| contentedsensationalprincipal.com/v9wjfjwk?adb=n&adb=n&dev=e&key=20c997094b63bcb63d47b490a04a86a4&kw=[%22kissasian%22,%22watch%22,%22asian%22,%22drama%22,%22and%22,%22shows%22,%22free%22,%22in%22,%22english%22,%22sub%22,%22official%22]&psid=kissasian.com.lv,kissasian.com.lv&refer=https://kissasian.com.lv/&res=14.1055&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tgkmft=52&tz=10&v=24.5.6485 | 192.243.59.12 | | 1.7 kB |
URL contentedsensationalprincipal.com/v9wjfjwk?adb=n&adb=n&dev=e&key=20c997094b63bcb63d47b490a04a86a4&kw=[%22kissasian%22,%22watch%22,%22asian%22,%22drama%22,%22and%22,%22shows%22,%22free%22,%22in%22,%22english%22,%22sub%22,%22official%22]&psid=kissasian.com.lv,kissasian.com.lv&refer=https://kissasian.com.lv/&res=14.1055&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tgkmft=52&tz=10&v=24.5.6485 IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document, ASCII text, with very long lines (882) Hash24a1a643671ba8f01f5ec2444732d7c7 b20e4971dc7aa5423e6f5be04d2296c0b7fad401 7c5c32fc76883082bd1388fc5f81b226bcfe000e52cdb0f4c018b75c28688634
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v9wjfjwk?adb=n&adb=n&dev=e&key=20c997094b63bcb63d47b490a04a86a4&kw=[%22kissasian%22,%22watch%22,%22asian%22,%22drama%22,%22and%22,%22shows%22,%22free%22,%22in%22,%22english%22,%22sub%22,%22official%22]&psid=kissasian.com.lv,kissasian.com.lv&refer=https://kissasian.com.lv/&res=14.1055&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tgkmft=52&tz=10&v=24.5.6485 HTTP/1.1
Host: contentedsensationalprincipal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 07:45:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=22762311; expires=Sat, 11 May 2024 07:45:00 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjc2MjMxMSwiayI6IjIwYzk5NzA5NGI2M2JjYjYzZDQ3YjQ5MGEwNGE4NmE0Iiwic2lkIjoia2lzc2FzaWFuLmNvbS5sdixraXNzYXNpYW4uY29tLmx2IiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjg5MTc3LCJwaWQiOjE3NTA4NDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjIsImFpZCI6MjgsInB0Ijo0LCJwayI6InY5d2pmandrIiwiY3BrcyI6eyIyOSI6IjU3ZWE0ODYwYTg5MTZhNjc0ZDZhYTdhMzRkZGQ5M2I0In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2tpc3Nhc2lhbi5jb20ubHYvIiwiYXIiOltdfX0.Ojy5GxEK7tewvN0xbRD5Uem37vnveDqueLKoQZXs3i4; expires=Fri, 10 May 2024 07:46:00 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 03d5fb52e592ea020e49002c13e56dba
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| contentedsensationalprincipal.com/api/users?token=L3Y5d2pmandrP2FkYj1uJmRldj1lJmtleT0yMGM5OTcwOTRiNjNiY2I2M2Q0N2I0OTBhMDRhODZhNCZrdz0lNUIlMjJraXNzYXNpYW4lMjIlMkMlMjJ3YXRjaCUyMiUyQyUyMmFzaWFuJTIyJTJDJTIyZHJhbWElMjIlMkMlMjJhbmQlMjIlMkMlMjJzaG93cyUyMiUyQyUyMmZyZWUlMjIlMkMlMjJpbiUyMiUyQyUyMmVuZ2xpc2glMjIlMkMlMjJzdWIlMjIlMkMlMjJvZmZpY2lhbCUyMiU1RCZwc2lkPWtpc3Nhc2lhbi5jb20ubHYlMkNraXNzYXNpYW4uY29tLmx2JnBzdD0xNzE1MzI3MTYwJnJlZmVyPWh0dHBzJTNBJTJGJTJGa2lzc2FzaWFuLmNvbS5sdiUyRiZyZXM9MTQuMTA1NSZybXRjPXQmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MTkyMCZzaGlwPSZzaHU9MjZlNzY2NzVhZDA1ZGI1YTZjNTlkOWYwYmJkZDIwMzZmMjE1MDJlYTExNzYwYjA4ZWIwNjQ3MmU4NGJiMDhmZDM0OGI4YmJiM2JiNzRkNzYzMjIzYzNlNDgxNTdmZGMzMjFhYzAwZGI1NjgyMDc2MGZlMjM4ODY1OGQ1ZThlOTc1ZTY4MmVlZWNhOWMwOTdjZjU5ZjM2OWYxY2M5YmU0YmI4NjgwNThiNzY3NzkxNjcwZjQwMDVhZWQzY2NhMDcyOTNjN2I1JnN1YjM9aW52b2tlX2xheWVyJnRna21mdD01MiZ0ej0xMCZ2PTI0LjUuNjQ4NQ&uuid=&pii=&in=false | 172.240.253.132 | | 0 B |
URL contentedsensationalprincipal.com/api/users?token=L3Y5d2pmandrP2FkYj1uJmRldj1lJmtleT0yMGM5OTcwOTRiNjNiY2I2M2Q0N2I0OTBhMDRhODZhNCZrdz0lNUIlMjJraXNzYXNpYW4lMjIlMkMlMjJ3YXRjaCUyMiUyQyUyMmFzaWFuJTIyJTJDJTIyZHJhbWElMjIlMkMlMjJhbmQlMjIlMkMlMjJzaG93cyUyMiUyQyUyMmZyZWUlMjIlMkMlMjJpbiUyMiUyQyUyMmVuZ2xpc2glMjIlMkMlMjJzdWIlMjIlMkMlMjJvZmZpY2lhbCUyMiU1RCZwc2lkPWtpc3Nhc2lhbi5jb20ubHYlMkNraXNzYXNpYW4uY29tLmx2JnBzdD0xNzE1MzI3MTYwJnJlZmVyPWh0dHBzJTNBJTJGJTJGa2lzc2FzaWFuLmNvbS5sdiUyRiZyZXM9MTQuMTA1NSZybXRjPXQmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MTkyMCZzaGlwPSZzaHU9MjZlNzY2NzVhZDA1ZGI1YTZjNTlkOWYwYmJkZDIwMzZmMjE1MDJlYTExNzYwYjA4ZWIwNjQ3MmU4NGJiMDhmZDM0OGI4YmJiM2JiNzRkNzYzMjIzYzNlNDgxNTdmZGMzMjFhYzAwZGI1NjgyMDc2MGZlMjM4ODY1OGQ1ZThlOTc1ZTY4MmVlZWNhOWMwOTdjZjU5ZjM2OWYxY2M5YmU0YmI4NjgwNThiNzY3NzkxNjcwZjQwMDVhZWQzY2NhMDcyOTNjN2I1JnN1YjM9aW52b2tlX2xheWVyJnRna21mdD01MiZ0ej0xMCZ2PTI0LjUuNjQ4NQ&uuid=&pii=&in=false IP172.240.253.132:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=L3Y5d2pmandrP2FkYj1uJmRldj1lJmtleT0yMGM5OTcwOTRiNjNiY2I2M2Q0N2I0OTBhMDRhODZhNCZrdz0lNUIlMjJraXNzYXNpYW4lMjIlMkMlMjJ3YXRjaCUyMiUyQyUyMmFzaWFuJTIyJTJDJTIyZHJhbWElMjIlMkMlMjJhbmQlMjIlMkMlMjJzaG93cyUyMiUyQyUyMmZyZWUlMjIlMkMlMjJpbiUyMiUyQyUyMmVuZ2xpc2glMjIlMkMlMjJzdWIlMjIlMkMlMjJvZmZpY2lhbCUyMiU1RCZwc2lkPWtpc3Nhc2lhbi5jb20ubHYlMkNraXNzYXNpYW4uY29tLmx2JnBzdD0xNzE1MzI3MTYwJnJlZmVyPWh0dHBzJTNBJTJGJTJGa2lzc2FzaWFuLmNvbS5sdiUyRiZyZXM9MTQuMTA1NSZybXRjPXQmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MTkyMCZzaGlwPSZzaHU9MjZlNzY2NzVhZDA1ZGI1YTZjNTlkOWYwYmJkZDIwMzZmMjE1MDJlYTExNzYwYjA4ZWIwNjQ3MmU4NGJiMDhmZDM0OGI4YmJiM2JiNzRkNzYzMjIzYzNlNDgxNTdmZGMzMjFhYzAwZGI1NjgyMDc2MGZlMjM4ODY1OGQ1ZThlOTc1ZTY4MmVlZWNhOWMwOTdjZjU5ZjM2OWYxY2M5YmU0YmI4NjgwNThiNzY3NzkxNjcwZjQwMDVhZWQzY2NhMDcyOTNjN2I1JnN1YjM9aW52b2tlX2xheWVyJnRna21mdD01MiZ0ej0xMCZ2PTI0LjUuNjQ4NQ&uuid=&pii=&in=false HTTP/1.1
Host: contentedsensationalprincipal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://contentedsensationalprincipal.com/api/users?token=L3Y5d2pmandrP2tleT0wZjIyYzFmZDYwOWYxM2NiNzk0N2M4Y2FiZmUxYTkwZCZzdWJtZXRyaWM9MjI3NjIzMTE
Cookie: u_pl=22762311; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjc2MjMxMSwiayI6IjIwYzk5NzA5NGI2M2JjYjYzZDQ3YjQ5MGEwNGE4NmE0Iiwic2lkIjoia2lzc2FzaWFuLmNvbS5sdixraXNzYXNpYW4uY29tLmx2IiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjg5MTc3LCJwaWQiOjE3NTA4NDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjIsImFpZCI6MjgsInB0Ijo0LCJwayI6InY5d2pmandrIiwiY3BrcyI6eyIyOSI6IjU3ZWE0ODYwYTg5MTZhNjc0ZDZhYTdhMzRkZGQ5M2I0In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2tpc3Nhc2lhbi5jb20ubHYvIiwiYXIiOltdfX0.Ojy5GxEK7tewvN0xbRD5Uem37vnveDqueLKoQZXs3i4; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Fri, 10 May 2024 07:45:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://nylonnickel.xyz/c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=39ffa136414db3b5fa3cf3fc93b0517a&COST_CPC=&PLACEMENT_ID=22762311&CAMPAIGN_ID=1036794&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2918465
Set-Cookie: pdhtkv=true; expires=Sat, 11 May 2024 07:45:01 GMT
uncs=1; expires=Sat, 11 May 2024 07:45:01 GMT
pdhtkv28=true; expires=Sat, 11 May 2024 07:45:01 GMT
uncs28=1; expires=Sat, 11 May 2024 07:45:01 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2ab9922b3b0dfdb656d7073347eb1621
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| nylonnickel.xyz/c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=39ffa136414db3b5fa3cf3fc93b0517a&COST_CPC=&PLACEMENT_ID=22762311&CAMPAIGN_ID=1036794&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2918465 | 192.64.81.118 | | 0 B |
URL nylonnickel.xyz/c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=39ffa136414db3b5fa3cf3fc93b0517a&COST_CPC=&PLACEMENT_ID=22762311&CAMPAIGN_ID=1036794&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2918465 IP192.64.81.118:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=39ffa136414db3b5fa3cf3fc93b0517a&COST_CPC=&PLACEMENT_ID=22762311&CAMPAIGN_ID=1036794&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2918465 HTTP/1.1
Host: nylonnickel.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://contentedsensationalprincipal.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 10 May 2024 07:45:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=usoj8wuqfy; expires=Sat, 11-May-2024 07:45:02 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=usoj8wuqfy-usoj8wuqfy-fyyd-0-us8pwj-g5us0-g5pm3y-128a07; expires=Sat, 11-May-2024 07:45:02 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=0dfacusoj8wuqfy311&sub_id=22762311
Strict-Transport-Security: max-age=31536000
|
|
| rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=0dfacusoj8wuqfy311&sub_id=22762311 | 188.114.97.1 | | 0 B |
URL rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=0dfacusoj8wuqfy311&sub_id=22762311 IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=0dfacusoj8wuqfy311&sub_id=22762311 HTTP/1.1
Host: rqqlj.canopusacrux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://contentedsensationalprincipal.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 07:45:02 GMT
content-length: 0
location: https://rqqlj.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402
set-cookie: 4l9EZwXc2kSH_LKKjogwWA=5; max-age=345600; path=/; samesite=lax
__pl=b72e2487-2a56-445d-a2d8-3371bbe54e34; expires=Sun, 10 May 2026 07:45:02 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OwgJ4H738D8nRcvC22%2FSYRdg9cS97W9zOZZAcbyYd%2FpdFV%2BkJqAj4spOf3GBTNr4d9uAjNHwcwBCnhbo0g1lxEir1B5J7cqh0k7IiwlFkGOwDCU79T6R4aQR15Dw%2B0RBVzoB%2BoWa2ckf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184eb4dd8f712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rqqlj.check-tl-ver-94-1.com/eyes-robot/assets/2.png | 188.114.97.1 | | 1.1 kB |
URL rqqlj.check-tl-ver-94-1.com/eyes-robot/assets/2.png IP188.114.97.1:0
File typePNG image data, 94 x 19, 8-bit colormap, non-interlaced Hashd708fbf0358752a082f5a394b74adda8 231c1527b4b039eb3af7d7e9eb5587ed87f6ea81 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
GET /eyes-robot/assets/2.png HTTP/1.1
Host: rqqlj.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:02 GMT
content-type: image/png
content-length: 1061
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1185
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1EKRt3O8UreD342CjhdIlMk59LVsF96QFTiENKMgJhDXqQniXJ5h7ceST%2FhGbwOdOYt%2FZPvqBTc4k4wFUJyVqa2nCclRuQ1RKCG3kkqFZnCP3TxzDX7CjE2TefhvU%2BMWJM7dGFq2yGQcsomq3Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184eb7bf811c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rqqlj.check-tl-ver-94-1.com/eyes-robot/assets/1.png | 188.114.97.1 | | 11 kB |
URL rqqlj.check-tl-ver-94-1.com/eyes-robot/assets/1.png IP188.114.97.1:0
File typePNG image data, 179 x 278, 8-bit colormap, non-interlaced Hasha6fa8154cc36da494df7b5103329c15a 3a2310088bcec14f7c0187f8409a5af5395665e8 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /eyes-robot/assets/1.png HTTP/1.1
Host: rqqlj.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:02 GMT
content-type: image/png
content-length: 10591
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1185
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D9M6JuYS%2FMjamzg8oaG0dqB%2BFGOj4FV3b4WK6vVNUciw6nxLLKnL6MsDNU%2Fmq4vDOpzg8vl%2FNqrzT4TvrvzmLV6Jc7ntq%2FjFh1z8Vdfw%2B4mgTnmJRjRb5b4ZuUZYTZ%2FVXD8y4BkiuYRbDEzt1n0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184eb7bf7c1c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rqqlj.check-tl-ver-94-1.com/eyes-robot/assets/trls.js | 188.114.97.1 | | 13 kB |
URL rqqlj.check-tl-ver-94-1.com/eyes-robot/assets/trls.js IP188.114.97.1:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators Hash0cdacbfa8d68265ac3893b159a75682a a85878b59036d00ac878739dc187305bc29df8c3 2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b
GET /eyes-robot/assets/trls.js HTTP/1.1
Host: rqqlj.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:02 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-2af6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P4Kkcf1eoKzAuF3zL357nMZ%2BPNIRWq0gkvTPrZt%2BrTr5v2jOPkqsfYnm4vG95SfU4EQsnGh70C0rEilp%2BIjHFXU8U1pRPK4Lpc4pc8v7mDxilPTLf%2BXwzz63xljcV2r5Z24BDI9u6zzFb8dETOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184eb7af711c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rqqlj.check-tl-ver-94-1.com/favicon.ico | 188.114.97.1 | | 0 B |
URL rqqlj.check-tl-ver-94-1.com/favicon.ico IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: rqqlj.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 10 May 2024 07:45:02 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3940
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CoiCksOPLJN1Iqzo6wz80fa0msdJOdKqHPih2wogIqB8YDRS4NK01TopUt4mzkZAR%2BI%2BRoB9YkMbQ9X8JEynnGyQ74eBwQ9NQSdbdd5Za%2B0w%2FRSrsYxI4Bwra4dD%2BFN7LheZ21KD4xvrg%2F1sQOE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184eb8b9191c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js | 142.250.74.35 | | 9.3 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (28368) Hash9900403b65514fad7df39a4e788a6e45 75f9ba061ef4e72bb23528c700f2a11c56d637e9 a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:28:12 GMT
expires: Sat, 10 May 2025 06:28:12 GMT
cache-control: public, max-age=31536000
age: 4611
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.35 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 104245
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ga.check-tl-ver-94-1.com/eyes-robot/assets/1.png | 188.114.97.1 | | 11 kB |
URL ga.check-tl-ver-94-1.com/eyes-robot/assets/1.png IP188.114.97.1:0
File typePNG image data, 179 x 278, 8-bit colormap, non-interlaced Hasha6fa8154cc36da494df7b5103329c15a 3a2310088bcec14f7c0187f8409a5af5395665e8 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /eyes-robot/assets/1.png HTTP/1.1
Host: ga.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ga.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:03 GMT
content-type: image/png
content-length: 10591
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-295f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HsMM2vWzbP5yYBft0crT%2BCxzi%2FRsyuxtgzmJ41qvVfNHBgUXgpmq4Iy4hOTpmm0C8TiUnj7W%2BQPlEAND%2B%2BCsw6X2DYKeSqsWHhO5BdVgc0zoZn1C2kg0%2Fa711uupDMOkad0JRwjg9hXjwAQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ebbae001c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ga.check-tl-ver-94-1.com/eyes-robot/assets/2.png | 188.114.97.1 | | 1.1 kB |
URL ga.check-tl-ver-94-1.com/eyes-robot/assets/2.png IP188.114.97.1:0
File typePNG image data, 94 x 19, 8-bit colormap, non-interlaced Hashd708fbf0358752a082f5a394b74adda8 231c1527b4b039eb3af7d7e9eb5587ed87f6ea81 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
GET /eyes-robot/assets/2.png HTTP/1.1
Host: ga.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ga.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:03 GMT
content-type: image/png
content-length: 1061
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-425"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QkaLWQohN83yn3EkSc3m7tSKwmtSWw1bLvXwvU4G9QMHb4UT3zNkZyzU8UR003c3%2BtSAgsMcvQF1XsK16e2OSaOcsg%2FUPOcbIYcENU9xZ8TyKnzKqBjIYm57akcfhzNO1oohcjPCBXchoXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ebbae051c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ga.check-tl-ver-94-1.com/eyes-robot/assets/image.png | 188.114.97.1 | | 11 kB |
URL ga.check-tl-ver-94-1.com/eyes-robot/assets/image.png IP188.114.97.1:0
File typePNG image data, 260 x 260, 8-bit colormap, non-interlaced Hashca1f4de0ad1d4fad72d299a6411e6959 c9f6d409f09264a34ee8bac4265233c56c280d1a f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
GET /eyes-robot/assets/image.png HTTP/1.1
Host: ga.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ga.check-tl-ver-94-1.com/eyes-robot/assets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:03 GMT
content-type: image/png
content-length: 11043
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-2b23"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rnYvZ2jcpNgJvMGEcU%2FII%2FI7VQkIBZg1XYm1qtvX1uuisMjolMZRnhi%2B%2Fc2GDjgY4LaVUhTfUaTbqwpD9qFH7wLB%2B5tocJeF8xpdkHRJ5Qlet82J8fa01FzKsBxGZW3lpCiAFqjTQxiKoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ebc3eb11c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ga.check-tl-ver-94-1.com/favicon.ico | 188.114.97.1 | | 0 B |
URL ga.check-tl-ver-94-1.com/favicon.ico IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ga.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ga.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 10 May 2024 07:45:03 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M4JEb4GxRyIcuQlgEZkZOZQ4N5%2BIZLa9Zg9T%2F3s5C2W4jXwsWIhnp4Oz4sk5lfoe1nGjSXtiRMinp%2FoSyAvEgOKC%2FY0QAajR8JQauhy7U%2FWZ2wGEVrRAemWc90Nv%2FWrseRHHzge1Y%2FZNXd0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ebcffe51c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js | 142.250.74.35 | | 9.3 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (28368) Hash9900403b65514fad7df39a4e788a6e45 75f9ba061ef4e72bb23528c700f2a11c56d637e9 a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ga.check-tl-ver-94-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:28:12 GMT
expires: Sat, 10 May 2025 06:28:12 GMT
cache-control: public, max-age=31536000
age: 4611
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.35 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ga.check-tl-ver-94-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 104245
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| gb.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402 | 188.114.97.1 | | 11 kB |
URL gb.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402 IP188.114.97.1:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hash666203c2cfc7ee8aafbd1cbf9ec04c69 7d74e745174fe6140ee2fbe1fe8b8c2ae33ade9a 57027a083c9c7eaf8a078a7090c454b254216a4a94782e2445fb71629725531b
GET /eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402 HTTP/1.1
Host: gb.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ga.check-tl-ver-94-1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:03 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kcAMTM4GEPhtlTqczmAmsxUBXFQaDmyGWZD%2BXdeeXPAK7JU2qF580L9koeSuMuZ5q%2FTTdTHAf%2FMwX2HFqxjFre2IV%2FSCXRol9%2BjDbR8N5eyOTcOn9f%2FQYO34xCnHixdBDR354a9PaHaPQtc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184ebdc8e21c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ga.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402 | 188.114.97.1 | | 1.5 kB |
URL ga.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402 IP188.114.97.1:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hash666203c2cfc7ee8aafbd1cbf9ec04c69 7d74e745174fe6140ee2fbe1fe8b8c2ae33ade9a 57027a083c9c7eaf8a078a7090c454b254216a4a94782e2445fb71629725531b
GET /eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402 HTTP/1.1
Host: ga.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:03 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RgxvS5VEBp5XRzqktWYKt%2BwlD1PIiSJC%2Fdbd2H72nI19Z7NVi%2BAt4CViOH4CdIEHkzzs9mzVZLC8%2Fq5oufZhI061kCcT51cbJCn2I9RwTdVP%2BC8ACTuc7vcNuqb1nxvVdQ1j4VZlTMQFJDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184ebaece51c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gb.check-tl-ver-94-1.com/eyes-robot/assets/image.png | 188.114.97.1 | | 11 kB |
URL gb.check-tl-ver-94-1.com/eyes-robot/assets/image.png IP188.114.97.1:0
File typePNG image data, 260 x 260, 8-bit colormap, non-interlaced Hashca1f4de0ad1d4fad72d299a6411e6959 c9f6d409f09264a34ee8bac4265233c56c280d1a f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
GET /eyes-robot/assets/image.png HTTP/1.1
Host: gb.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gb.check-tl-ver-94-1.com/eyes-robot/assets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:03 GMT
content-type: image/png
content-length: 11043
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-2b23"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sj0C68CuK00gRN1d7As7KCau0pfkB4HiuS46nPX0Iy5J4XsZTwWFZhrMlYXuwI8mGnEUJOl4NSHy9apnnIy5DL4LqYrziZb8uEpyf3yPAy6QllKzbp4wA9UpSB3VEsI93pq41SY6Y3i71U4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ebeda361c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gb.check-tl-ver-94-1.com/eyes-robot/assets/trls.js | 188.114.97.1 | | 16 kB |
URL gb.check-tl-ver-94-1.com/eyes-robot/assets/trls.js IP188.114.97.1:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators Hash0cdacbfa8d68265ac3893b159a75682a a85878b59036d00ac878739dc187305bc29df8c3 2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b
GET /eyes-robot/assets/trls.js HTTP/1.1
Host: gb.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gb.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:03 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-2af6"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dimqc1U%2Fz6KjtQVdtvtj7DcpqBEm12z7r5wKx6oPBEvjPip4x8rHcYpqNvbXUZGbtXamKfSeA%2Ffl6z4AfeDdnpP7iRAq9wc9zBXAT7l7g4v2%2BL1%2FCEFQB9huuEPjlmsUity864CC0RJfHuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ebe79c01c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js | 142.250.74.35 | | 9.3 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (28368) Hash9900403b65514fad7df39a4e788a6e45 75f9ba061ef4e72bb23528c700f2a11c56d637e9 a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gb.check-tl-ver-94-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:28:12 GMT
expires: Sat, 10 May 2025 06:28:12 GMT
cache-control: public, max-age=31536000
age: 4611
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.35 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gb.check-tl-ver-94-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 104245
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rqqlj.check-tl-ver-94-1.com/shared-js/assets/static-pl.js?v=2 | 188.114.97.1 | | 17 kB |
URL rqqlj.check-tl-ver-94-1.com/shared-js/assets/static-pl.js?v=2 IP188.114.97.1:0
File typeJavaScript source, ASCII text, with CRLF line terminators Hash7224243dd0b18bb2508a1d77d4b2a0b2 bd833c24aa241861316053fd8bd46a1bef3d343f 920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: rqqlj.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:02 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3940
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CWzhrnJbsBNlwoRDJmpURo0OQKdgzKGWkGhWSEDsiuPI6uDugJm1ZQ0K%2B8kqOawNlOQuPlPHxPWAjdpkthsXuPrn74elR9uPGo2BGZ8yLnYb70Y6Gylxu7L1PhM6ptX9X5tx3BWt%2FwCswpgg88w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184eb7bf851c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.highcpmgate.com/g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec | 172.240.127.234 | | 1.3 kB |
URL www.highcpmgate.com/g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec IP172.240.127.234:0
File typeHTML document, ASCII text, with very long lines (412) Hashbb054ae8d56c40c93e178ee5c7dbee90 b36605f0e19f7c6ed86e41bce6b49388fecab619 763245bde8e4aab329f7ebefcdcac9b73909158b4037deb469decd974919e52d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 07:45:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=23070551; expires=Sat, 11 May 2024 07:45:04 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA3MDU1MSwiayI6Ijk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzk1OTI5LCJwaWQiOjE4MjM3NzAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzEsImFpZCI6MjgsInB0Ijo0LCJwayI6ImcwcmN5YWFhYjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.U2ebwFjEv1emnUSOTmNQTe-4rPP39OWIepgfVbZEwNQ; expires=Fri, 10 May 2024 07:46:04 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c1daaf2efe70439a2cbd34038307f393
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MzI3MTY0JnJtdGM9dCZzaHU9MTA4MDZmYjFjMjQ4MzZjNzY2ZjcyNzY2YjUzMDAwYjlkZjcyN2NjODQyMzdmMWQzYTk4ZmYyNmE3MTYyZjBhM2M3NjQ5OTBhNDUwODI2Yjg2MTI3ODA4NGYzNGM1NTkzZTkxMzJlMzdhYjA2NmUyYjQyNjZmMGNkYzQwOTNhNzU1NjFmNDFjM2ZjNTI0YjE0Y2QyMzNjMTU2MzY5MDA5NTAwZDc1MzFlOGVhNzMwODExN2I2YTkzOTgxN2IwOTkx&uuid=&pii=&in=false | 192.243.61.227 | | 0 B |
URL www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MzI3MTY0JnJtdGM9dCZzaHU9MTA4MDZmYjFjMjQ4MzZjNzY2ZjcyNzY2YjUzMDAwYjlkZjcyN2NjODQyMzdmMWQzYTk4ZmYyNmE3MTYyZjBhM2M3NjQ5OTBhNDUwODI2Yjg2MTI3ODA4NGYzNGM1NTkzZTkxMzJlMzdhYjA2NmUyYjQyNjZmMGNkYzQwOTNhNzU1NjFmNDFjM2ZjNTI0YjE0Y2QyMzNjMTU2MzY5MDA5NTAwZDc1MzFlOGVhNzMwODExN2I2YTkzOTgxN2IwOTkx&uuid=&pii=&in=false IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MzI3MTY0JnJtdGM9dCZzaHU9MTA4MDZmYjFjMjQ4MzZjNzY2ZjcyNzY2YjUzMDAwYjlkZjcyN2NjODQyMzdmMWQzYTk4ZmYyNmE3MTYyZjBhM2M3NjQ5OTBhNDUwODI2Yjg2MTI3ODA4NGYzNGM1NTkzZTkxMzJlMzdhYjA2NmUyYjQyNjZmMGNkYzQwOTNhNzU1NjFmNDFjM2ZjNTI0YjE0Y2QyMzNjMTU2MzY5MDA5NTAwZDc1MzFlOGVhNzMwODExN2I2YTkzOTgxN2IwOTkx&uuid=&pii=&in=false HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PWE5NjljYTVjOWFkMjYxMTc2MmYxMWI3OWE1MjZlMmQyJnN1Ym1ldHJpYz0yMzA3MDU1MQ
Cookie: u_pl=23070551; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA3MDU1MSwiayI6Ijk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzk1OTI5LCJwaWQiOjE4MjM3NzAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzEsImFpZCI6MjgsInB0Ijo0LCJwayI6ImcwcmN5YWFhYjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.U2ebwFjEv1emnUSOTmNQTe-4rPP39OWIepgfVbZEwNQ; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Fri, 10 May 2024 07:45:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39f8e7985a93ff7dec3fd148a2f0e5bc&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296
Set-Cookie: iprc9092dced9d6c74f47b4b99df23dbc9c6=5206192; expires=Sat, 11 May 2024 07:45:05 GMT
pdhtkv=true; expires=Sat, 11 May 2024 07:45:05 GMT
uncs=1; expires=Sat, 11 May 2024 07:45:05 GMT
pdhtkv28=true; expires=Sat, 11 May 2024 07:45:05 GMT
uncs28=1; expires=Sat, 11 May 2024 07:45:05 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3814e843d546ddd9796cb24dad30b48f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39f8e7985a93ff7dec3fd148a2f0e5bc&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296 | 192.64.81.118 | | 0 B |
URL wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39f8e7985a93ff7dec3fd148a2f0e5bc&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296 IP192.64.81.118:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39f8e7985a93ff7dec3fd148a2f0e5bc&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296 HTTP/1.1
Host: wifescamara.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 10 May 2024 07:45:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=usoj8wxioj; expires=Sat, 11-May-2024 07:45:05 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=usoj8wxioj-usoj8wxioj-uoxs-0-usa30-9rq5dz-9rq5bl-658da0; expires=Sat, 11-May-2024 07:45:05 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=02a8eusoj8wxioj3a2&sub_id=23070551
Strict-Transport-Security: max-age=31536000
|
|
| gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=02a8eusoj8wxioj3a2&sub_id=23070551 | 188.114.97.1 | | 0 B |
URL gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=02a8eusoj8wxioj3a2&sub_id=23070551 IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=dR1J35fCDkibR45g1XXjgg&click_id=02a8eusoj8wxioj3a2&sub_id=23070551 HTTP/1.1
Host: gzeao.canopusacrux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 10 May 2024 07:45:05 GMT
content-length: 0
location: https://gzeao.check-tl-ver-94-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=02a8eusoj8wxioj3a2&sub_id=23070551&nrid=786b7b63cce448ba83ea3ae903b03c01&hash=awH23kpCkl2SU9THGhSmhg&exp=1715327405
set-cookie: dR1J35fCDkibR45g1XXjgg=2; max-age=345600; path=/; samesite=lax
__pl=f2bfe3ae-b22f-4b9a-aea9-f1181ea2ac10; expires=Sun, 10 May 2026 07:45:05 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PeZmCqDwYJ6syp%2FJp5SlKDCaa7b274V1moIU%2FU6ALWFZWBWYeYSnRqXG967FGxBMr8WNrWXrxK%2BNcf1UuutzWGeOKh3bYE9wj74CbgwL9cx4eMvVlXORW%2By%2FZwn5YrpZAzHqsmdL%2FgkF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184ecba9175695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gzeao.check-tl-ver-94-1.com/allow-button/assets/trls.js | 188.114.97.1 | | 15 kB |
URL gzeao.check-tl-ver-94-1.com/allow-button/assets/trls.js IP188.114.97.1:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators Hashd4a23c4124d49f909abaef62a8bf47a5 e7b26553db1400d07f1b12137053ebe7b066972f 3efcd61ce47244f47b15c9f5d5749f79b2ddd57e51ebf995267ab02d4dcf2180
GET /allow-button/assets/trls.js HTTP/1.1
Host: gzeao.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-94-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=02a8eusoj8wxioj3a2&sub_id=23070551&nrid=786b7b63cce448ba83ea3ae903b03c01&hash=awH23kpCkl2SU9THGhSmhg&exp=1715327405
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:06 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1e6a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwqyWl%2BeOmiudQDvxYUZhouD1TjXyNuvhztMH5hSHziRMEqVfRo9xRKrKjTLOtYSllzN7hwpS1hwea3%2F%2Fjg%2Fdex6F9FkSMAqAv%2BDN%2BVSyfbneZJyGtfiekHlGgZ%2FNDl%2FeqCYutkpQuqHXmJy7r0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ecdef0b1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js | 142.250.74.35 | | 9.3 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (28368) Hash9900403b65514fad7df39a4e788a6e45 75f9ba061ef4e72bb23528c700f2a11c56d637e9 a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-94-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:28:12 GMT
expires: Sat, 10 May 2025 06:28:12 GMT
cache-control: public, max-age=31536000
age: 4614
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.35 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-94-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 104248
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdnstatic.check-tl-ver-94-1.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=02a8eusoj8wxioj3a2&sub_id=23070551&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-94-1.com&timeout=30&tb=true&nrid=786b7b63cce448ba83ea3ae903b03c01 | 188.114.97.1 | | 14 kB |
URL cdnstatic.check-tl-ver-94-1.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=02a8eusoj8wxioj3a2&sub_id=23070551&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-94-1.com&timeout=30&tb=true&nrid=786b7b63cce448ba83ea3ae903b03c01 IP188.114.97.1:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33286), with no line terminators Hash4df68ec0b7ffea368763d84a6cf396a3 3824e895e2e453dd35dbc4a0d627149ef20338be d3a0482ce6b566f7a20f725a4658404d7cf6878e7403f0387a021750bd45d566
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=02a8eusoj8wxioj3a2&sub_id=23070551&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-94-1.com&timeout=30&tb=true&nrid=786b7b63cce448ba83ea3ae903b03c01 HTTP/1.1
Host: cdnstatic.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ha.check-tl-ver-94-1.com/
Cookie: __psu=88930819-7aba-4e22-b9df-5551c25751e7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:06 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XuDbhIdKB1hL%2Fi5Q2jCcQmekNSXmoLm2HPzZba2wc%2BmkvJRY5Y8GYioyqWfRytf1nse3Pz2BU2OyzL7SFV8iRFYuK3INarUXv8k3EjaFwBM5yJK%2FNckpQx%2BrNxowJ4d3pZiua9VIw4tp%2FNxOEZAo767k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ed1bc171c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js | 142.250.74.35 | | 9.3 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (28368) Hash9900403b65514fad7df39a4e788a6e45 75f9ba061ef4e72bb23528c700f2a11c56d637e9 a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ha.check-tl-ver-94-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:28:12 GMT
expires: Sat, 10 May 2025 06:28:12 GMT
cache-control: public, max-age=31536000
age: 4614
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.35 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.35:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ha.check-tl-ver-94-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 104248
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ga.check-tl-ver-94-1.com/eyes-robot/assets/style.css | 188.114.97.1 | | 1.9 kB |
URL ga.check-tl-ver-94-1.com/eyes-robot/assets/style.css IP188.114.97.1:0
File typegzip compressed data, from Unix Hash5bc5267b2065079af57734413ff67281 42a0705968b5334b420aa1b1ac90b19aee0d854e 65d6cc0ea3cbffcca23892f9b7d3d1f27b77c201a290e1f29f7b1948102c1dc5
GET /eyes-robot/assets/style.css HTTP/1.1
Host: ga.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ga.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:03 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-cf6"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jeWxLKPHaN4icT4MTXG7jzQDbwTs79YO8w8bqiPTsbwghfvTl2RppfDL7hty7LjIEXHzfYIGxYz97mU6ctNJcMzDEbIQcx1%2Fh8KEzYu1Ttm23vVFeaIgOZMifz6%2FMJFFhnepF8CZLAAct1M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ebbadfc1c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glugherg.net/favicon.ico | 139.45.197.237 | | 0 B |
IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=0080585178c8402af09e5e8a7e5116de; oaidts=1715327107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 10 May 2024 07:45:07 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=0080585178c8402af09e5e8a7e5116de&z=6662145&p_rid=95658146-4694-43b7-8e29-7c80b767b074&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=0080585178c8402af09e5e8a7e5116de&z=6662145&p_rid=95658146-4694-43b7-8e29-7c80b767b074&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=0080585178c8402af09e5e8a7e5116de&z=6662145&p_rid=95658146-4694-43b7-8e29-7c80b767b074&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:45:07 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080585178c8402af09e5e8a7e5116de; expires=Sat, 10 May 2025 07:45:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| glugherg.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=95658146-4694-43b7-8e29-7c80b767b074 | 139.45.197.237 | | 12 B |
URL glugherg.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=95658146-4694-43b7-8e29-7c80b767b074 IP139.45.197.237:0
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=95658146-4694-43b7-8e29-7c80b767b074 HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1381
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=0080585178c8402af09e5e8a7e5116de; oaidts=1715327107
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:45:07 GMT
content-type: application/json; charset=utf-8
content-length: 12
access-control-allow-origin: https://glugherg.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| glugherg.net/?z=6662145&syncedCookie=true&rhd=false | 139.45.197.237 | 302 Found | 0 B |
URL User Request POST HTTP/2glugherg.net/?z=6662145&syncedCookie=true&rhd=false IP139.45.197.237:443
CertificateIssuerLet's Encrypt Subjectglugherg.net Fingerprint32:41:21:37:65:99:C2:A0:C3:78:74:04:E3:8D:18:A9:B6:60:97:57 ValiditySun, 14 Apr 2024 05:10:47 GMT - Sat, 13 Jul 2024 05:10:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /?z=6662145&syncedCookie=true&rhd=false HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 520
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/afu.php?zoneid=6662145&var=6662145&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=0080585178c8402af09e5e8a7e5116de; oaidts=1715327107
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 10 May 2024 07:45:07 GMT
content-length: 0
location: https://secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=812703391691313836&cost=0.001050&zoneid=6662145&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0
x-trace-id: d87748015ebe5f394ec4eaff00400424
link: <https://secureltrk.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://glugherg.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080585178c8402af09e5e8a7e5116de; expires=Sat, 10 May 2025 07:45:07 GMT; path=/; secure; SameSite=None
oaidts=1715327107; expires=Sat, 10 May 2025 07:45:07 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 17 May 2024 07:45:07 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=812703391691313836&cost=0.001050&zoneid=6662145&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 | 176.97.112.149 | 307 Temporary Redirect | 0 B |
URL User Request GET HTTP/2secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=812703391691313836&cost=0.001050&zoneid=6662145&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 IP176.97.112.149:443 ASN#43180 Virtual Systems LLC
CertificateIssuerLet's Encrypt Subjectsecureltrk.com Fingerprint91:A8:57:2C:3B:9E:B5:B7:A7:E4:55:0C:08:59:E7:45:9D:A9:4C:9D ValidityFri, 22 Mar 2024 12:23:21 GMT - Thu, 20 Jun 2024 12:23:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?key=964a6cb724a8ed441ad5&visitor_id=812703391691313836&cost=0.001050&zoneid=6662145&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 HTTP/1.1
Host: secureltrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Fri, 10 May 2024 07:45:08 GMT
location: https://g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cout115a6vts73c58860
server: Caddy
set-cookie: uclick=zriOxQpcMN011+r1bWCYviKPvwqwC1MdG/+S1sX/lN/hEFh3uiGWhhjYi0q0m6dhx82sdw==; Max-Age=31536000; SameSite=Lax
bcid=cout115a6vts73c58860; Max-Age=31536000; SameSite=Lax
cid=cout115a6vts73c58860; Max-Age=31536000; SameSite=Lax
x-request-id: efd45007-b55a-4507-8a82-d7b354f1add0
content-length: 0
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/images/check-icon.png | 188.114.96.1 | 200 OK | 45 kB |
URL GET HTTP/3prfectnewoffers.net/images/check-icon.png IP188.114.96.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typePNG image data, 900 x 520, 8-bit/color RGBA, non-interlaced Hash678be8aead34ae53e3a53f79ba30c820 a90e388c192e1287fb9132385e0e9960a1f7c15e 79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
GET /images/check-icon.png HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InV4MU04MUM0UmU5WDlNcGlqVTFJY0E9PSIsInZhbHVlIjoiZXNaNkVSdjRxTlJnanp0azhDQVM4MERBQUVPZ2g3TmFMdDlWaGdWYXpsZ2dCczhVVkkzb0xHSUE2eUR3cEVuMCIsIm1hYyI6IjdhYjZmNWEwZTAwZDc1YTdmYzRiNzZiYTcyMWJkNjViNWE2OGJlNzRlOWM1NTAwYmM2YWY3ZDJhMTlmZjMyMTYifQ%3D%3D; c=eyJpdiI6IjVZTmVnbUpTK0ZKemRyTDBZNDBucFE9PSIsInZhbHVlIjoiUUFiVHFuRzJuYit3TFQzbEtFaGpUVmRFdUJSWUNQRkdYMk5lbExOMkdtWENiKytHdlhZTExibSt0SURJXC8rVDYiLCJtYWMiOiI1MTAyNmE2OGQ5YmI0OGJiODNiYWU1ZWI2NDdiZDYwOGJjMTVlMGUwOTU4NmEyZjJhOTYxNTkzZTNmZTlkMjA5In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: image/png
content-length: 45018
last-modified: Fri, 26 Apr 2024 12:53:43 GMT
etag: "662ba3d7-afda"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 2468
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IgqGwQ5Phn4D%2FovMIdYVyXkUtP8MvhdKbGaCz1kl0P3rThwNnuKdaXmQx1LquVgXvb02PiLkcvoW71S63qfh71aRUVqfLoAUBz%2BignbbGlgapVxs9ZPHWYwLCcrZjPv8E8p1W9eq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ee0aaaa56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/media/sad-face.svg | 188.114.96.1 | 200 OK | 1.1 kB |
URL GET HTTP/3prfectnewoffers.net/media/sad-face.svg IP188.114.96.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typegzip compressed data, from Unix Hash947bcdd5b2ee2f8ec62ee27b97b36ba2 0f3b4f810f99c3e7eb6c3f3458a3380d8f79d8d9 c8a9257207d3f2f2f8da78eecfa46031b0c5f91308d04ef5be266f9ee4a8184f
GET /media/sad-face.svg HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InV4MU04MUM0UmU5WDlNcGlqVTFJY0E9PSIsInZhbHVlIjoiZXNaNkVSdjRxTlJnanp0azhDQVM4MERBQUVPZ2g3TmFMdDlWaGdWYXpsZ2dCczhVVkkzb0xHSUE2eUR3cEVuMCIsIm1hYyI6IjdhYjZmNWEwZTAwZDc1YTdmYzRiNzZiYTcyMWJkNjViNWE2OGJlNzRlOWM1NTAwYmM2YWY3ZDJhMTlmZjMyMTYifQ%3D%3D; c=eyJpdiI6IjVZTmVnbUpTK0ZKemRyTDBZNDBucFE9PSIsInZhbHVlIjoiUUFiVHFuRzJuYit3TFQzbEtFaGpUVmRFdUJSWUNQRkdYMk5lbExOMkdtWENiKytHdlhZTExibSt0SURJXC8rVDYiLCJtYWMiOiI1MTAyNmE2OGQ5YmI0OGJiODNiYWU1ZWI2NDdiZDYwOGJjMTVlMGUwOTU4NmEyZjJhOTYxNTkzZTNmZTlkMjA5In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 12:57:38 GMT
vary: Accept-Encoding
etag: W/"662ba4c2-5dc"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tquItIxwtNNmX8dhOEgcgwbwgoRjrbXf661kf8ayYOZ7RltRYBIs%2BXpSsDPEduBY4ZIatXgjhkjhuLbFoDCvp4nA%2FHbwlSvcYECVfq4WYxx3kdp1zXbCdk8nTrcxE7brcmU7Njv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184ee0bacf56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mgkstatic33.b-cdn.net/43461/images/logo.png | 194.242.11.186 | 200 OK | 12 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/logo.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 436 x 130, 8-bit/color RGBA, non-interlaced Hash34156c9cf33b3a62f654c05dce790379 3e937d90138e64ceb158a1d7940e88551e7d3ae4 d13af073b360ef22d6fae9f4553a70389ba215b9d4dff52a9e2358417be6921c
GET /43461/images/logo.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: image/png
content-length: 12510
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "34156c9cf33b3a62f654c05dce790379"
last-modified: Wed, 13 Mar 2024 15:17:34 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000008b1c89a4d0b15148-0065f29eca-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 864461ec3802b51d-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/14/2024 12:49:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 072efc8f5584d211ca096640f139bfa0
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png | 194.242.11.186 | 200 OK | 4.0 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 71 x 72, 8-bit/color RGBA, non-interlaced Hashaa55fd19e5efcaea20c5baf81e722bbc 6e5466aa0c4bf4586f1d6e53ae63f9c1fc1a3f56 3d25d49488fafac19a1fd40686a0d901d245e613db1d0b1ddb9a38fa101c659e
GET /43461/images/Icon-ionic-md-trophy.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: image/png
content-length: 3992
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "aa55fd19e5efcaea20c5baf81e722bbc"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000052d3ae9d438c6d95-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b73bf9f0b45-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f24c4d2a51f5ff9a414046a911ada872
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png | 194.242.11.186 | 200 OK | 3.8 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 78 x 78, 8-bit/color RGBA, non-interlaced Hash2973d7d42cbc07bd0099eec135a5de96 a657b46c370c998c751368bd9231d9729e2b8d23 cd37a4eede36ce73ad4388f7f6a0483c87455e888b16eaee0c9e076abf7882dc
GET /43461/images/Icon-awesome-download.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: image/png
content-length: 3776
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "2973d7d42cbc07bd0099eec135a5de96"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000096a6b8a15cae6941-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b74dc1c0b55-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ca0aae7cd5779dc6131c9a024db8cbc3
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png | 194.242.11.186 | 200 OK | 3.7 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced Hashe26549054b8a37aff472cc3c68ca9f92 6d982d6d54f9f1af0ee1b88992dd25a16c66d77d 7cdbc2c72709df7bd0a11927adf1f751a7fc681d3e032267a2b9c4e328dcf40b
GET /43461/images/Icon-awesome-rocket.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: image/png
content-length: 3717
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "e26549054b8a37aff472cc3c68ca9f92"
last-modified: Wed, 13 Mar 2024 15:17:28 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001277ebaeb444c088-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 87f725d979d356c4-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2024 07:09:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 633142998b42c75e7f73d27d40cf28f8
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Polygon-10.png | 194.242.11.186 | 200 OK | 465 B |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Polygon-10.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 46 x 69, 8-bit/color RGBA, non-interlaced Hash250d763ae00c38fc8d960305e2f11950 130acf813f4c80c9cc7db53decc8799c28e3eb43 d074af86e879deab518c017c9078083a6dc2214d6ca96b892c245bab5c94ceb1
GET /43461/images/Polygon-10.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: image/png
content-length: 465
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "250d763ae00c38fc8d960305e2f11950"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003cd7736e5659ab25-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 87b0bdba1c7756ae-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/27/2024 18:05:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 848b5806e1332eafcc825bb6547ac107
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= | 188.114.96.1 | 200 OK | 26 kB |
URL User Request GET HTTP/2prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (623) Hash8c346a72da832a45250ce8d0b443e058 a869f5165a511b8818c744dc9c15614a2754abd3 ffc0274e7071a3249b1d5b93fe005f6487dfc8d5da4e1adf9c48c94b840dd28e
GET /bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InV4MU04MUM0UmU5WDlNcGlqVTFJY0E9PSIsInZhbHVlIjoiZXNaNkVSdjRxTlJnanp0azhDQVM4MERBQUVPZ2g3TmFMdDlWaGdWYXpsZ2dCczhVVkkzb0xHSUE2eUR3cEVuMCIsIm1hYyI6IjdhYjZmNWEwZTAwZDc1YTdmYzRiNzZiYTcyMWJkNjViNWE2OGJlNzRlOWM1NTAwYmM2YWY3ZDJhMTlmZjMyMTYifQ%3D%3D; expires=Fri, 10-May-2024 09:45:08 GMT; Max-Age=7200; path=/
c=eyJpdiI6IjVZTmVnbUpTK0ZKemRyTDBZNDBucFE9PSIsInZhbHVlIjoiUUFiVHFuRzJuYit3TFQzbEtFaGpUVmRFdUJSWUNQRkdYMk5lbExOMkdtWENiKytHdlhZTExibSt0SURJXC8rVDYiLCJtYWMiOiI1MTAyNmE2OGQ5YmI0OGJiODNiYWU1ZWI2NDdiZDYwOGJjMTVlMGUwOTU4NmEyZjJhOTYxNTkzZTNmZTlkMjA5In0%3D; expires=Fri, 10-May-2024 09:45:08 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGKHvOhrhyClXdVLZ7uxnJrA1D7wUg6AKlX9uJHYmZCrYuAJfklD86cHg4dC%2B9l3YckYIdPWvJEI%2BNos7h2zk6%2FfCQAZpbQitLkmNJVpfa8SF5LIy8TompBPo5EJj1otWspb5d6f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184edcbeae5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png | 194.242.11.186 | 200 OK | 101 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 522 x 848, 8-bit/color RGBA, non-interlaced Size101 kB (101329 bytes) Hash8d3c7b42fdd79ef3c7d81aee046465c8 933e6035c9082dc87418519e8c4e6550c3f1d8a1 f6d18c1ec94df13f3f335ee98f1cdc6010656e117c6a5bd0b47812580c188123
GET /43461/images/phone-with-shadow-bitbotapp.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: image/png
content-length: 101329
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "8d3c7b42fdd79ef3c7d81aee046465c8"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001497924583aa2f5c-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc830eae56a4-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4526d17d087272693b18a6235eccbc28
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png | 194.242.11.186 | 200 OK | 405 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 960 x 795, 8-bit/color RGBA, non-interlaced Size405 kB (405350 bytes) Hashb961c9e7e178aa1bb10a1ed8bbc37f76 5a4ae86e986118b8792a85c6c561e07c1f23ee03 15775556fc3dd033df8b911c03448a47cc4e14f26e36aecc2ac378f76c9307d8
GET /43461/images/robot-and-phone-final-img.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: image/png
content-length: 405350
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "b961c9e7e178aa1bb10a1ed8bbc37f76"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000d699074756f91dc7-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 87f725dc9d3e56c9-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2024 07:09:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cb3e89b365a907f76f7a98eca682deac
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 188.114.96.1 | 200 OK | 1.1 kB |
URL GET HTTP/3prfectnewoffers.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP188.114.96.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typegzip compressed data, from Unix Hash25eec44662632e8143aaf9f870b0c647 812b7b17ff9bbff517764dec617cefbe68f3ff67 a08dbef141737d414f4c3f4c52f0715e6b589f88fcfbfa7284c0291401c50bfa
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InV4MU04MUM0UmU5WDlNcGlqVTFJY0E9PSIsInZhbHVlIjoiZXNaNkVSdjRxTlJnanp0azhDQVM4MERBQUVPZ2g3TmFMdDlWaGdWYXpsZ2dCczhVVkkzb0xHSUE2eUR3cEVuMCIsIm1hYyI6IjdhYjZmNWEwZTAwZDc1YTdmYzRiNzZiYTcyMWJkNjViNWE2OGJlNzRlOWM1NTAwYmM2YWY3ZDJhMTlmZjMyMTYifQ%3D%3D; c=eyJpdiI6IjVZTmVnbUpTK0ZKemRyTDBZNDBucFE9PSIsInZhbHVlIjoiUUFiVHFuRzJuYit3TFQzbEtFaGpUVmRFdUJSWUNQRkdYMk5lbExOMkdtWENiKytHdlhZTExibSt0SURJXC8rVDYiLCJtYWMiOiI1MTAyNmE2OGQ5YmI0OGJiODNiYWU1ZWI2NDdiZDYwOGJjMTVlMGUwOTU4NmEyZjJhOTYxNTkzZTNmZTlkMjA5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 09:31:53 GMT
etag: W/"663b4689-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EXyWyrcgUm84NFOtDAeZSOE%2BIv19PcQauoiVhDQDpUxTzgJj70zxUby70q11XgoWmS6kiHmWAyJUFOi5TRbeWHxl2RY9enDoYcpndJ0k716510nCoFB20eE7DA2Upc2dRfNUqu%2BD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ee0bad656be-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 12 May 2024 07:45:09 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| mgkstatic33.b-cdn.net/43461/build/funnel.js | 194.242.11.186 | 200 OK | 224 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/build/funnel.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65526), with no line terminators Size224 kB (224411 bytes) Hash154334f976eb4c2bbea602efb4ad82ce 419f09216939d9817c52e4f8f928e4e40c7e0cb4 c0bc7d84863d6352319f4638e7f027022d4e008ce7d0680148b6a884fcbdb8ca
GET /43461/build/funnel.js HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=3600
etag: W/"154334f976eb4c2bbea602efb4ad82ce"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000171f16e097b1d7c2-0065f29eca-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869b6440a89156bb-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 02:15:10
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 507267b4f03794107b28a20bf4a7e711
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap | 142.250.74.106 | 200 OK | 4.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap IP142.250.74.106:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash0191049dbeeaf5c16e2cc2dfda263345 ba2c65c17d7dc1a0cbff1b095fa1a7713bdc6c75 b83d4d4108131ff0b515bf36890e177964087d9d085e3d8287014b010eb9475e
GET /css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 07:45:09 GMT
date: Fri, 10 May 2024 07:45:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99 | 188.114.96.1 | 200 OK | 246 kB |
URL GET HTTP/3prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99 IP188.114.96.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typegzip compressed data, from Unix Size246 kB (245664 bytes) Hasha8ebb061a01b901a7b35a021ede4c7b0 d094706b851409108138cab4c0b92687dd383b72 cc37249ae466d817c09c8583c5c2da24bbc5cf74766a9937e7cb6a96feb3d61c
GET /css/forms.css?id=f996a15d4340ce7f6a99 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InV4MU04MUM0UmU5WDlNcGlqVTFJY0E9PSIsInZhbHVlIjoiZXNaNkVSdjRxTlJnanp0azhDQVM4MERBQUVPZ2g3TmFMdDlWaGdWYXpsZ2dCczhVVkkzb0xHSUE2eUR3cEVuMCIsIm1hYyI6IjdhYjZmNWEwZTAwZDc1YTdmYzRiNzZiYTcyMWJkNjViNWE2OGJlNzRlOWM1NTAwYmM2YWY3ZDJhMTlmZjMyMTYifQ%3D%3D; c=eyJpdiI6IjVZTmVnbUpTK0ZKemRyTDBZNDBucFE9PSIsInZhbHVlIjoiUUFiVHFuRzJuYit3TFQzbEtFaGpUVmRFdUJSWUNQRkdYMk5lbExOMkdtWENiKytHdlhZTExibSt0SURJXC8rVDYiLCJtYWMiOiI1MTAyNmE2OGQ5YmI0OGJiODNiYWU1ZWI2NDdiZDYwOGJjMTVlMGUwOTU4NmEyZjJhOTYxNTkzZTNmZTlkMjA5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 12:57:38 GMT
vary: Accept-Encoding
etag: W/"662ba4c2-570a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2603
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZg0ShHOu1vyy9pgrQQKcSpLY9KcHuF9my98If34Tv3j2rIB91QilZD3AtEnfhI4uB6rQUXg4YOIi3F7%2FsS0RekMsaE9DbY75VwSayPCBx7Y5z%2FOzhhCYQBSZxXoyfHRVCvl0PYk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184ee09a8d56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnstatic.check-tl-ver-94-1.com/ps/config.js?id=dR1J35fCDkibR45g1XXjgg | 188.114.97.1 | | 92 kB |
URL cdnstatic.check-tl-ver-94-1.com/ps/config.js?id=dR1J35fCDkibR45g1XXjgg IP188.114.97.1:0
File typegzip compressed data, from Unix Hash7e0dfc927615d3876160e5f4499a3f41 97627d87e5d948fb8a6e24c23c215d4a3771360c fe4a19d0381b8645bdf1c91f9e61b0160382be20786c503d4db74f741332f2f3
GET /ps/config.js?id=dR1J35fCDkibR45g1XXjgg HTTP/1.1
Host: cdnstatic.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ha.check-tl-ver-94-1.com/
Cookie: __psu=88930819-7aba-4e22-b9df-5551c25751e7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:06 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1OaSVswPLgVveALaiuXKtiHa7LJjnb9KWNrDD5AIaIHkmFh0sSSv0vVjz4nPxYe9FFg%2BXDf1QnTQWkPNJrYTzxmWNZkH8a4zxVdv3s%2BSeHSsBJcUsuQ5Ti56K5893S8Mfnx6ZXnwwqGwpB064RZBW5nt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ed21c9a1c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnstatic.check-tl-ver-94-1.com/ps/tb?id=dR1J35fCDkibR45g1XXjgg&sm=allow-button&sub_id=23070551&click_id=02a8eusoj8wxioj3a2&nrid=52ebc5894b9ba294adefebcebf52725d&reason=tb_exit&attempt=2 | 188.114.97.1 | | 965 kB |
URL cdnstatic.check-tl-ver-94-1.com/ps/tb?id=dR1J35fCDkibR45g1XXjgg&sm=allow-button&sub_id=23070551&click_id=02a8eusoj8wxioj3a2&nrid=52ebc5894b9ba294adefebcebf52725d&reason=tb_exit&attempt=2 IP188.114.97.1:0
File typeHTML document, ASCII text, with CRLF line terminators Size965 kB (964920 bytes) Hashf6dcca680a4d5fe1e3c9a5e8035b5c90 9362a4e50a3aaa0115daae01b4d28778c9bca070 5dd762ac2af693c86641ae5dc26c78566329fc590b7ca72dc34ed53151feafe3
GET /ps/tb?id=dR1J35fCDkibR45g1XXjgg&sm=allow-button&sub_id=23070551&click_id=02a8eusoj8wxioj3a2&nrid=52ebc5894b9ba294adefebcebf52725d&reason=tb_exit&attempt=2 HTTP/1.1
Host: cdnstatic.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ha.check-tl-ver-94-1.com/
Cookie: __psu=88930819-7aba-4e22-b9df-5551c25751e7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:07 GMT
content-type: text/html
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvrKj0A2PrIHI95E0eSa1mEuMzfkWCt%2Fkv4o3%2BdrDMSE%2BEblZ0a9N%2F4L0i9dcDNwB%2BrGy43USpivnkiwfeOEZkI7N2VrjxMi3c%2FeymzKVHStdt8z0z3E1JoPY4C1Fl5wsZRXWlHfNgPTYs9SfJiWF7io"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184ed2cd7d1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static-133.b-cdn.net/43461/images/hero-img-new.jpg | 194.242.11.186 | 200 OK | 394 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/hero-img-new.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x935, components 3 Size394 kB (393575 bytes) Hash8867f07ab37b30a70556531fab9ab745 b38438f367b8db496568700d6f07ffc17a185151 d74199bd755af51a2080d1caad0f8655afebbd5da7b56ee3302699c7bd856b0a
GET /43461/images/hero-img-new.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:10 GMT
content-type: image/jpeg
content-length: 393575
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "8867f07ab37b30a70556531fab9ab745"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000001c2614e59fb41b02-0065f1c7cc-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 87f725f5199256c9-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2024 07:10:03
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 370a6760f639361a827fed61646ee02f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| rqqlj.check-tl-ver-94-1.com/eyes-robot/assets/style.css | 188.114.97.1 | | 15 kB |
URL rqqlj.check-tl-ver-94-1.com/eyes-robot/assets/style.css IP188.114.97.1:0
File typegzip compressed data, from Unix Hash14d5f1ec35009eadfe9ae4cb6ea70bee 34df2e985fb128d2a0aff47c057506b63be51fda cc575864e16b25e0c3e5852d3d6b8e1e5b5f073994e68c162eb6230f647359bd
GET /eyes-robot/assets/style.css HTTP/1.1
Host: rqqlj.check-tl-ver-94-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-94-1.com/eyes-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=eyes-robot&click_id=0dfacusoj8wuqfy311&sub_id=22762311&nrid=efda872c97bc4db283270d52ce087b2e&hash=QuvntI-Sk92Drx5_z-vJRw&exp=1715327402
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:02 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-cf6"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iiZCg97FrXVb1YwHP4qOcgbBLeYe3RI80gt5N9qOMnvLFXQgQGbG%2BC5D6m5MynKgod0Xl%2FOILdhU1EaY3EHHf%2Fqdh3k3VoTt5EGq%2B%2BLsSyalL8YK%2BI7HbsSXbPFogfmwYLz5KiTTDr4fas4UY4I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184eb7bf771c0a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static-133.b-cdn.net/43461/images/bg-img-3.jpg | 194.242.11.186 | 200 OK | 246 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-3.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x473, components 3 Size246 kB (246271 bytes) Hash1b514cd6bf37cbbb0738a585510fd600 e171926ee51ece136dc499e19c1adbb118f26f35 9d89491bdea31bb858e17bb9add38046eefa867be00184f3b653798969e3a7ea
GET /43461/images/bg-img-3.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:10 GMT
content-type: image/jpeg
content-length: 246271
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "1b514cd6bf37cbbb0738a585510fd600"
last-modified: Wed, 13 Mar 2024 15:17:38 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000000225d7167c00f3db-0065f29eca-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8673df3bdb3556cb-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/20/2024 07:08:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2cbdeb83344ed21313c148fa541bbdda
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-4.jpg | 194.242.11.186 | 200 OK | 375 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-4.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x692, components 3 Size375 kB (374893 bytes) Hashca2af1e0db4ffa75dc11257debbca866 9a4ecbbbb46dc174daa5eb39d804d00914602fdf 26c2c413b4a6d8f79064e6a92528e0a886da3e41f99acf7e5b8a01ff082f3f97
GET /43461/images/bg-img-4.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:10 GMT
content-type: image/jpeg
content-length: 374893
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "ca2af1e0db4ffa75dc11257debbca866"
last-modified: Wed, 13 Mar 2024 15:17:41 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000003769d44dac3c04af-0065f1c7cc-5280acec-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 869c8b777cce0b55-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e089cda3cd655cc5debd2ecfd01032de
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:35:00 GMT
expires: Fri, 09 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 105010
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:35:00 GMT
expires: Fri, 09 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 105010
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:35:00 GMT
expires: Fri, 09 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 105010
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:35:00 GMT
expires: Fri, 09 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 105010
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/favicon.png | 194.242.11.186 | 200 OK | 1.8 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/favicon.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash482ce499d40d67a9f4e12e5c992e98ce 9b8ce74d23795fdafa1bd6ca98a45a402e77dcc8 a7e3b96b4eab4a0a983b1db97750021b9d18574877b51f5a23a600514694a887
GET /43461/images/favicon.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:10 GMT
content-type: image/png
content-length: 1805
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "482ce499d40d67a9f4e12e5c992e98ce"
last-modified: Wed, 13 Mar 2024 15:17:45 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000931254d7e4b970d6-0065f1c7a0-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 874b2f61f8dd56ba-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/15/2024 10:17:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cc7fbb770b73ad8c97ff665bbf15a8e7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/brush-stroke.svg | 194.242.11.186 | 200 OK | 57 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/brush-stroke.svg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash2affaa6cbada4631a14b44e4390b0358 e7ad09b7af15b3c1aaff622222a654343e358dfe d8783d3e7e17ac28d426e6d7b992027af21ba4f86976b1526b9a1e53a047d169
GET /43461/images/brush-stroke.svg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:10 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: W/"2affaa6cbada4631a14b44e4390b0358"
last-modified: Wed, 13 Mar 2024 15:17:35 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000005c4296c53e680ad2-0065f29eca-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b777a0b56ae-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 69f44733e651a7c53ce3953331db88e6
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-2.jpg | 194.242.11.186 | 200 OK | 242 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-2.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x788, components 3 Size242 kB (241782 bytes) Hash87ea1d39178e8229c5e1d3f4820d371b ffbc7e6774a0e1fdcbc0fa2dea5fa1ee91b2095f 762daaf85334b0f65ee1a790a52257782cef0f4481df7ce04715bfd2acf0f633
GET /43461/images/bg-img-2.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:10 GMT
content-type: image/jpeg
content-length: 241782
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "87ea1d39178e8229c5e1d3f4820d371b"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx0000090b60f5f7e80b015-0065f29eca-52830f45-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 87b0bdbe6fd55685-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/27/2024 18:05:31
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cc6d55bd1c93b4687a4234be80b98970
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cout115a6vts73c58860 | 76.223.57.231 | 302 Found | 30 kB |
URL User Request GET HTTP/2g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cout115a6vts73c58860 IP76.223.57.231:443
CertificateIssuerLet's Encrypt Subjectg.mtrck.org FingerprintB1:97:7C:87:E0:27:AF:43:D2:96:20:A4:78:6D:0C:61:EF:62:F7:69 ValidityThu, 14 Mar 2024 05:51:05 GMT - Wed, 12 Jun 2024 05:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cout115a6vts73c58860 HTTP/1.1
Host: g.mtrck.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 07:45:08 GMT
location: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
server: Caddy, nginx
set-cookie: XSRF-TOKEN=eyJpdiI6IjhkaU1RUGdVbEE5Q2lMdU1ITGZlNFE9PSIsInZhbHVlIjoiV0FXQXZxNDBPYU1oVTJUVklXSlRxTEYzODhMbTNWdEszZmFiUS83S3BId3kzVGlSU2VZYlJITkU5ZUxYSlhzRUZVNWZLTVdENUI4ak9yTElNVE43UWUwWjY4bVF2OHFKbVZCeE52NEZCZW84SEJxWTRWOUcyT0xac2dSUVZxQW4iLCJtYWMiOiJjNTRhNjQyYjg1YmI2NjhkNjI1YjIyNzVmMjM4MjU2MWVjODY2NTk3YmZiZDEyYWE0NWY4MjA0YzRkYzI4ODk5IiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:45:08 GMT; Max-Age=7200; path=/; samesite=lax
clickbit_session=eyJpdiI6IlF4WEptTEFYQ2xUMmwyajhybENtM1E9PSIsInZhbHVlIjoiNnVxZFh1OFRiRHZuL0dCZ1lzSmdVSnZyUVFzSjZrVU1hRmJlWE5kd09JOHowU1kwZUVWYUkxQjE3UTZWTjU0Zm44TjdBTUtWaXhiZmd4OGRSZG5Hd3FTQmM0WEg1OHB1MURMb2QvMURLUUFSaEErQnNMcFZldXQzVmc1TUg0NnoiLCJtYWMiOiI1OGQ1MWY2YmMxNjdhMzY0NWVmYmEzZDA2YjljYTYwMTc0Y2VmMjBkM2UxMzgxMjBkYTQ3YTMzNzMzZWM0NGUxIiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 09:45:08 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cid=eyJpdiI6Im9kd0RwS2J0MmE1dlpXNSt3Qi9HNmc9PSIsInZhbHVlIjoicVpBaEFNOHdjTDFoa21hRjJsclhlRTFNV0J1U3M5Qk13alBzUXdqMnBVcVRPSU11U2YyNUQ5Z1RQQ2ZvWlVDMTd3OEpobU1ZQVJ2amdyM2dWVVhOaWNjVWphcUt0TlJIU25temt2V01rcTg9IiwibWFjIjoiYWZmMTE2MzNjZGJkYWI3MTc2YzRhOTQwYmI1MzlmODFjMTViZjdlYmRhNDI5ODM2ZWNkYjgwYWNhNTEwOGM4YyIsInRhZyI6IiJ9; expires=Tue, 30-Aug-2078 18:01:47 GMT; Max-Age=1713780999; path=/; httponly; samesite=lax
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/mockup-three-phone.png | 194.242.11.186 | 200 OK | 965 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/mockup-three-phone.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 1920 x 808, 8-bit/color RGBA, non-interlaced Size965 kB (964789 bytes) Hashd656e316c5f67a3d7eadc3a4e8a9c1f2 41d0a52bb6ad7351526c739589b85b9c275e963d 2236f4e50c3ddd56f65a30164785676c5d3a1569fa9297418679f25f6ff0bd90
GET /43461/images/mockup-three-phone.png HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:10 GMT
content-type: image/png
content-length: 964789
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "d656e316c5f67a3d7eadc3a4e8a9c1f2"
last-modified: Wed, 13 Mar 2024 15:17:29 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000002dd9f695ca30bbb0-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 87f731f95c8d5684-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/06/2024 07:18:15
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 51e2c80dcab42f7e8206f5fde6bebe86
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/css/flow.css?id=1a2dada5ba76c1b29ae1 | 188.114.96.1 | 200 OK | 385 B |
URL GET HTTP/3prfectnewoffers.net/css/flow.css?id=1a2dada5ba76c1b29ae1 IP188.114.96.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeASCII text, with very long lines (387), with no line terminators Hash716b5bae177d32d4cd7705aea9c3aea6 528d34269613ca77e628a9f9e96c860db310b30e 5a4a12046a65a7d262113515770984da1c25d37e7e85cb169de334467043d386
GET /css/flow.css?id=1a2dada5ba76c1b29ae1 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InV4MU04MUM0UmU5WDlNcGlqVTFJY0E9PSIsInZhbHVlIjoiZXNaNkVSdjRxTlJnanp0azhDQVM4MERBQUVPZ2g3TmFMdDlWaGdWYXpsZ2dCczhVVkkzb0xHSUE2eUR3cEVuMCIsIm1hYyI6IjdhYjZmNWEwZTAwZDc1YTdmYzRiNzZiYTcyMWJkNjViNWE2OGJlNzRlOWM1NTAwYmM2YWY3ZDJhMTlmZjMyMTYifQ%3D%3D; c=eyJpdiI6IjVZTmVnbUpTK0ZKemRyTDBZNDBucFE9PSIsInZhbHVlIjoiUUFiVHFuRzJuYit3TFQzbEtFaGpUVmRFdUJSWUNQRkdYMk5lbExOMkdtWENiKytHdlhZTExibSt0SURJXC8rVDYiLCJtYWMiOiI1MTAyNmE2OGQ5YmI0OGJiODNiYWU1ZWI2NDdiZDYwOGJjMTVlMGUwOTU4NmEyZjJhOTYxNTkzZTNmZTlkMjA5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 12:57:10 GMT
vary: Accept-Encoding
etag: W/"662ba4a6-181"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r68g0EVLgGM9cu45xlPaEgmIYcwcmHbIlAHRryWd88DJct4%2FmpqpOxygP7F4RW16nP3uC98p7h7ipDLM8y8MX%2FfIOOFZC7JgY6phC7%2FBvfY2mqBeHmHsuAyykjQlnO%2B2g2GAfucx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184ee09a9a56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mgkstatic33.b-cdn.net/43461/build/funnel.css | 194.242.11.186 | 200 OK | 83 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/build/funnel.css IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeASCII text, with very long lines (45962) Hash670878add58e57bb842fb7530256b6f7 4e642526889846d2b06727762c71c5ec59a60f16 8db1af5a48d72fa1716165f347f781448ac6228b5fd21ec8b9008c2758e87b83
GET /43461/build/funnel.css HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=3600
etag: W/"670878add58e57bb842fb7530256b6f7"
last-modified: Wed, 13 Mar 2024 15:17:25 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003038141ea2822112-0065f1c7cc-5280ad0f-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 877c41ce290a56be-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/21/2024 09:13:15
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a83cb6f5c3f8faacebd03512d2011921
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif | 194.242.11.186 | 200 OK | 18 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeGIF image data, version 89a, 64 x 64 Hash313d1440d21ae95e5dcfa2f447f14456 8c850ce459c6b12090b887f19b3d824f49049a23 f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb
GET /43461/images/0PTcCKIlgr.gif HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: image/gif
content-length: 17963
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "313d1440d21ae95e5dcfa2f447f14456"
last-modified: Wed, 13 Mar 2024 15:17:39 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000020d12b6785ad2760-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 877c41d2ee4e56be-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/21/2024 09:13:16
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 31881c66615cd6b3aca3efa40b8c44f1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| prfectnewoffers.net/js/redirect.js?id=7205070985cfaaa84a2b | 188.114.96.1 | 200 OK | 2.7 kB |
URL GET HTTP/3prfectnewoffers.net/js/redirect.js?id=7205070985cfaaa84a2b IP188.114.96.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typeJavaScript source, ASCII text, with very long lines (2812), with no line terminators Hashdb1ca2ad2cadb6217bca95f7084e4dfa 7f0c9879b54c9220d7f62014dfd96dd1eacdb7c8 28e07720845339964050f6b68fd46908907d911a6abc687e2a41fc220ebf4f99
GET /js/redirect.js?id=7205070985cfaaa84a2b HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InV4MU04MUM0UmU5WDlNcGlqVTFJY0E9PSIsInZhbHVlIjoiZXNaNkVSdjRxTlJnanp0azhDQVM4MERBQUVPZ2g3TmFMdDlWaGdWYXpsZ2dCczhVVkkzb0xHSUE2eUR3cEVuMCIsIm1hYyI6IjdhYjZmNWEwZTAwZDc1YTdmYzRiNzZiYTcyMWJkNjViNWE2OGJlNzRlOWM1NTAwYmM2YWY3ZDJhMTlmZjMyMTYifQ%3D%3D; c=eyJpdiI6IjVZTmVnbUpTK0ZKemRyTDBZNDBucFE9PSIsInZhbHVlIjoiUUFiVHFuRzJuYit3TFQzbEtFaGpUVmRFdUJSWUNQRkdYMk5lbExOMkdtWENiKytHdlhZTExibSt0SURJXC8rVDYiLCJtYWMiOiI1MTAyNmE2OGQ5YmI0OGJiODNiYWU1ZWI2NDdiZDYwOGJjMTVlMGUwOTU4NmEyZjJhOTYxNTkzZTNmZTlkMjA5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Apr 2024 12:57:43 GMT
vary: Accept-Encoding
etag: W/"662ba4c7-ab2"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AcBrgW%2BCn9XabvH2aX5HYS4iGTvdeXNXmK4Fk%2B0RGKKjQY2InXBiCiIcQWwhz3hfAanAKe9v0uZGdjgX%2BzXoMFgcZyUZTfhD%2BXYUxDCbAISNxC2I4hQtRnLcJda2Fvk2KImCWfpF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184ee0cade56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/js/l.js?id=f699e0c1aa11fe1bdd00 | 188.114.96.1 | 200 OK | 422 kB |
URL GET HTTP/3prfectnewoffers.net/js/l.js?id=f699e0c1aa11fe1bdd00 IP188.114.96.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
Size422 kB (421698 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/l.js?id=f699e0c1aa11fe1bdd00 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InV4MU04MUM0UmU5WDlNcGlqVTFJY0E9PSIsInZhbHVlIjoiZXNaNkVSdjRxTlJnanp0azhDQVM4MERBQUVPZ2g3TmFMdDlWaGdWYXpsZ2dCczhVVkkzb0xHSUE2eUR3cEVuMCIsIm1hYyI6IjdhYjZmNWEwZTAwZDc1YTdmYzRiNzZiYTcyMWJkNjViNWE2OGJlNzRlOWM1NTAwYmM2YWY3ZDJhMTlmZjMyMTYifQ%3D%3D; c=eyJpdiI6IjVZTmVnbUpTK0ZKemRyTDBZNDBucFE9PSIsInZhbHVlIjoiUUFiVHFuRzJuYit3TFQzbEtFaGpUVmRFdUJSWUNQRkdYMk5lbExOMkdtWENiKytHdlhZTExibSt0SURJXC8rVDYiLCJtYWMiOiI1MTAyNmE2OGQ5YmI0OGJiODNiYWU1ZWI2NDdiZDYwOGJjMTVlMGUwOTU4NmEyZjJhOTYxNTkzZTNmZTlkMjA5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Apr 2024 12:57:38 GMT
vary: Accept-Encoding
etag: W/"662ba4c2-66f42"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6POeMPWxnXd%2F9CZlP0PvLLIIrSJT2vsTROiXsEpkkwaz809l%2BkMqRS2kSyM%2BrHNVuDlMg39r3558anHo0Vrg68rb7JmUckyhhDcnY8attJhvBCIUmJDZxIgo%2BKF0IUcFzW8%2FKiwf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184ee0cadf56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 | 188.114.96.1 | 200 OK | 71 kB |
URL GET HTTP/3prfectnewoffers.net/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 IP188.114.96.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typePNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced Hash416250f60d785a2e02f17e054d2e4e44 21572c9751e5a3dc20395befa0fcb349c32c4811 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
GET /images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99
Cookie: XSRF-TOKEN=eyJpdiI6InV4MU04MUM0UmU5WDlNcGlqVTFJY0E9PSIsInZhbHVlIjoiZXNaNkVSdjRxTlJnanp0azhDQVM4MERBQUVPZ2g3TmFMdDlWaGdWYXpsZ2dCczhVVkkzb0xHSUE2eUR3cEVuMCIsIm1hYyI6IjdhYjZmNWEwZTAwZDc1YTdmYzRiNzZiYTcyMWJkNjViNWE2OGJlNzRlOWM1NTAwYmM2YWY3ZDJhMTlmZjMyMTYifQ%3D%3D; c=eyJpdiI6IjVZTmVnbUpTK0ZKemRyTDBZNDBucFE9PSIsInZhbHVlIjoiUUFiVHFuRzJuYit3TFQzbEtFaGpUVmRFdUJSWUNQRkdYMk5lbExOMkdtWENiKytHdlhZTExibSt0SURJXC8rVDYiLCJtYWMiOiI1MTAyNmE2OGQ5YmI0OGJiODNiYWU1ZWI2NDdiZDYwOGJjMTVlMGUwOTU4NmEyZjJhOTYxNTkzZTNmZTlkMjA5In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:10 GMT
content-type: image/png
content-length: 70857
last-modified: Fri, 26 Apr 2024 12:57:43 GMT
etag: "662ba4c7-114c9"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 2392
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNMSP2kMOyxtemkz0SpdgnaWJgWs97cxb3gKxLCfxFj2jDPF9CgbK%2Fm8tKhE8uj39L5q%2FJ3REKeBxlSPhPmu8PHOuT14keRjbo%2FAr%2FRJtEkkemV0RvpR20IKy1VK7K55z25aK%2B5E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184ee62d6d56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/locate | 188.114.96.1 | 200 OK | 144 B |
URL GET HTTP/3prfectnewoffers.net/locate IP188.114.96.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hasha78c1f9242aa33a87bd5f7a7f6cf21af 61484ea912efce8fe8b9aef0eb79eacadecd0968 47ba1d847752b8b99d6b67a2eaa654648624b7035ae2780c5efcbb328b09749e
GET /locate HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6InV4MU04MUM0UmU5WDlNcGlqVTFJY0E9PSIsInZhbHVlIjoiZXNaNkVSdjRxTlJnanp0azhDQVM4MERBQUVPZ2g3TmFMdDlWaGdWYXpsZ2dCczhVVkkzb0xHSUE2eUR3cEVuMCIsIm1hYyI6IjdhYjZmNWEwZTAwZDc1YTdmYzRiNzZiYTcyMWJkNjViNWE2OGJlNzRlOWM1NTAwYmM2YWY3ZDJhMTlmZjMyMTYifQ==
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InV4MU04MUM0UmU5WDlNcGlqVTFJY0E9PSIsInZhbHVlIjoiZXNaNkVSdjRxTlJnanp0azhDQVM4MERBQUVPZ2g3TmFMdDlWaGdWYXpsZ2dCczhVVkkzb0xHSUE2eUR3cEVuMCIsIm1hYyI6IjdhYjZmNWEwZTAwZDc1YTdmYzRiNzZiYTcyMWJkNjViNWE2OGJlNzRlOWM1NTAwYmM2YWY3ZDJhMTlmZjMyMTYifQ%3D%3D; c=eyJpdiI6IjVZTmVnbUpTK0ZKemRyTDBZNDBucFE9PSIsInZhbHVlIjoiUUFiVHFuRzJuYit3TFQzbEtFaGpUVmRFdUJSWUNQRkdYMk5lbExOMkdtWENiKytHdlhZTExibSt0SURJXC8rVDYiLCJtYWMiOiI1MTAyNmE2OGQ5YmI0OGJiODNiYWU1ZWI2NDdiZDYwOGJjMTVlMGUwOTU4NmEyZjJhOTYxNTkzZTNmZTlkMjA5In0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:45:10 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IlZkXC9qQ3ZhN1FrUThhVGRZaWhnYm93PT0iLCJ2YWx1ZSI6ImMrcW5kUk9UdkRZazBaUUR0M2twaG9UNVpHTEFCNFl2WXhyNUNuUm0yMmRuQ3daeXlDNnhhUm85OEh4aXpMM3oiLCJtYWMiOiI0OTdjNmRmYWZlNDYyMGU3OTYxZWEzYjRlMGNjYTdkYzE3YzlmOWFjZmVkMDFhMDVmYmZkYmU4OWU3MzM4ZGY0In0%3D; expires=Fri, 10-May-2024 09:45:10 GMT; Max-Age=7200; path=/
c=eyJpdiI6ImxTZVNMMnVKTVR2K1RveUN5d2hkYnc9PSIsInZhbHVlIjoid1MzU1RvOEJzNlo1YytHa3F4YzZuMTRucEtiQURaRDMreFpudmE4ZW5tOFRpVnZSTlBiSDFRU2g5aDN2dzZFaCIsIm1hYyI6IjUyMGE0NWY5OTQzMmVlMDNiM2M5ZGQ2N2JjNDQ2YmRhNThhNDgwNWU0Y2JhNWEwMjRmODY0YjhjODE4Zjk1ZTIifQ%3D%3D; expires=Fri, 10-May-2024 09:45:10 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vysdLav4z27dyeIHGXruIAbW%2BzcB4oQPQkPoWw8ox2rkzK3nRubnfV2de%2FITjCehs41EGoBeXBds3mTK1tpz6KZJ662HIdDD4dHgqrozZSnkn7WWdvGksVan5y5BaBGkeMmKDrSo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184ee7f82856be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| prfectnewoffers.net/event?hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013 | 188.114.96.1 | 201 Created | 2 B |
URL POST HTTP/3prfectnewoffers.net/event?hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013 IP188.114.96.1:443
Requested byhttps://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerLet's Encrypt Subjectprfectnewoffers.net FingerprintFF:D8:95:43:76:67:B6:52:98:93:00:95:5A:76:EF:D4:D3:15:07:F3 ValidityWed, 10 Apr 2024 05:08:54 GMT - Tue, 09 Jul 2024 05:08:53 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /event?hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013 HTTP/1.1
Host: prfectnewoffers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IlZkXC9qQ3ZhN1FrUThhVGRZaWhnYm93PT0iLCJ2YWx1ZSI6ImMrcW5kUk9UdkRZazBaUUR0M2twaG9UNVpHTEFCNFl2WXhyNUNuUm0yMmRuQ3daeXlDNnhhUm85OEh4aXpMM3oiLCJtYWMiOiI0OTdjNmRmYWZlNDYyMGU3OTYxZWEzYjRlMGNjYTdkYzE3YzlmOWFjZmVkMDFhMDVmYmZkYmU4OWU3MzM4ZGY0In0=
Content-Length: 182
Origin: https://prfectnewoffers.net
DNT: 1
Connection: keep-alive
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9c02124c-1f9e-4516-9f31-1b62bcfd2013&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IlZkXC9qQ3ZhN1FrUThhVGRZaWhnYm93PT0iLCJ2YWx1ZSI6ImMrcW5kUk9UdkRZazBaUUR0M2twaG9UNVpHTEFCNFl2WXhyNUNuUm0yMmRuQ3daeXlDNnhhUm85OEh4aXpMM3oiLCJtYWMiOiI0OTdjNmRmYWZlNDYyMGU3OTYxZWEzYjRlMGNjYTdkYzE3YzlmOWFjZmVkMDFhMDVmYmZkYmU4OWU3MzM4ZGY0In0%3D; c=eyJpdiI6ImxTZVNMMnVKTVR2K1RveUN5d2hkYnc9PSIsInZhbHVlIjoid1MzU1RvOEJzNlo1YytHa3F4YzZuMTRucEtiQURaRDMreFpudmE4ZW5tOFRpVnZSTlBiSDFRU2g5aDN2dzZFaCIsIm1hYyI6IjUyMGE0NWY5OTQzMmVlMDNiM2M5ZGQ2N2JjNDQ2YmRhNThhNDgwNWU0Y2JhNWEwMjRmODY0YjhjODE4Zjk1ZTIifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 201 Created
date: Fri, 10 May 2024 07:45:11 GMT
content-type: application/json
cache-control: no-cache, private
access-control-allow-origin: https://prfectnewoffers.net
vary: Origin
set-cookie: XSRF-TOKEN=eyJpdiI6ImowakpoMk9UcVpMaVwvbWFKdlwvXC9FWWc9PSIsInZhbHVlIjoibEJNQXpQWlpaT0h4UTkwRHFiMlFET2tzbGkyczZrSTdtWmxBQUFxaGlMV0ZtM1lkQ1N3V0RNMk5cL0tJUm9xdmIiLCJtYWMiOiJjMGIwMDZjMDNlOTQxYTA0N2U0OTQ4MWI2NmQ4NjFjN2FhMTVhNzEyZjNmYjYwOTRlOTFhMmQzODNhMTUyZTA2In0%3D; expires=Fri, 10-May-2024 09:45:11 GMT; Max-Age=7200; path=/
c=eyJpdiI6InZKQ3cwbzlhV09rQ2NtYVd2ejltSVE9PSIsInZhbHVlIjoiRjRSaERYRE9aRWc1cm1tS1VSbTV5UlkrZnFGRnlOcXo5V2tLQlNGbVVWRTRPXC9yT1pDT0FSY3FIdTY1MWx1UnoiLCJtYWMiOiIwOWYyYTU5ZjE3OGI3NTE3OTZmYzgxNDE4M2NmM2U1MWFmZWI0ZDM0ZTg3ZWI4OTk4ZDQwYTMxMzc0MTdiNTNjIn0%3D; expires=Fri, 10-May-2024 09:45:11 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QkxENgAzJWJl6xk68XhNqfck7HY69kRSW8fg%2BbGlr4W6nc3imFQD7ypYeU8SbtmxrxDJYSILJlZe%2FbRC3f6uxBLXq7pw7TAfPc7uDAwTIBTRGA1%2BxETzVIhHM1lr3ZMOyPDFB%2BO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88184ee9dac456be-OSL
alt-svc: h3=":443"; ma=86400
|
|