlmZWZhZWNiMzUwYjk0OTdiOTQzNTA4MzIyNTdkMzMifQ%3D%3D; expires=Tue, 07-May-2024 18:41:21 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buksyuVVApvH2DFhZ58OXqcWmFlM5pskAdBS6R0wcuL3OhFR5rebkzhRMhKnu1zdKU%2BRlK4%2BdudGrxxo8RdMj6vb%2By80EXptCBAVaydrOt%2BgEN5Us1f1M4KWOIKhpSZgIboHhTA%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802a836eba8b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3prfectnewoffers.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Imp2SndCT213MFwvZUdkNEVvZ3c4SEt3PT0iLCJ2YWx1ZSI6IlJUZkZcLzM0dzVVekhiYTQ0aHhpakRcL3NGR3h1d3J1WHNOVlg0OFBza1VcL0hrNUlOeDUxTzh1bjdGRkROMTQycDUiLCJtYWMiOiIyZGE0MjE1NTU0ZDg5NTFmYzFkNTg4ODE5YWRiMTFhODg4ZTE3ZGY3MzVhYjBkYTA5ZTI0Mzg5OWY4ODU3N2Q3In0%3D; c=eyJpdiI6ImhxNE93S0RKSExFTlV5b3dEOXVmQ3c9PSIsInZhbHVlIjoiZHJVVFptVlFTOXBrYVBPV0NnWjlibHl3c2JnZllad05MRkpGWVdpOUdPMXZKZDBITVJUN2RGa0NQbWRQdFplbiIsIm1hYyI6ImE1M2YzMzY3ZjQ0OGEzNzc3ODY5ZDZjNjJjMjQ1OWQ1NTlmZWZhZWNiMzUwYjk0OTdiOTQzNTA4MzIyNTdkMzMifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: application/javascript
last-modified: Fri, 03 May 2024 17:58:00 GMT
etag: W/"663525a8-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BQjhUN5HUYIFNZI9Cypb4R0l9Gc3TYQZ9HaECmUnPsonSdEfONRrm71%2BkWiEbZZHmqHzTqAnn%2Bnvl0dGZWgcerOOT%2FKzzuLZg35x9Otz0GaVgviRSBXKZVYp0lN9Zlk2F8IY6mLZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802a83a094256b1-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 09 May 2024 16:41:22 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| static-133.b-cdn.net/43461/images/bg-img-4.jpg | 194.242.11.186 | 200 OK | 375 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-4.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x692, components 3 Size375 kB (374893 bytes) Hashca2af1e0db4ffa75dc11257debbca866 9a4ecbbbb46dc174daa5eb39d804d00914602fdf 26c2c413b4a6d8f79064e6a92528e0a886da3e41f99acf7e5b8a01ff082f3f97
GET /43461/images/bg-img-4.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/jpeg
content-length: 374893
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "ca2af1e0db4ffa75dc11257debbca866"
last-modified: Wed, 13 Mar 2024 15:17:41 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000003769d44dac3c04af-0065f1c7cc-5280acec-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 869c8b777cce0b55-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c62740752dfa558e9d0be9b43a26b439
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/build/funnel.js | 194.242.11.186 | 200 OK | 735 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/build/funnel.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
Size735 kB (735343 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /43461/build/funnel.js HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=3600
etag: W/"154334f976eb4c2bbea602efb4ad82ce"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000171f16e097b1d7c2-0065f29eca-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869b6440a89156bb-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 02:15:10
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f324e07c64a6fbac1402e87137f0f534
cdn-cache: REVALIDATED
content-encoding: br
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/locate | 188.114.97.1 | 200 OK | 144 B |
URL GET HTTP/3prfectnewoffers.net/locate IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hasha78c1f9242aa33a87bd5f7a7f6cf21af 61484ea912efce8fe8b9aef0eb79eacadecd0968 47ba1d847752b8b99d6b67a2eaa654648624b7035ae2780c5efcbb328b09749e
GET /locate HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6Imp2SndCT213MFwvZUdkNEVvZ3c4SEt3PT0iLCJ2YWx1ZSI6IlJUZkZcLzM0dzVVekhiYTQ0aHhpakRcL3NGR3h1d3J1WHNOVlg0OFBza1VcL0hrNUlOeDUxTzh1bjdGRkROMTQycDUiLCJtYWMiOiIyZGE0MjE1NTU0ZDg5NTFmYzFkNTg4ODE5YWRiMTFhODg4ZTE3ZGY3MzVhYjBkYTA5ZTI0Mzg5OWY4ODU3N2Q3In0=
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Imp2SndCT213MFwvZUdkNEVvZ3c4SEt3PT0iLCJ2YWx1ZSI6IlJUZkZcLzM0dzVVekhiYTQ0aHhpakRcL3NGR3h1d3J1WHNOVlg0OFBza1VcL0hrNUlOeDUxTzh1bjdGRkROMTQycDUiLCJtYWMiOiIyZGE0MjE1NTU0ZDg5NTFmYzFkNTg4ODE5YWRiMTFhODg4ZTE3ZGY3MzVhYjBkYTA5ZTI0Mzg5OWY4ODU3N2Q3In0%3D; c=eyJpdiI6ImhxNE93S0RKSExFTlV5b3dEOXVmQ3c9PSIsInZhbHVlIjoiZHJVVFptVlFTOXBrYVBPV0NnWjlibHl3c2JnZllad05MRkpGWVdpOUdPMXZKZDBITVJUN2RGa0NQbWRQdFplbiIsIm1hYyI6ImE1M2YzMzY3ZjQ0OGEzNzc3ODY5ZDZjNjJjMjQ1OWQ1NTlmZWZhZWNiMzUwYjk0OTdiOTQzNTA4MzIyNTdkMzMifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:41:23 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImdSMWFFd0cxb0k1T2FtYUdDaUkwdVE9PSIsInZhbHVlIjoiUFFOdkRXWDBsb2dYc3JmMVNPOUlLTEZPa1pZV1k0cUs0Q1wvaDJGS21uNW9tQ2ZqSkVDZGNOMDErZDEyXC96TW9WIiwibWFjIjoiMjUxNTEwNWVhM2ZlYThlOWNkOGRmYmMwZTRjYjBiMTA1NDZjYmExNDI4ZWE2MzJjNGYyMzU3OWMwNDBlMTRiMyJ9; expires=Tue, 07-May-2024 18:41:23 GMT; Max-Age=7200; path=/
c=eyJpdiI6IjloT09DOHRCUFwvZGFoNWtrRVZta2N3PT0iLCJ2YWx1ZSI6IlRKc3pDVGZ3XC9sMUdWZGlOK3JEQnZiQ3RnTDlsMkhsWlJ4TkhLRTBcL092ZmxcL1VqejNUV0R6bXpCOUNSMUM5Z24iLCJtYWMiOiI5ZmZiZGQwZTgxMDVjMDg0YWVmN2RjMWUzNmQ1MWM5OWFiY2FlMTdjMzg2YmQxYjIyNmRkOGNmZGZkYzg0YjFlIn0%3D; expires=Tue, 07-May-2024 18:41:23 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J49ddjyq9rClzxciihenMtlXhsf6YcLY7oo7dIDxQUdzUaunCujilqH6pasGACUAeeSPre0GbUoIWn6eTiPrwh6va6Whzs3riO8OLqmGD1rRMtUCDrqzjbzIA%2FnH2QWLnT5MVqUR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802a840afb056b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/js/l.js?id=f699e0c1aa11fe1bdd00 | 188.114.97.1 | 200 OK | 422 kB |
URL GET HTTP/3prfectnewoffers.net/js/l.js?id=f699e0c1aa11fe1bdd00 IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
Size422 kB (421698 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/l.js?id=f699e0c1aa11fe1bdd00 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Imp2SndCT213MFwvZUdkNEVvZ3c4SEt3PT0iLCJ2YWx1ZSI6IlJUZkZcLzM0dzVVekhiYTQ0aHhpakRcL3NGR3h1d3J1WHNOVlg0OFBza1VcL0hrNUlOeDUxTzh1bjdGRkROMTQycDUiLCJtYWMiOiIyZGE0MjE1NTU0ZDg5NTFmYzFkNTg4ODE5YWRiMTFhODg4ZTE3ZGY3MzVhYjBkYTA5ZTI0Mzg5OWY4ODU3N2Q3In0%3D; c=eyJpdiI6ImhxNE93S0RKSExFTlV5b3dEOXVmQ3c9PSIsInZhbHVlIjoiZHJVVFptVlFTOXBrYVBPV0NnWjlibHl3c2JnZllad05MRkpGWVdpOUdPMXZKZDBITVJUN2RGa0NQbWRQdFplbiIsIm1hYyI6ImE1M2YzMzY3ZjQ0OGEzNzc3ODY5ZDZjNjJjMjQ1OWQ1NTlmZWZhZWNiMzUwYjk0OTdiOTQzNTA4MzIyNTdkMzMifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Apr 2024 12:57:38 GMT
vary: Accept-Encoding
etag: W/"662ba4c2-66f42"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cache-control: max-age=14400
cf-cache-status: HIT
age: 5065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TUTbXyBTlWoJw%2BaNlJ3roeEZKu7eSQdjIrX6sEjhUQUp8%2B%2FgRSxTB5slbQvMfL%2FL%2BBHTm5PxowW%2FpBIL42ZcFRUwY62MpT28yFFJzPUmImeCU%2F9C03Pr6zIW8WtSqaMctgOOJS0y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802a83a094556b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/media/sad-face.svg | 188.114.97.1 | 200 OK | 1.5 kB |
URL GET HTTP/3prfectnewoffers.net/media/sad-face.svg IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeSVG Scalable Vector Graphics image Hashbdcbafe1e1645bbc976b921ce3bd9f4e 425452c8d3c086c51b181cfe80a301203864f62d cfe7deb082ac3df432e92adddb66f59764d147cfbd5862742a16cec471fa86f0
GET /media/sad-face.svg HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Imp2SndCT213MFwvZUdkNEVvZ3c4SEt3PT0iLCJ2YWx1ZSI6IlJUZkZcLzM0dzVVekhiYTQ0aHhpakRcL3NGR3h1d3J1WHNOVlg0OFBza1VcL0hrNUlOeDUxTzh1bjdGRkROMTQycDUiLCJtYWMiOiIyZGE0MjE1NTU0ZDg5NTFmYzFkNTg4ODE5YWRiMTFhODg4ZTE3ZGY3MzVhYjBkYTA5ZTI0Mzg5OWY4ODU3N2Q3In0%3D; c=eyJpdiI6ImhxNE93S0RKSExFTlV5b3dEOXVmQ3c9PSIsInZhbHVlIjoiZHJVVFptVlFTOXBrYVBPV0NnWjlibHl3c2JnZllad05MRkpGWVdpOUdPMXZKZDBITVJUN2RGa0NQbWRQdFplbiIsIm1hYyI6ImE1M2YzMzY3ZjQ0OGEzNzc3ODY5ZDZjNjJjMjQ1OWQ1NTlmZWZhZWNiMzUwYjk0OTdiOTQzNTA4MzIyNTdkMzMifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 12:57:10 GMT
vary: Accept-Encoding
etag: W/"662ba4a6-5dc"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
cache-control: max-age=14400
cf-cache-status: HIT
age: 5065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rNfHzsBtkqikQYkR3F0G89Sg0SizDQbTabOGNJllIZtagF4M8zJWxIphvTdq%2FwVOUGnrIkkWuWp00tF3s5BP%2FRl0BUGr0pMjdwnf76cRsOPRfJggP3Dm072INTeLqPKkowrvd3v2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802a83a093f56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99 | 188.114.97.1 | 200 OK | 22 kB |
URL GET HTTP/3prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99 IP188.114.97.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeASCII text, with very long lines (19895) Hashf996a15d4340ce7f6a994015a99c95d9 e59e2ce631dcf0619e149659a0052285e374def4 f93e02936033f95f052bec10b8041b15ec34b661a699957113f8646875c81718
GET /css/forms.css?id=f996a15d4340ce7f6a99 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bfcc91c-a7cf-42bd-b3dd-69422c150cf3&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Imp2SndCT213MFwvZUdkNEVvZ3c4SEt3PT0iLCJ2YWx1ZSI6IlJUZkZcLzM0dzVVekhiYTQ0aHhpakRcL3NGR3h1d3J1WHNOVlg0OFBza1VcL0hrNUlOeDUxTzh1bjdGRkROMTQycDUiLCJtYWMiOiIyZGE0MjE1NTU0ZDg5NTFmYzFkNTg4ODE5YWRiMTFhODg4ZTE3ZGY3MzVhYjBkYTA5ZTI0Mzg5OWY4ODU3N2Q3In0%3D; c=eyJpdiI6ImhxNE93S0RKSExFTlV5b3dEOXVmQ3c9PSIsInZhbHVlIjoiZHJVVFptVlFTOXBrYVBPV0NnWjlibHl3c2JnZllad05MRkpGWVdpOUdPMXZKZDBITVJUN2RGa0NQbWRQdFplbiIsIm1hYyI6ImE1M2YzMzY3ZjQ0OGEzNzc3ODY5ZDZjNjJjMjQ1OWQ1NTlmZWZhZWNiMzUwYjk0OTdiOTQzNTA4MzIyNTdkMzMifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 16:41:22 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 12:57:43 GMT
vary: Accept-Encoding
etag: W/"662ba4c7-570a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 4844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mb%2FHEzGbUZ45Y6gxuwdJIYiNQhQGtHdY0P%2Fxf%2FoIkQ3Gozo6yVrPLWK6%2FGaLW%2BEogluLRFfOp4LGd1gFPyyZ524ZSb6%2F6t8ifqhoQIo%2FZ9hHONchGAM%2FpJbDXReirwOqnttHJqQz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802a839d8cc56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|