| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf58a4b489ef65eff7896802c87e363e7 e7287b89b56c66407955bf95bd03133d2e5945d1 fb270cf16706247adde7efd430fe667555cb37ee35eae763593424a17c624bcd
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "FB270CF16706247ADDE7EFD430FE667555CB37EE35EAE763593424A17C624BCD"
Last-Modified: Sat, 20 Jul 2024 19:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13179
Expires: Tue, 23 Jul 2024 11:14:58 GMT
Date: Tue, 23 Jul 2024 07:35:19 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2f796f6340ac7eef4fa2891ac8f8aa1a 27bbc7bb6314b31dcab89f198bc258b040593aa7 778d02decabf7dff03bf5ec4c4eb0f03ac789e89bcfe58353c266c9d66c08834
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "778D02DECABF7DFF03BF5EC4C4EB0F03AC789E89BCFE58353C266C9D66C08834"
Last-Modified: Sat, 20 Jul 2024 19:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3056
Expires: Tue, 23 Jul 2024 08:26:15 GMT
Date: Tue, 23 Jul 2024 07:35:19 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash85a291090b5db764a5b5f1487dcb958f 9dadf7a0a7d6be86e491a10bbbc72c84f798cab9 60c84bb6c568871d3febe1e58c6aedf398fa06f5f7afc3e6087200be0a25ad3f
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "60C84BB6C568871D3FEBE1E58C6AEDF398FA06F5F7AFC3E6087200BE0A25AD3F"
Last-Modified: Sat, 20 Jul 2024 19:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2769
Expires: Tue, 23 Jul 2024 08:21:29 GMT
Date: Tue, 23 Jul 2024 07:35:20 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash41b470cfcb4d809b7689783076e07c76 919b05dba2523cc4b8e9a6e873fe777fd753ee1b 951ae19e1eb066355bf55ff2163f6d14b689088fa3dd443fb01d889bb28fe095
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "951AE19E1EB066355BF55FF2163F6D14B689088FA3DD443FB01D889BB28FE095"
Last-Modified: Sat, 20 Jul 2024 19:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6533
Expires: Tue, 23 Jul 2024 09:24:13 GMT
Date: Tue, 23 Jul 2024 07:35:20 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9a3c0834ea4fd9ade51ec3e78bd97d65 01f7dfe4326758f7e5c9bd1e9c0a6d4a0f4b064c 5945e38fd71959902ed4d5ee80d3311eb39de91d5319f88577699c486aa0aa70
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5945E38FD71959902ED4D5EE80D3311EB39DE91D5319F88577699C486AA0AA70"
Last-Modified: Tue, 23 Jul 2024 07:35:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21595
Expires: Tue, 23 Jul 2024 13:35:16 GMT
Date: Tue, 23 Jul 2024 07:35:21 GMT
Connection: keep-alive
|
|
| ofhoppipa.com/&mprtr=1 | 172.67.205.9 | | 95 B |
IP172.67.205.9:0
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
POST /&mprtr=1 HTTP/1.1
Host: ofhoppipa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ofhoppipa.com
DNT: 1
Connection: keep-alive
Referer: https://ofhoppipa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/3 404 Not Found
date: Tue, 23 Jul 2024 07:35:20 GMT
content-type: text/html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G76aUGKxe7oVVb20zEJmQmjDXTQ0iTcF1crrXDC6ACLLDbF9UIjSA0IK%2FwWXBOJ1yYDPpdNAaHStZ8ydE8veOjp3igrwwS15bny91K5jCgHy5CwAkaLGAhEs8gtIZFuN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a79fe432a0d0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| betshucklean.com/sftouch?userId=0080a2e007a741b0ec4e3a6ceca0e32b&z=3479550&p_rid=7bdcf512-f43d-4517-b2bd-e2e7a4acaa18&p_src=sf&branchId=0&rb=XAw8hHtw1PKd7VFDkFAPXDCVRSDQWwztyhpTZSc7X9lKQp61AfyK5LVUFrRZBRkAbEkP78dDNzE9xu3JZE8aYbhCCM7vx7QYtdfU9pVh-Ljiq4o78FCi6bFK1vYbJHGJ9Xi2PHkWpf6FOyYZ3C4Mw7kY1ZiphOUdq4-9NZOHABSlelEpOTD6uO_rS9Us4Hf1Gl4hxDM9ks_qtAzW0X23jxfsr-Rgv4BW5AkjOOqHT_4rMtvddoM1lCYu6burmPMk1h_ChCS149dQ2qTI | 139.45.197.236 | | 2 B |
URL betshucklean.com/sftouch?userId=0080a2e007a741b0ec4e3a6ceca0e32b&z=3479550&p_rid=7bdcf512-f43d-4517-b2bd-e2e7a4acaa18&p_src=sf&branchId=0&rb=XAw8hHtw1PKd7VFDkFAPXDCVRSDQWwztyhpTZSc7X9lKQp61AfyK5LVUFrRZBRkAbEkP78dDNzE9xu3JZE8aYbhCCM7vx7QYtdfU9pVh-Ljiq4o78FCi6bFK1vYbJHGJ9Xi2PHkWpf6FOyYZ3C4Mw7kY1ZiphOUdq4-9NZOHABSlelEpOTD6uO_rS9Us4Hf1Gl4hxDM9ks_qtAzW0X23jxfsr-Rgv4BW5AkjOOqHT_4rMtvddoM1lCYu6burmPMk1h_ChCS149dQ2qTI IP139.45.197.236:0
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /sftouch?userId=0080a2e007a741b0ec4e3a6ceca0e32b&z=3479550&p_rid=7bdcf512-f43d-4517-b2bd-e2e7a4acaa18&p_src=sf&branchId=0&rb=XAw8hHtw1PKd7VFDkFAPXDCVRSDQWwztyhpTZSc7X9lKQp61AfyK5LVUFrRZBRkAbEkP78dDNzE9xu3JZE8aYbhCCM7vx7QYtdfU9pVh-Ljiq4o78FCi6bFK1vYbJHGJ9Xi2PHkWpf6FOyYZ3C4Mw7kY1ZiphOUdq4-9NZOHABSlelEpOTD6uO_rS9Us4Hf1Gl4hxDM9ks_qtAzW0X23jxfsr-Rgv4BW5AkjOOqHT_4rMtvddoM1lCYu6burmPMk1h_ChCS149dQ2qTI HTTP/1.1
Host: betshucklean.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://betshucklean.com
DNT: 1
Connection: keep-alive
Referer: https://betshucklean.com/4/3479550&var=%7Bzoneid%7D
Cookie: OAID=0080a2e007a741b0ec4e3a6ceca0e32b; oaidts=1721720121
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Jul 2024 07:35:21 GMT
content-type: text/plain
content-length: 2
x-trace-id: 4dddb9ad3308c6b890152f68b9583fbb
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://betshucklean.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe342ae6acf76e270340bd98b6540ad2b 183b457360e09a86a3cc96a21820943fbce98ecb 728a59072794dfd311322813d72055b2e9a21895218827b31fe3a742c3cc9c1e
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "728A59072794DFD311322813D72055B2E9A21895218827B31FE3A742C3CC9C1E"
Last-Modified: Sat, 20 Jul 2024 19:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10880
Expires: Tue, 23 Jul 2024 10:36:41 GMT
Date: Tue, 23 Jul 2024 07:35:21 GMT
Connection: keep-alive
|
|
| my.rtmark.net/img.gif?f=merge&userId=0080a2e007a741b0ec4e3a6ceca0e32b&z=3479550&p_rid=7bdcf512-f43d-4517-b2bd-e2e7a4acaa18&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=0080a2e007a741b0ec4e3a6ceca0e32b&z=3479550&p_rid=7bdcf512-f43d-4517-b2bd-e2e7a4acaa18&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=0080a2e007a741b0ec4e3a6ceca0e32b&z=3479550&p_rid=7bdcf512-f43d-4517-b2bd-e2e7a4acaa18&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://betshucklean.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Jul 2024 07:35:21 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080a2e007a741b0ec4e3a6ceca0e32b; expires=Wed, 23 Jul 2025 07:35:21 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| betshucklean.com/favicon.ico | 139.45.197.236 | | 0 B |
URL betshucklean.com/favicon.ico IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: betshucklean.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://betshucklean.com/4/3479550&var=%7Bzoneid%7D
Cookie: OAID=0080a2e007a741b0ec4e3a6ceca0e32b; oaidts=1721720121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 23 Jul 2024 07:35:21 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
|
|
| betshucklean.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7bdcf512-f43d-4517-b2bd-e2e7a4acaa18 | 139.45.197.236 | | 12 B |
URL betshucklean.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7bdcf512-f43d-4517-b2bd-e2e7a4acaa18 IP139.45.197.236:0
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7bdcf512-f43d-4517-b2bd-e2e7a4acaa18 HTTP/1.1
Host: betshucklean.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1424
Origin: https://betshucklean.com
DNT: 1
Connection: keep-alive
Referer: https://betshucklean.com/4/3479550&var=%7Bzoneid%7D
Cookie: OAID=0080a2e007a741b0ec4e3a6ceca0e32b; oaidts=1721720121
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Jul 2024 07:35:21 GMT
content-type: application/json; charset=utf-8
content-length: 12
access-control-allow-origin: https://betshucklean.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| betshucklean.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7bdcf512-f43d-4517-b2bd-e2e7a4acaa18 | 139.45.197.236 | | 16 B |
URL betshucklean.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7bdcf512-f43d-4517-b2bd-e2e7a4acaa18 IP139.45.197.236:0
File typeASCII text, with no line terminators Hash7feadfe891c04432562e6d2b4d35f38a fc25b473cdcdf8551d51bed416dd604f3e1d158f e836cf151c055c64b3b2991de7067f3d9e925b51d1050e57ff93a7b88667031f
POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7bdcf512-f43d-4517-b2bd-e2e7a4acaa18 HTTP/1.1
Host: betshucklean.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 438
Origin: https://betshucklean.com
DNT: 1
Connection: keep-alive
Referer: https://betshucklean.com/4/3479550&var=%7Bzoneid%7D
Cookie: OAID=0080a2e007a741b0ec4e3a6ceca0e32b; oaidts=1721720121
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 23 Jul 2024 07:35:21 GMT
content-type: text/plain; charset=utf-8
content-length: 16
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://betshucklean.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| betshucklean.com/?z=3479550&syncedCookie=true&rhd=false | 139.45.197.236 | 302 Found | 0 B |
URL User Request POST HTTP/2betshucklean.com/?z=3479550&syncedCookie=true&rhd=false IP139.45.197.236:443
CertificateIssuerLet's Encrypt Subjectbetshucklean.com Fingerprint34:2E:10:83:AD:FF:BA:D1:2F:53:C2:D8:10:32:95:70:58:B5:CA:DF ValiditySun, 23 Jun 2024 19:32:56 GMT - Sat, 21 Sep 2024 19:32:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=3479550&syncedCookie=true&rhd=false HTTP/1.1
Host: betshucklean.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 613
Origin: https://betshucklean.com
DNT: 1
Connection: keep-alive
Referer: https://betshucklean.com/afu.php?zoneid=3479550&var=3479550&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=0080a2e007a741b0ec4e3a6ceca0e32b; oaidts=1721720121
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 23 Jul 2024 07:35:21 GMT
content-length: 0
location: https://secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=839517635917132245&cost=0.000960&zoneid=3479550&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0
x-trace-id: 6107b3a8c6a5e0abdc7cbcc6ba964a9e
link: <https://secureltrk.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://betshucklean.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080a2e007a741b0ec4e3a6ceca0e32b; expires=Wed, 23 Jul 2025 07:35:21 GMT; path=/; secure; SameSite=None
oaidts=1721720121; expires=Wed, 23 Jul 2025 07:35:21 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 30 Jul 2024 07:35:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=839517635917132245&cost=0.000960&zoneid=3479550&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 | 176.97.112.149 | 307 Temporary Redirect | 0 B |
URL User Request GET HTTP/2secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=839517635917132245&cost=0.000960&zoneid=3479550&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 IP176.97.112.149:443 ASN#43180 Virtual Systems LLC
CertificateIssuerLet's Encrypt Subjectsecureltrk.com Fingerprint62:EC:54:70:18:91:6F:B7:DC:11:33:B8:23:5B:E6:87:9F:4F:E2:6D ValiditySat, 20 Jul 2024 10:23:46 GMT - Fri, 18 Oct 2024 10:23:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?key=964a6cb724a8ed441ad5&visitor_id=839517635917132245&cost=0.000960&zoneid=3479550&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 HTTP/1.1
Host: secureltrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Tue, 23 Jul 2024 07:35:21 GMT
location: https://f.mtrck.org/c?aid=tnW1DR&lpid=9trgqE&aff_sub5b=cqflqeda6vts73bnp380
server: Caddy
set-cookie: uclick=nbXcllgKPNM1g+elO2CY4AeyQ6H9ZVPkacTQRzNEEPSuSdMO6jqbhrkhtnEvoWYc1aKpuQ==; Max-Age=31536000; SameSite=Lax
bcid=cqflqeda6vts73bnp380; Max-Age=31536000; SameSite=Lax
cid=cqflqeda6vts73bnp380; Max-Age=31536000; SameSite=Lax
x-request-id: 654db050-63a9-41a6-a60e-47901841c9a4
content-length: 0
X-Firefox-Spdy: h2
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashabdbb83f974102baaaa6f77ee331d442 053c22e9dce284413f8a2d4433748edbdd91b77b 23a21016e52b76d94858b277e1a729969fc7f0f66b9212013f3b1cd64fc2591c
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "23A21016E52B76D94858B277E1A729969FC7F0F66B9212013F3B1CD64FC2591C"
Last-Modified: Sat, 20 Jul 2024 19:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7741
Expires: Tue, 23 Jul 2024 09:44:23 GMT
Date: Tue, 23 Jul 2024 07:35:22 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashabdbb83f974102baaaa6f77ee331d442 053c22e9dce284413f8a2d4433748edbdd91b77b 23a21016e52b76d94858b277e1a729969fc7f0f66b9212013f3b1cd64fc2591c
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "23A21016E52B76D94858B277E1A729969FC7F0F66B9212013F3B1CD64FC2591C"
Last-Modified: Sat, 20 Jul 2024 19:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7741
Expires: Tue, 23 Jul 2024 09:44:23 GMT
Date: Tue, 23 Jul 2024 07:35:22 GMT
Connection: keep-alive
|
|
| greatnewoffers.org/images/check-icon.png | 104.21.22.209 | 200 OK | 45 kB |
URL GET HTTP/3greatnewoffers.org/images/check-icon.png IP104.21.22.209:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectgreatnewoffers.org Fingerprint42:77:8A:A9:91:0C:B1:8A:A7:FA:CE:41:75:D7:08:26:8B:CD:65:F6 ValidityMon, 27 May 2024 10:29:25 GMT - Sun, 25 Aug 2024 10:29:24 GMT
File typePNG image data, 900 x 520, 8-bit/color RGBA, non-interlaced Hash678be8aead34ae53e3a53f79ba30c820 a90e388c192e1287fb9132385e0e9960a1f7c15e 79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
GET /images/check-icon.png HTTP/1.1
Host: greatnewoffers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IitWMkVNZDBFcllLQ3dFK2EydEpiNVE9PSIsInZhbHVlIjoiZlwvZDdRV3VNbWJjSVJUTUt4NFwvc1hNMzVLczB5dCtLWEduaGs3ZVFDdXN6UGhGSzFiblBVRUZuTDNlT1pVUG4zIiwibWFjIjoiOGRlMGYxZjRhMjMzNDFhMDFhNWVkYjUyN2NmNzY5MDc5Y2ExNjYwNDljNzU1OGUyODM1OGU1YjRjN2VkMTA5MyJ9; c=eyJpdiI6ImtYK1cycmVCYWd2TUltZkMxU2dIclE9PSIsInZhbHVlIjoiUlF4MUZjaXZzb1k5NldPbzMrZ1lMaTI0ZUtPRTJBUXdoVzA3cko5K1ZYcXNcLzF5c3ExXC8yVmQweHc1cFZ5aGl1IiwibWFjIjoiOTg0ODg5YmYzNzM0MTkzMDZkMDM0YjlmNTQxOTAxYjRjMGVjMmU4NDM1MjQxY2E2ZjEzMzkwYzFhNzUxMmZjYyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: image/png
content-length: 45018
last-modified: Fri, 24 May 2024 08:55:02 GMT
etag: "665055e6-afda"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 2139
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2oPdPHcX4eDmSArAg8Yl%2Ffy5Rzx1s8ECEzfYcHgVfOY13EmHi4YjfhPbVejGM84fCaoegREYTa8geiWrnnYyKRb%2B8r94JQY34StSGzrvRJUU0qrAwr6Wk9Z1kOeAs0gJmE9cQM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a79fe4f4b73b4ff-OSL
alt-svc: h3=":443"; ma=86400
|
|
| greatnewoffers.org/css/flow.css?id=1a2dada5ba76c1b29ae1 | 104.21.22.209 | 200 OK | 678 B |
URL GET HTTP/3greatnewoffers.org/css/flow.css?id=1a2dada5ba76c1b29ae1 IP104.21.22.209:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectgreatnewoffers.org Fingerprint42:77:8A:A9:91:0C:B1:8A:A7:FA:CE:41:75:D7:08:26:8B:CD:65:F6 ValidityMon, 27 May 2024 10:29:25 GMT - Sun, 25 Aug 2024 10:29:24 GMT
File typegzip compressed data, from Unix Hash706a289b227e67a265c513a503e91dd6 e89021bc78c16d9623b598b739923542da8b0d3f c4a88ccc45e38ccb8952aeb0f80136f23debd5d4d75da674de5ccc0b2d6a14a5
GET /css/flow.css?id=1a2dada5ba76c1b29ae1 HTTP/1.1
Host: greatnewoffers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IitWMkVNZDBFcllLQ3dFK2EydEpiNVE9PSIsInZhbHVlIjoiZlwvZDdRV3VNbWJjSVJUTUt4NFwvc1hNMzVLczB5dCtLWEduaGs3ZVFDdXN6UGhGSzFiblBVRUZuTDNlT1pVUG4zIiwibWFjIjoiOGRlMGYxZjRhMjMzNDFhMDFhNWVkYjUyN2NmNzY5MDc5Y2ExNjYwNDljNzU1OGUyODM1OGU1YjRjN2VkMTA5MyJ9; c=eyJpdiI6ImtYK1cycmVCYWd2TUltZkMxU2dIclE9PSIsInZhbHVlIjoiUlF4MUZjaXZzb1k5NldPbzMrZ1lMaTI0ZUtPRTJBUXdoVzA3cko5K1ZYcXNcLzF5c3ExXC8yVmQweHc1cFZ5aGl1IiwibWFjIjoiOTg0ODg5YmYzNzM0MTkzMDZkMDM0YjlmNTQxOTAxYjRjMGVjMmU4NDM1MjQxY2E2ZjEzMzkwYzFhNzUxMmZjYyJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: text/css
last-modified: Fri, 24 May 2024 09:55:31 GMT
vary: Accept-Encoding
etag: W/"66506413-181"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2140
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z7tnurVD66bFphyVYntWHaEF4y16u8%2FgYc9rrpVfXfyaS%2B9t3pvWmZHUfIOS5Fjmt6EFvoLvWm1tXYIyeZBQ0Uq1o%2BtI9rj0R3PGqfTfL3%2B4IdJwqc59KCuDtRfd0Lh%2FrSm%2BVlI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a79fe4f4b6bb4ff-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mgkstatic33.b-cdn.net/43461/images/logo.png | 194.242.11.186 | 200 OK | 12 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/logo.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 436 x 130, 8-bit/color RGBA, non-interlaced Hash34156c9cf33b3a62f654c05dce790379 3e937d90138e64ceb158a1d7940e88551e7d3ae4 d13af073b360ef22d6fae9f4553a70389ba215b9d4dff52a9e2358417be6921c
GET /43461/images/logo.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: image/png
content-length: 12510
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "34156c9cf33b3a62f654c05dce790379"
last-modified: Wed, 13 Mar 2024 15:17:34 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000e4b359e3e2db22fb-0065fef988-539573f6-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71a920dfb7b4ed-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:19:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6bd42da40e3237ca4c4811677b6df942
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png | 194.242.11.186 | 200 OK | 3.8 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 78 x 78, 8-bit/color RGBA, non-interlaced Hash2973d7d42cbc07bd0099eec135a5de96 a657b46c370c998c751368bd9231d9729e2b8d23 cd37a4eede36ce73ad4388f7f6a0483c87455e888b16eaee0c9e076abf7882dc
GET /43461/images/Icon-awesome-download.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: image/png
content-length: 3776
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "2973d7d42cbc07bd0099eec135a5de96"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000096a6b8a15cae6941-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71a921ed82b511-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:19:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3f324296f8ed99577e1c0848d1d8cfbd
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png | 194.242.11.186 | 200 OK | 3.7 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced Hashe26549054b8a37aff472cc3c68ca9f92 6d982d6d54f9f1af0ee1b88992dd25a16c66d77d 7cdbc2c72709df7bd0a11927adf1f751a7fc681d3e032267a2b9c4e328dcf40b
GET /43461/images/Icon-awesome-rocket.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: image/png
content-length: 3717
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "e26549054b8a37aff472cc3c68ca9f92"
last-modified: Wed, 13 Mar 2024 15:17:28 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001277ebaeb444c088-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71a921ee5d568e-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:19:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d707989c3a145cbcb55e06fb7fef0a45
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png | 194.242.11.186 | 200 OK | 4.0 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 71 x 72, 8-bit/color RGBA, non-interlaced Hashaa55fd19e5efcaea20c5baf81e722bbc 6e5466aa0c4bf4586f1d6e53ae63f9c1fc1a3f56 3d25d49488fafac19a1fd40686a0d901d245e613db1d0b1ddb9a38fa101c659e
GET /43461/images/Icon-ionic-md-trophy.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: image/png
content-length: 3992
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "aa55fd19e5efcaea20c5baf81e722bbc"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000052d3ae9d438c6d95-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71a921dd9f7129-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:19:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3cfe6c341530878e3ae33e509d58d748
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png | 194.242.11.186 | 200 OK | 101 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 522 x 848, 8-bit/color RGBA, non-interlaced Size101 kB (101329 bytes) Hash8d3c7b42fdd79ef3c7d81aee046465c8 933e6035c9082dc87418519e8c4e6550c3f1d8a1 f6d18c1ec94df13f3f335ee98f1cdc6010656e117c6a5bd0b47812580c188123
GET /43461/images/phone-with-shadow-bitbotapp.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: image/png
content-length: 101329
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "8d3c7b42fdd79ef3c7d81aee046465c8"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001497924583aa2f5c-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71a921e88fb4ed-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:19:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3d106536d4fd417ca6dcbb49305ecc93
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png | 194.242.11.186 | 200 OK | 405 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 960 x 795, 8-bit/color RGBA, non-interlaced Size405 kB (405350 bytes) Hashb961c9e7e178aa1bb10a1ed8bbc37f76 5a4ae86e986118b8792a85c6c561e07c1f23ee03 15775556fc3dd033df8b911c03448a47cc4e14f26e36aecc2ac378f76c9307d8
GET /43461/images/robot-and-phone-final-img.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: image/png
content-length: 405350
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "b961c9e7e178aa1bb10a1ed8bbc37f76"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000d699074756f91dc7-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71a921e988b4f9-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:19:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cec6621d6572863e01e088435fa3b74e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| greatnewoffers.org/media/sad-face.svg | 104.21.22.209 | 200 OK | 1.1 kB |
URL GET HTTP/3greatnewoffers.org/media/sad-face.svg IP104.21.22.209:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectgreatnewoffers.org Fingerprint42:77:8A:A9:91:0C:B1:8A:A7:FA:CE:41:75:D7:08:26:8B:CD:65:F6 ValidityMon, 27 May 2024 10:29:25 GMT - Sun, 25 Aug 2024 10:29:24 GMT
File typegzip compressed data, from Unix Hash2536183ea4846fe553819b4fb036cc58 17242e27f9c3c64afc0027550077928042c5c013 e1b1a6109d79cf5a9e4150071bab13ed73ba0d0c3dbeaab208b1cfdfec9b3ba6
GET /media/sad-face.svg HTTP/1.1
Host: greatnewoffers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IitWMkVNZDBFcllLQ3dFK2EydEpiNVE9PSIsInZhbHVlIjoiZlwvZDdRV3VNbWJjSVJUTUt4NFwvc1hNMzVLczB5dCtLWEduaGs3ZVFDdXN6UGhGSzFiblBVRUZuTDNlT1pVUG4zIiwibWFjIjoiOGRlMGYxZjRhMjMzNDFhMDFhNWVkYjUyN2NmNzY5MDc5Y2ExNjYwNDljNzU1OGUyODM1OGU1YjRjN2VkMTA5MyJ9; c=eyJpdiI6ImtYK1cycmVCYWd2TUltZkMxU2dIclE9PSIsInZhbHVlIjoiUlF4MUZjaXZzb1k5NldPbzMrZ1lMaTI0ZUtPRTJBUXdoVzA3cko5K1ZYcXNcLzF5c3ExXC8yVmQweHc1cFZ5aGl1IiwibWFjIjoiOTg0ODg5YmYzNzM0MTkzMDZkMDM0YjlmNTQxOTAxYjRjMGVjMmU4NDM1MjQxY2E2ZjEzMzkwYzFhNzUxMmZjYyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: image/svg+xml
last-modified: Fri, 24 May 2024 09:55:31 GMT
vary: Accept-Encoding
etag: W/"66506413-5dc"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2139
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yY%2BHK5gFuQrrfMjcc2%2FnjG4OEq%2FGwjymSAYIpTCZU6QfS%2FRYb7u56gB0LezKmCfZRDSoI5R%2Bo%2BDbpoVO%2FMzj%2FjCqcmMxUbiat4TdSzfZCucLEAexDggQ4bJvyK2KridjeSCggVk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a79fe4f5b8ab4ff-OSL
alt-svc: h3=":443"; ma=86400
|
|
| greatnewoffers.org/js/redirect.js?id=7205070985cfaaa84a2b | 104.21.22.209 | 200 OK | 1.6 kB |
URL GET HTTP/3greatnewoffers.org/js/redirect.js?id=7205070985cfaaa84a2b IP104.21.22.209:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectgreatnewoffers.org Fingerprint42:77:8A:A9:91:0C:B1:8A:A7:FA:CE:41:75:D7:08:26:8B:CD:65:F6 ValidityMon, 27 May 2024 10:29:25 GMT - Sun, 25 Aug 2024 10:29:24 GMT
File typegzip compressed data, from Unix Hash441a57c3c86cbc12ab424362d984908c 49ec347c8ef9adcebf16b232166f2571257683e1 9fea3de0cbcd44690bba6a69c7151e1e76ae831ca9f9a622c9550ec152b5e4d6
GET /js/redirect.js?id=7205070985cfaaa84a2b HTTP/1.1
Host: greatnewoffers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IitWMkVNZDBFcllLQ3dFK2EydEpiNVE9PSIsInZhbHVlIjoiZlwvZDdRV3VNbWJjSVJUTUt4NFwvc1hNMzVLczB5dCtLWEduaGs3ZVFDdXN6UGhGSzFiblBVRUZuTDNlT1pVUG4zIiwibWFjIjoiOGRlMGYxZjRhMjMzNDFhMDFhNWVkYjUyN2NmNzY5MDc5Y2ExNjYwNDljNzU1OGUyODM1OGU1YjRjN2VkMTA5MyJ9; c=eyJpdiI6ImtYK1cycmVCYWd2TUltZkMxU2dIclE9PSIsInZhbHVlIjoiUlF4MUZjaXZzb1k5NldPbzMrZ1lMaTI0ZUtPRTJBUXdoVzA3cko5K1ZYcXNcLzF5c3ExXC8yVmQweHc1cFZ5aGl1IiwibWFjIjoiOTg0ODg5YmYzNzM0MTkzMDZkMDM0YjlmNTQxOTAxYjRjMGVjMmU4NDM1MjQxY2E2ZjEzMzkwYzFhNzUxMmZjYyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 24 May 2024 09:55:42 GMT
vary: Accept-Encoding
etag: W/"6650641e-ab2"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2139
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bh07uVm%2BfUpUUyH%2BkC26iQOH%2BAMm0iSpnvPJoiCNqIBh0TD9imLg63JRkLhrdrt%2FiSyyM2QiieiW%2FKFcfY%2Baksun%2BK%2Bcl4J3EeSAWdpC0s%2FR9j6wV%2B4gOH2eek%2BcGhnevsUTnO4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a79fe4f5b8cb4ff-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mgkstatic33.b-cdn.net/43461/images/Polygon-10.png | 194.242.11.186 | 200 OK | 465 B |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Polygon-10.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 46 x 69, 8-bit/color RGBA, non-interlaced Hash250d763ae00c38fc8d960305e2f11950 130acf813f4c80c9cc7db53decc8799c28e3eb43 d074af86e879deab518c017c9078083a6dc2214d6ca96b892c245bab5c94ceb1
GET /43461/images/Polygon-10.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: image/png
content-length: 465
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "250d763ae00c38fc8d960305e2f11950"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000105add3cb97a3b69-0065f29eca-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71a921ef20568a-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:19:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6f580298c6085d713cb8b2b59349c3d5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= | 104.21.22.209 | 200 OK | 26 kB |
URL User Request GET HTTP/2greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= IP104.21.22.209:443
CertificateIssuerLet's Encrypt Subjectgreatnewoffers.org Fingerprint42:77:8A:A9:91:0C:B1:8A:A7:FA:CE:41:75:D7:08:26:8B:CD:65:F6 ValidityMon, 27 May 2024 10:29:25 GMT - Sun, 25 Aug 2024 10:29:24 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (623) Hashcb0f53d0ea3d8a4230d4721267024f03 4dd286faaa7220fecce53bb47d23688615f86966 44a0f734ef7e1233c00065da93c6404101435e14cd1d87e01d80a0fb1e0fb8f6
GET /bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= HTTP/1.1
Host: greatnewoffers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IitWMkVNZDBFcllLQ3dFK2EydEpiNVE9PSIsInZhbHVlIjoiZlwvZDdRV3VNbWJjSVJUTUt4NFwvc1hNMzVLczB5dCtLWEduaGs3ZVFDdXN6UGhGSzFiblBVRUZuTDNlT1pVUG4zIiwibWFjIjoiOGRlMGYxZjRhMjMzNDFhMDFhNWVkYjUyN2NmNzY5MDc5Y2ExNjYwNDljNzU1OGUyODM1OGU1YjRjN2VkMTA5MyJ9; expires=Tue, 23-Jul-2024 09:35:22 GMT; Max-Age=7200; path=/
c=eyJpdiI6ImtYK1cycmVCYWd2TUltZkMxU2dIclE9PSIsInZhbHVlIjoiUlF4MUZjaXZzb1k5NldPbzMrZ1lMaTI0ZUtPRTJBUXdoVzA3cko5K1ZYcXNcLzF5c3ExXC8yVmQweHc1cFZ5aGl1IiwibWFjIjoiOTg0ODg5YmYzNzM0MTkzMDZkMDM0YjlmNTQxOTAxYjRjMGVjMmU4NDM1MjQxY2E2ZjEzMzkwYzFhNzUxMmZjYyJ9; expires=Tue, 23-Jul-2024 09:35:22 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQTlZ5EbJrFTyRva6NC1FFqQEDF4gwS8M0733gQZ2odqd8j3lURYn5Ib3BfEdkRrPmjEhFTjBAFKntuuvKwy2VdSLhy6BVlZBhaxzTR56PwzNTWDIRuqrN0LS6m1yVfW2y1CWYM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a79fe4c8bb7b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hashb714f7555261dae938703c6c875d7a69 d78e8e797a223230dc73e953e24d0ecea1d73a43 8c5737de70ae9e51eaf041c6b7d47966d13d040723de8d5a2d0bcc0a9c51a0b1
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 Jul 2024 07:35:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap | 142.250.74.106 | 200 OK | 4.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap IP142.250.74.106:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint8F:1C:80:D7:A7:FA:04:F3:EE:EF:70:FD:56:35:32:FD:55:AB:63:5F ValidityMon, 24 Jun 2024 07:40:53 GMT - Mon, 16 Sep 2024 07:40:52 GMT
File typegzip compressed data, max compression Hash055fab487642018bc9b113ade842f157 1ab8646db0040cf2cd71e5123ab5e5acae39f8a4 4e9d85121ce8c70a913d6b1169795dcc37d507627d3d375fbaf4e0a797bf82df
GET /css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 23 Jul 2024 07:35:23 GMT
date: Tue, 23 Jul 2024 07:35:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/build/funnel.js | 194.242.11.186 | 200 OK | 470 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/build/funnel.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65526), with no line terminators Size470 kB (470211 bytes) Hash154334f976eb4c2bbea602efb4ad82ce 419f09216939d9817c52e4f8f928e4e40c7e0cb4 c0bc7d84863d6352319f4638e7f027022d4e008ce7d0680148b6a884fcbdb8ca
GET /43461/build/funnel.js HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=3600
etag: W/"154334f976eb4c2bbea602efb4ad82ce"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000000a88ebb09c2fbef9-00661f9f49-564036ac-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71a9215d4f7129-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:19:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 844519d268de375307c15f999c2c589e
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/hero-img-new.jpg | 194.242.11.186 | 200 OK | 394 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/hero-img-new.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x935, components 3 Size394 kB (393575 bytes) Hash8867f07ab37b30a70556531fab9ab745 b38438f367b8db496568700d6f07ffc17a185151 d74199bd755af51a2080d1caad0f8655afebbd5da7b56ee3302699c7bd856b0a
GET /43461/images/hero-img-new.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:23 GMT
content-type: image/jpeg
content-length: 393575
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
age: 172
cache-control: max-age=3600
etag: "8867f07ab37b30a70556531fab9ab745"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000001c2614e59fb41b02-0065f1c7cc-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8a71ad55cd335697-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:21:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 92bc24af85cec4deac5ca3a1c2198458
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-2.jpg | 194.242.11.186 | 200 OK | 242 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-2.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x788, components 3 Size242 kB (241782 bytes) Hash87ea1d39178e8229c5e1d3f4820d371b ffbc7e6774a0e1fdcbc0fa2dea5fa1ee91b2095f 762daaf85334b0f65ee1a790a52257782cef0f4481df7ce04715bfd2acf0f633
GET /43461/images/bg-img-2.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:23 GMT
content-type: image/jpeg
content-length: 241782
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
age: 172
cache-control: max-age=3600
etag: "87ea1d39178e8229c5e1d3f4820d371b"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx0000090b60f5f7e80b015-0065f29eca-52830f45-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8a71ad55bdef569d-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:21:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f8ee49e7676ad3504f05f3b688e4dec5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/mockup-three-phone.png | 194.242.11.186 | 200 OK | 965 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/mockup-three-phone.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 1920 x 808, 8-bit/color RGBA, non-interlaced Size965 kB (964789 bytes) Hashd656e316c5f67a3d7eadc3a4e8a9c1f2 41d0a52bb6ad7351526c739589b85b9c275e963d 2236f4e50c3ddd56f65a30164785676c5d3a1569fa9297418679f25f6ff0bd90
GET /43461/images/mockup-three-phone.png HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:23 GMT
content-type: image/png
content-length: 964789
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
age: 172
cache-control: max-age=3600
etag: "d656e316c5f67a3d7eadc3a4e8a9c1f2"
last-modified: Wed, 13 Mar 2024 15:17:29 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000002dd9f695ca30bbb0-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71ad55be2d0b51-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:21:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: dfcf746f0086109f58ef7bfd0983b602
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| greatnewoffers.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 | 104.21.22.209 | 200 OK | 71 kB |
URL GET HTTP/3greatnewoffers.org/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 IP104.21.22.209:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectgreatnewoffers.org Fingerprint42:77:8A:A9:91:0C:B1:8A:A7:FA:CE:41:75:D7:08:26:8B:CD:65:F6 ValidityMon, 27 May 2024 10:29:25 GMT - Sun, 25 Aug 2024 10:29:24 GMT
File typePNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced Hash416250f60d785a2e02f17e054d2e4e44 21572c9751e5a3dc20395befa0fcb349c32c4811 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
GET /images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 HTTP/1.1
Host: greatnewoffers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/css/forms.css?id=f996a15d4340ce7f6a99
Cookie: XSRF-TOKEN=eyJpdiI6IitWMkVNZDBFcllLQ3dFK2EydEpiNVE9PSIsInZhbHVlIjoiZlwvZDdRV3VNbWJjSVJUTUt4NFwvc1hNMzVLczB5dCtLWEduaGs3ZVFDdXN6UGhGSzFiblBVRUZuTDNlT1pVUG4zIiwibWFjIjoiOGRlMGYxZjRhMjMzNDFhMDFhNWVkYjUyN2NmNzY5MDc5Y2ExNjYwNDljNzU1OGUyODM1OGU1YjRjN2VkMTA5MyJ9; c=eyJpdiI6ImtYK1cycmVCYWd2TUltZkMxU2dIclE9PSIsInZhbHVlIjoiUlF4MUZjaXZzb1k5NldPbzMrZ1lMaTI0ZUtPRTJBUXdoVzA3cko5K1ZYcXNcLzF5c3ExXC8yVmQweHc1cFZ5aGl1IiwibWFjIjoiOTg0ODg5YmYzNzM0MTkzMDZkMDM0YjlmNTQxOTAxYjRjMGVjMmU4NDM1MjQxY2E2ZjEzMzkwYzFhNzUxMmZjYyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Jul 2024 07:35:23 GMT
content-type: image/png
content-length: 70857
last-modified: Fri, 24 May 2024 09:55:42 GMT
etag: "6650641e-114c9"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cache-control: max-age=14400
cf-cache-status: HIT
age: 2140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l189LOa6dRgLA7Jsj%2BcLId6jVeAQQAT9oKkkCadSrptN8dXTC5xl%2FcUZQqAspkIc7n51R8raI9w8jFzu2vmVNW6b4NDEnR7p%2FjbPGL%2B%2BnRYxjV4s2l2VyNgAgc6WPFXmzrabkdM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a79fe55294bb4ff-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mgkstatic33.b-cdn.net/43461/build/funnel.css | 194.242.11.186 | 200 OK | 396 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/build/funnel.css IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeASCII text, with very long lines (45962) Size396 kB (396196 bytes) Hash670878add58e57bb842fb7530256b6f7 4e642526889846d2b06727762c71c5ec59a60f16 8db1af5a48d72fa1716165f347f781448ac6228b5fd21ec8b9008c2758e87b83
GET /43461/build/funnel.css HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=3600
etag: W/"670878add58e57bb842fb7530256b6f7"
last-modified: Wed, 13 Mar 2024 15:17:25 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000966e766f028b6eee-0066079b5c-54400db6-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71a920be0d568a-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:19:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d0e3ccffd2e00f905f3bd5dfc9ff399a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashe6c314eb686bed253260c40e91dc5c35 da964f06c2a99fb18fd4a260fcf87ce56083b0a8 0832780ac32df8102962d71dc203d6fb5024b19786f1bb679d5039f469f1bd85
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 Jul 2024 07:35:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09 ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://greatnewoffers.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Jul 2024 16:50:02 GMT
expires: Sat, 19 Jul 2025 16:50:02 GMT
cache-control: public, max-age=31536000
age: 312322
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashe6c314eb686bed253260c40e91dc5c35 da964f06c2a99fb18fd4a260fcf87ce56083b0a8 0832780ac32df8102962d71dc203d6fb5024b19786f1bb679d5039f469f1bd85
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 Jul 2024 07:35:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09 ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://greatnewoffers.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Jul 2024 16:50:02 GMT
expires: Sat, 19 Jul 2025 16:50:02 GMT
cache-control: public, max-age=31536000
age: 312322
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09 ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://greatnewoffers.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Jul 2024 16:50:02 GMT
expires: Sat, 19 Jul 2025 16:50:02 GMT
cache-control: public, max-age=31536000
age: 312322
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services Subject*.gstatic.com FingerprintEE:FE:75:C9:E5:09:76:EB:38:E8:5F:5F:31:DF:88:D1:BF:9A:93:09 ValidityMon, 24 Jun 2024 07:40:48 GMT - Mon, 16 Sep 2024 07:40:47 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://greatnewoffers.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Jul 2024 16:50:02 GMT
expires: Sat, 19 Jul 2025 16:50:02 GMT
cache-control: public, max-age=31536000
age: 312322
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashe6c314eb686bed253260c40e91dc5c35 da964f06c2a99fb18fd4a260fcf87ce56083b0a8 0832780ac32df8102962d71dc203d6fb5024b19786f1bb679d5039f469f1bd85
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 Jul 2024 07:35:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| mgkstatic33.b-cdn.net/43461/images/favicon.png | 194.242.11.186 | 200 OK | 1.8 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/favicon.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash482ce499d40d67a9f4e12e5c992e98ce 9b8ce74d23795fdafa1bd6ca98a45a402e77dcc8 a7e3b96b4eab4a0a983b1db97750021b9d18574877b51f5a23a600514694a887
GET /43461/images/favicon.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:24 GMT
content-type: image/png
content-length: 1805
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "482ce499d40d67a9f4e12e5c992e98ce"
last-modified: Wed, 13 Mar 2024 15:17:45 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000931254d7e4b970d6-0065f1c7a0-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71ae8378f15697-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:22:48
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bc2910baba88a53de197ddbb3edd2aa7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| f.mtrck.org/c?aid=tnW1DR&lpid=9trgqE&aff_sub5b=cqflqeda6vts73bnp380 | 76.223.52.236 | 302 Found | 15 kB |
URL User Request GET HTTP/2f.mtrck.org/c?aid=tnW1DR&lpid=9trgqE&aff_sub5b=cqflqeda6vts73bnp380 IP76.223.52.236:443
CertificateIssuerLet's Encrypt Subjectf.mtrck.org FingerprintE8:28:54:10:39:8A:88:F1:71:23:7E:A2:C6:19:30:FC:7A:DA:A5:18 ValidityFri, 21 Jun 2024 08:36:27 GMT - Thu, 19 Sep 2024 08:36:26 GMT
Hashca748599ad06aab47aa72a6d4347948e 00f3f4dd3882e3798d921cf97a9809f510d37d6c 4b727343419ffeae2334c1f4f6e69ac49c3e550db4fe19c565cfacc906c6b400
GET /c?aid=tnW1DR&lpid=9trgqE&aff_sub5b=cqflqeda6vts73bnp380 HTTP/1.1
Host: f.mtrck.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8a79fe4af85363c9-LHR
content-type: text/html; charset=UTF-8
date: Tue, 23 Jul 2024 07:35:22 GMT
location: https://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AawheD6j61sMvGh3y9X3jOwl7x0NiGD0z9PrD%2FJZFvjHNP0AErMArs2HQtc52caVHOf%2FbG2Jdewa5XFnyEr4LBU4WQwdXSE%2BiR%2FGlGVC44m8PRdPIO8zvvDnNsIcLrf3sm71fewMs6%2BghKMdyvKuDJkP87LHGylapXHMQeV2vqY%3D"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
set-cookie: XSRF-TOKEN=eyJpdiI6ImREbE8vRWNDK3RvRjljK0UzUjRGdHc9PSIsInZhbHVlIjoiY0tWS3QwTmg4OEtXZ25IQVp6QWgveUZBOHVTTFd5VW5Wa1BCVm5YWkQzM25rSXVzOHJVU21TUHVMc1lqU090MkVvMklQcVNQNTJNLy8xOWdzbGZXSm9rdkpIL1JxdDI2VnBLWldRK0txc2dpbHQ2RklKc01PTkluTFZyOHJ1YjEiLCJtYWMiOiI1NWMyYWNmZjQ1ODRmZDRiZWZhOTM0MTc5NjdiNTExZjM3YzAxNTc5ZGJjMDc3ODMyOGEzMGE2NThhMDQ5MGE0In0%3D; expires=Tue, 23-Jul-2024 09:35:22 GMT; Max-Age=7200; path=/; samesite=lax
XsEAkIrPUfiIDCI2mwBw2Kd0IpRuI7FZROxiTL3G=eyJpdiI6IkNOdm1ickxSZEdRTmtZUVR6L2tmVUE9PSIsInZhbHVlIjoiQmNzRm9nM0V4NXAvazI5SWdXaDhvL2tzNFlNeDFBSWR0Mm0zV2Nta1J4dG9oRFQvTXJBNzF3SkJFaWV1OWZ2OHlzM2Q5R1pWMGsxNU1NVHhKaGJqK0ZaeDFlcHRGanZpaFZZRFFkcHJPRWVKRi9xU1R1T2dnNkFiVzROOGcrQzkzU0U1MzZ4MzQwSmdGUWpTZzJ6ZVp6bUNHMnhZd1RnakwvK2UvVFVyRTlFQkhwcHVDbEVVSVJWNTE0ZDZyc1JBSmxOQUYyN29rbjhXUlRWWXFnaVp2elFqbmNYL2NXL3d6TEQ5cTE5VlNaM3M4ZHdyeGRLb0lDdlZFeWpWRWMwNTM2RlB1UzRpcVhtd2txUUFSd1JuWDIydDJvV1JJbXZCY1RxQjB0WlozSHplLy9YVTdmeXJsWEE0WkJHN2dqUFRZTW1mT2pGYWl1SDBEZW9ZWXYxQmxqYmJkam1yYkxWZ3N4dnJncFdwVStmYytjQnI0UVZYS3ZhbTBUWEMrbjFSUDBVWE13QjcyQVgyQ3FZVjZOS1RWeUFJYStMdHFwdFhiZ24xSU5JNWgzTzNMYlFrNmh5YVRIUnZDei83bCtkLyIsIm1hYyI6ImMwODcyZDM2ZGU3Y2FiZDAyZDY0MmFlMzM0NmIyZDIwYjQwMDliODM1MTYwNDhkZjIzYWY0ZjRjZWQ5MDIxYmUifQ%3D%3D; expires=Tue, 23-Jul-2024 09:35:22 GMT; Max-Age=7200; path=/; httponly; samesite=lax
clickbit_session=eyJpdiI6IjdseUtaWVhlVTZmNFoyaVFSZElkbHc9PSIsInZhbHVlIjoicTgweEMyc3VMem5EbmRCSG9HbDFrMS96eG5HaUV1SDd1UjN3V3RVRkhjRzRYWEZQRzZleXZjSndPRW1pTkJGRC82U3RhaUJhTUU4QzE0L3dUZEIyNEZ1MWZDellDcmM5WHJpeTk3bmFaeCtxN3pkZGExMG5nMkEyM3kwNGxRN0ciLCJtYWMiOiI2ZGEyMTEyODYwOGRiNWM5YWY4MDUxZDMyOTQxNDc0OTVlMTQzZmU3MmI3ODc4ZTM4OTk3NjJjODJhYTM2OTZiIn0%3D; expires=Tue, 23-Jul-2024 09:35:22 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cid=eyJpdiI6IlNuVy95SENGSG5hM2QzWVZXNStlZnc9PSIsInZhbHVlIjoiei9md3FkMVJTY2s1QXVZbmFXOWgxMkk5bnl6b3Z4cE9YTzUxSk1NWVdlSkZVYVBmdkphdVR4K0dYM0E2aDZoR1IwZnZObERGdkJtZnVzbzRzbjV1dzVIYXF1ZjROTzJFdTNUamJmRW1mUHM9IiwibWFjIjoiODEyMDA0MDM2NWE4YzA4Y2NjYjlmZjQ0NTJkYjZmMTJjZTcyN2UzMThhMTc5ZWFhODJjYmJjZmRkOWY4ZmIyMCJ9; expires=Sun, 12-Feb-2079 13:31:19 GMT; Max-Age=1721714157; path=/; httponly; samesite=lax
x-amz-apigw-id: bWuBHFrSjoEEplA=
x-amzn-remapped-date: Tue, 23 Jul 2024 07:35:22 GMT
x-amzn-requestid: de2d8fdb-9b87-416e-ad0d-460a9d76b1ad
x-amzn-trace-id: Root=1-669f5d3a-1d2c15e94443dfaf4ed1dfcf;Parent=7991b8e5df5573b3;Sampled=0;lineage=8d4e5672:0
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-4.jpg | 194.242.11.186 | 200 OK | 375 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-4.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x692, components 3 Size375 kB (374893 bytes) Hashca2af1e0db4ffa75dc11257debbca866 9a4ecbbbb46dc174daa5eb39d804d00914602fdf 26c2c413b4a6d8f79064e6a92528e0a886da3e41f99acf7e5b8a01ff082f3f97
GET /43461/images/bg-img-4.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:23 GMT
content-type: image/jpeg
content-length: 374893
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
age: 172
cache-control: max-age=3600
etag: "ca2af1e0db4ffa75dc11257debbca866"
last-modified: Wed, 13 Mar 2024 15:17:41 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx00000bc629637e760e29c-0065fef988-5395549c-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8a71ad55ba13b517-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:21:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 593f4c230fdd2f4f4431fa9a9a49ee2e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| greatnewoffers.org/event?hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e | 104.21.22.209 | 201 Created | 2 B |
URL POST HTTP/3greatnewoffers.org/event?hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e IP104.21.22.209:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectgreatnewoffers.org Fingerprint42:77:8A:A9:91:0C:B1:8A:A7:FA:CE:41:75:D7:08:26:8B:CD:65:F6 ValidityMon, 27 May 2024 10:29:25 GMT - Sun, 25 Aug 2024 10:29:24 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /event?hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e HTTP/1.1
Host: greatnewoffers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IjFidG1WNDR0a3RrY2hLUUxpdlpiTVE9PSIsInZhbHVlIjoidkxaSUFWRDdYRlhTcW9XQnpsVFlhN3BEZDIwRmhyang4dFZ4N2lhS2FaeTFoTU9mOElQRjVBMWVzbDVzalZsSCIsIm1hYyI6ImQ4ZmNjMDY3Zjc0YTkwNWEyNGY0OGFmOGRmYmJjNmYzNzM1NmFkNmU5NWRlNTAyNmNjYzcwMWNmZTVkMDhmOGYifQ==
Content-Length: 182
Origin: https://greatnewoffers.org
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IjFidG1WNDR0a3RrY2hLUUxpdlpiTVE9PSIsInZhbHVlIjoidkxaSUFWRDdYRlhTcW9XQnpsVFlhN3BEZDIwRmhyang4dFZ4N2lhS2FaeTFoTU9mOElQRjVBMWVzbDVzalZsSCIsIm1hYyI6ImQ4ZmNjMDY3Zjc0YTkwNWEyNGY0OGFmOGRmYmJjNmYzNzM1NmFkNmU5NWRlNTAyNmNjYzcwMWNmZTVkMDhmOGYifQ%3D%3D; c=eyJpdiI6IlQrU3ZrVm91Z21lS250MVJnbUtqdWc9PSIsInZhbHVlIjoiTXFmbjE4bnl1YytsK2pFNUlnbDhRRWl0VVY0ZzVQSzVDb3lKUlpRWDNCZlFtc3EyN3dZbElYYnhyaWlGRks2OCIsIm1hYyI6IjUyMmU3MjljZDA2ZGE3OWYzNmJiODk1MWNjYjcyZGY4YmQ5NjcyYzZlMGUzZWMzNDNkZTI4YzIwN2ZmMDZkNTEifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 201 Created
date: Tue, 23 Jul 2024 07:35:24 GMT
content-type: application/json
cache-control: no-cache, private
access-control-allow-origin: https://greatnewoffers.org
vary: Origin
set-cookie: XSRF-TOKEN=eyJpdiI6ImVTMHNCS3pGTDNwM2ZuM050K2pJN0E9PSIsInZhbHVlIjoiaWpvSnB2VXV0SjY1ZFBYYUVqK3c0SkhOZFBGTndpenBPSWFQUFhLbW16TWgyeDRWQWY2aWpQamdCWUkrN1BKSSIsIm1hYyI6IjI4ODMwOTBhODg2NzU5MWMxNTk5OTAyMDlhMWM0OTFiYmY4NzMyZDA5MjlhZGUyOGJhNTE4OTdhMGNkMTFjYTkifQ%3D%3D; expires=Tue, 23-Jul-2024 09:35:24 GMT; Max-Age=7200; path=/
c=eyJpdiI6IjRzNjVkZDMrbHVucDNyeUNhWHhBaVE9PSIsInZhbHVlIjoidFp0VmZheWtQOGdHRGdGbkZyRW40OHRYZldwa1ZYdFZ0bUVEQ1Fldjl3amNRNVQ0Rk9zK0YxcGlxRVN1UUpZSCIsIm1hYyI6ImViZGM2ZWQ2ZWU0ZDRiZDM0NjRhNmZjZGFjYzVkNjk4ZjRjYzAyYWQ1OGEzZmIyNzJhMWZiNmEyZjY5NDIxYmIifQ%3D%3D; expires=Tue, 23-Jul-2024 09:35:24 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhErze3EiBGHpmuMqHzv0Q2R%2BFWld%2BlRE9ZLpju%2BMRdWOHpNmpr2yrQhL2XayCEA6%2BWtEzuVABkZdx8GDSUX6IbSH0iRE43LEpGVR2ARDuFfT1kCmFCCdV5or8aqwncwLLfErcY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a79fe572b16b4ff-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static-133.b-cdn.net/43461/images/brush-stroke.svg | 194.242.11.186 | 200 OK | 124 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/brush-stroke.svg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size124 kB (124282 bytes) Hash2affaa6cbada4631a14b44e4390b0358 e7ad09b7af15b3c1aaff622222a654343e358dfe d8783d3e7e17ac28d426e6d7b992027af21ba4f86976b1526b9a1e53a047d169
GET /43461/images/brush-stroke.svg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
age: 172
cache-control: max-age=3600
etag: W/"2affaa6cbada4631a14b44e4390b0358"
last-modified: Wed, 13 Mar 2024 15:17:35 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000018478fc4a341b880-0065ff5d41-53a5af88-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71ad55b8ca569c-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:21:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5aca7899d990bbb16ace0c50f86096a5
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| greatnewoffers.org/css/forms.css?id=f996a15d4340ce7f6a99 | 104.21.22.209 | 200 OK | 22 kB |
URL GET HTTP/3greatnewoffers.org/css/forms.css?id=f996a15d4340ce7f6a99 IP104.21.22.209:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectgreatnewoffers.org Fingerprint42:77:8A:A9:91:0C:B1:8A:A7:FA:CE:41:75:D7:08:26:8B:CD:65:F6 ValidityMon, 27 May 2024 10:29:25 GMT - Sun, 25 Aug 2024 10:29:24 GMT
File typeASCII text, with very long lines (19895) Hashf996a15d4340ce7f6a994015a99c95d9 e59e2ce631dcf0619e149659a0052285e374def4 f93e02936033f95f052bec10b8041b15ec34b661a699957113f8646875c81718
GET /css/forms.css?id=f996a15d4340ce7f6a99 HTTP/1.1
Host: greatnewoffers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IitWMkVNZDBFcllLQ3dFK2EydEpiNVE9PSIsInZhbHVlIjoiZlwvZDdRV3VNbWJjSVJUTUt4NFwvc1hNMzVLczB5dCtLWEduaGs3ZVFDdXN6UGhGSzFiblBVRUZuTDNlT1pVUG4zIiwibWFjIjoiOGRlMGYxZjRhMjMzNDFhMDFhNWVkYjUyN2NmNzY5MDc5Y2ExNjYwNDljNzU1OGUyODM1OGU1YjRjN2VkMTA5MyJ9; c=eyJpdiI6ImtYK1cycmVCYWd2TUltZkMxU2dIclE9PSIsInZhbHVlIjoiUlF4MUZjaXZzb1k5NldPbzMrZ1lMaTI0ZUtPRTJBUXdoVzA3cko5K1ZYcXNcLzF5c3ExXC8yVmQweHc1cFZ5aGl1IiwibWFjIjoiOTg0ODg5YmYzNzM0MTkzMDZkMDM0YjlmNTQxOTAxYjRjMGVjMmU4NDM1MjQxY2E2ZjEzMzkwYzFhNzUxMmZjYyJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: text/css
last-modified: Fri, 24 May 2024 09:55:31 GMT
vary: Accept-Encoding
etag: W/"66506413-570a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2140
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnz96TkluLpCcKOJDQQ1UktN%2FW71%2BuBQwXFgTkmd51xSZiYvuLHN1oghK82s40uRwgEpqAngd2pInxhbfAn6igXfEwtLymUHWjdkhAE1yQEOLuHKcPyC%2FbwP0i8TvTlSCzUEN2I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a79fe4f4b69b4ff-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static-133.b-cdn.net/43461/images/bg-img-3.jpg | 194.242.11.186 | 200 OK | 246 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-3.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x473, components 3 Size246 kB (246271 bytes) Hash1b514cd6bf37cbbb0738a585510fd600 e171926ee51ece136dc499e19c1adbb118f26f35 9d89491bdea31bb858e17bb9add38046eefa867be00184f3b653798969e3a7ea
GET /43461/images/bg-img-3.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:23 GMT
content-type: image/jpeg
content-length: 246271
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
age: 172
cache-control: max-age=3600
etag: "1b514cd6bf37cbbb0738a585510fd600"
last-modified: Wed, 13 Mar 2024 15:17:38 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx00000dfa77b785a9bd03b-00660b6ef5-54aac786-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8a71ad55b899569a-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:21:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 295e4c740918dd60cd27186548befbfa
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| greatnewoffers.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 104.21.22.209 | 200 OK | 1.2 kB |
URL GET HTTP/3greatnewoffers.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP104.21.22.209:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectgreatnewoffers.org Fingerprint42:77:8A:A9:91:0C:B1:8A:A7:FA:CE:41:75:D7:08:26:8B:CD:65:F6 ValidityMon, 27 May 2024 10:29:25 GMT - Sun, 25 Aug 2024 10:29:24 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: greatnewoffers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IitWMkVNZDBFcllLQ3dFK2EydEpiNVE9PSIsInZhbHVlIjoiZlwvZDdRV3VNbWJjSVJUTUt4NFwvc1hNMzVLczB5dCtLWEduaGs3ZVFDdXN6UGhGSzFiblBVRUZuTDNlT1pVUG4zIiwibWFjIjoiOGRlMGYxZjRhMjMzNDFhMDFhNWVkYjUyN2NmNzY5MDc5Y2ExNjYwNDljNzU1OGUyODM1OGU1YjRjN2VkMTA5MyJ9; c=eyJpdiI6ImtYK1cycmVCYWd2TUltZkMxU2dIclE9PSIsInZhbHVlIjoiUlF4MUZjaXZzb1k5NldPbzMrZ1lMaTI0ZUtPRTJBUXdoVzA3cko5K1ZYcXNcLzF5c3ExXC8yVmQweHc1cFZ5aGl1IiwibWFjIjoiOTg0ODg5YmYzNzM0MTkzMDZkMDM0YjlmNTQxOTAxYjRjMGVjMmU4NDM1MjQxY2E2ZjEzMzkwYzFhNzUxMmZjYyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 17:12:08 GMT
etag: W/"6696a9e8-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGuKXfG003H849kr2O0EkHYZbGwbLYmcMLugGSKOkrSoFuIjeRNc%2Bwwlx9KGkuS94CyddIwTVhPiM1fJM%2Bx5QGoI1B8E1D5Z99GMdwBCDravT15EOznaXDOdnAniAiHonbO9Chs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a79fe4f5b8bb4ff-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 25 Jul 2024 07:35:22 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif | 194.242.11.186 | 200 OK | 18 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeGIF image data, version 89a, 64 x 64 Hash313d1440d21ae95e5dcfa2f447f14456 8c850ce459c6b12090b887f19b3d824f49049a23 f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb
GET /43461/images/0PTcCKIlgr.gif HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: image/gif
content-length: 17963
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "313d1440d21ae95e5dcfa2f447f14456"
last-modified: Wed, 13 Mar 2024 15:17:39 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000020d12b6785ad2760-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8a71a921ef28568a-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/22/2024 07:19:07
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: afd74a8da7a2c05c9e90fd66f7e9d6d1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| greatnewoffers.org/js/l.js?id=f699e0c1aa11fe1bdd00 | 104.21.22.209 | 200 OK | 422 kB |
URL GET HTTP/3greatnewoffers.org/js/l.js?id=f699e0c1aa11fe1bdd00 IP104.21.22.209:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectgreatnewoffers.org Fingerprint42:77:8A:A9:91:0C:B1:8A:A7:FA:CE:41:75:D7:08:26:8B:CD:65:F6 ValidityMon, 27 May 2024 10:29:25 GMT - Sun, 25 Aug 2024 10:29:24 GMT
Size422 kB (421698 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/l.js?id=f699e0c1aa11fe1bdd00 HTTP/1.1
Host: greatnewoffers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IitWMkVNZDBFcllLQ3dFK2EydEpiNVE9PSIsInZhbHVlIjoiZlwvZDdRV3VNbWJjSVJUTUt4NFwvc1hNMzVLczB5dCtLWEduaGs3ZVFDdXN6UGhGSzFiblBVRUZuTDNlT1pVUG4zIiwibWFjIjoiOGRlMGYxZjRhMjMzNDFhMDFhNWVkYjUyN2NmNzY5MDc5Y2ExNjYwNDljNzU1OGUyODM1OGU1YjRjN2VkMTA5MyJ9; c=eyJpdiI6ImtYK1cycmVCYWd2TUltZkMxU2dIclE9PSIsInZhbHVlIjoiUlF4MUZjaXZzb1k5NldPbzMrZ1lMaTI0ZUtPRTJBUXdoVzA3cko5K1ZYcXNcLzF5c3ExXC8yVmQweHc1cFZ5aGl1IiwibWFjIjoiOTg0ODg5YmYzNzM0MTkzMDZkMDM0YjlmNTQxOTAxYjRjMGVjMmU4NDM1MjQxY2E2ZjEzMzkwYzFhNzUxMmZjYyJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Jul 2024 07:35:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 24 May 2024 09:55:25 GMT
vary: Accept-Encoding
etag: W/"6650640d-66f42"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2139
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ByTIKTd1xYupnNRCDMTfcD9qpFh1WjnOGeZTvamBsrM2b7pccoVpkm9%2BjlSFYY5HagtLS2j%2Fus6go0XM0RnyF34TJVhrGlnp6j1dEML3oz8EPUIcs0Z26SIYF%2FuXkwuvVmwIRMI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a79fe4f5b8fb4ff-OSL
alt-svc: h3=":443"; ma=86400
|
|
| greatnewoffers.org/locate | 104.21.22.209 | 200 OK | 144 B |
URL GET HTTP/3greatnewoffers.org/locate IP104.21.22.209:443
Requested byhttps://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectgreatnewoffers.org Fingerprint42:77:8A:A9:91:0C:B1:8A:A7:FA:CE:41:75:D7:08:26:8B:CD:65:F6 ValidityMon, 27 May 2024 10:29:25 GMT - Sun, 25 Aug 2024 10:29:24 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hasha78c1f9242aa33a87bd5f7a7f6cf21af 61484ea912efce8fe8b9aef0eb79eacadecd0968 47ba1d847752b8b99d6b67a2eaa654648624b7035ae2780c5efcbb328b09749e
GET /locate HTTP/1.1
Host: greatnewoffers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IitWMkVNZDBFcllLQ3dFK2EydEpiNVE9PSIsInZhbHVlIjoiZlwvZDdRV3VNbWJjSVJUTUt4NFwvc1hNMzVLczB5dCtLWEduaGs3ZVFDdXN6UGhGSzFiblBVRUZuTDNlT1pVUG4zIiwibWFjIjoiOGRlMGYxZjRhMjMzNDFhMDFhNWVkYjUyN2NmNzY5MDc5Y2ExNjYwNDljNzU1OGUyODM1OGU1YjRjN2VkMTA5MyJ9
DNT: 1
Connection: keep-alive
Referer: https://greatnewoffers.org/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c96eba0-d81f-43c3-b074-c2cb93321c3e&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IitWMkVNZDBFcllLQ3dFK2EydEpiNVE9PSIsInZhbHVlIjoiZlwvZDdRV3VNbWJjSVJUTUt4NFwvc1hNMzVLczB5dCtLWEduaGs3ZVFDdXN6UGhGSzFiblBVRUZuTDNlT1pVUG4zIiwibWFjIjoiOGRlMGYxZjRhMjMzNDFhMDFhNWVkYjUyN2NmNzY5MDc5Y2ExNjYwNDljNzU1OGUyODM1OGU1YjRjN2VkMTA5MyJ9; c=eyJpdiI6ImtYK1cycmVCYWd2TUltZkMxU2dIclE9PSIsInZhbHVlIjoiUlF4MUZjaXZzb1k5NldPbzMrZ1lMaTI0ZUtPRTJBUXdoVzA3cko5K1ZYcXNcLzF5c3ExXC8yVmQweHc1cFZ5aGl1IiwibWFjIjoiOTg0ODg5YmYzNzM0MTkzMDZkMDM0YjlmNTQxOTAxYjRjMGVjMmU4NDM1MjQxY2E2ZjEzMzkwYzFhNzUxMmZjYyJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Jul 2024 07:35:23 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjFidG1WNDR0a3RrY2hLUUxpdlpiTVE9PSIsInZhbHVlIjoidkxaSUFWRDdYRlhTcW9XQnpsVFlhN3BEZDIwRmhyang4dFZ4N2lhS2FaeTFoTU9mOElQRjVBMWVzbDVzalZsSCIsIm1hYyI6ImQ4ZmNjMDY3Zjc0YTkwNWEyNGY0OGFmOGRmYmJjNmYzNzM1NmFkNmU5NWRlNTAyNmNjYzcwMWNmZTVkMDhmOGYifQ%3D%3D; expires=Tue, 23-Jul-2024 09:35:23 GMT; Max-Age=7200; path=/
c=eyJpdiI6IlQrU3ZrVm91Z21lS250MVJnbUtqdWc9PSIsInZhbHVlIjoiTXFmbjE4bnl1YytsK2pFNUlnbDhRRWl0VVY0ZzVQSzVDb3lKUlpRWDNCZlFtc3EyN3dZbElYYnhyaWlGRks2OCIsIm1hYyI6IjUyMmU3MjljZDA2ZGE3OWYzNmJiODk1MWNjYjcyZGY4YmQ5NjcyYzZlMGUzZWMzNDNkZTI4YzIwN2ZmMDZkNTEifQ%3D%3D; expires=Tue, 23-Jul-2024 09:35:23 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qVgKqgSuk1XKfSKIktcq%2FTJaRBXpNr4E1OAsEMpKIX1%2By9jEhxIFG6pAADynu3FMS6UM%2FckEKP7hFhjMlX6DKIMrxlhlTewXCpR3GG6wcawzPD4CBJybg61%2FKuzXscF%2BlmdxjEU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a79fe55294cb4ff-OSL
alt-svc: h3=":443"; ma=86400
|
|