Report - rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000

Report Overview

Visited public
2024-04-16 09:55:27
Tags
Submit Tags
URL
rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Finishing URL
newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
IP / ASN
185.162.87.220
#39572 DataWeb Global Group B.V.
Title
Bit GPT App Ai

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ptaupsom.com	unknown	2023-07-12	2023-07-12 14:44:23	2024-04-16 02:29:32	654 B	1.5 kB	139.45.197.242
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-04-16 05:45:06	2.2 kB	196 kB	216.58.207.227
datatechone.com	unknown	2021-12-24	2015-06-17 15:52:19	2024-04-15 10:13:54	1.2 kB	936 B	37.48.68.71
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2024-04-15 14:15:06	531 B	678 B	139.45.195.8
secureltrk.com	unknown	2023-10-10	2024-01-09 22:07:38	2024-04-12 12:12:58	647 B	501 B	176.97.112.149
newgreatoffers.top	unknown	unknown	No data	No data	13 kB	289 kB	104.21.45.150
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-04-16 05:33:18	754 B	4.7 kB	142.250.74.106
rjmieo.com	unknown	unknown	No data	No data	11 kB	39 kB	185.162.87.220
cdntechone.com	64371	2021-12-24	2021-12-24 18:09:58	2024-04-14 23:06:48	783 B	9.0 kB	104.21.36.146
mgkstatic33.b-cdn.net	unknown	2016-04-25	2023-05-23 23:48:15	2024-04-12 18:34:12	5.1 kB	1.3 MB	194.242.11.186
wokoez.com	unknown	2024-02-05	2024-02-06 14:55:06	2024-04-13 20:01:40	548 B	482 B	185.162.85.4
berebereuolakola.com	unknown	2024-03-11	2024-03-11 18:51:20	2024-04-09 11:10:15	1.3 kB	1.5 kB	139.45.196.64
g.mtrck.org	unknown	2023-02-27	2024-03-14 07:52:11	2024-04-12 18:34:11	521 B	11 kB	76.223.57.231
mdakky.com	unknown	2023-10-12	2023-10-13 10:25:55	2024-04-15 10:33:08	577 B	184 B	185.162.85.3
static-133.b-cdn.net	unknown	2016-04-25	2021-10-05 23:06:29	2024-03-28 11:54:29	2.8 kB	2.4 MB	194.242.11.186

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	rjmieo.com	Sinkholed
2024-04-16	medium	rjmieo.com	Sinkholed
2024-04-16	medium	rjmieo.com	Sinkholed
2024-04-16	medium	rjmieo.com	Sinkholed
2024-04-16	medium	rjmieo.com	Sinkholed
2024-04-16	medium	rjmieo.com	Sinkholed
2024-04-16	medium	rjmieo.com	Sinkholed
2024-04-16	medium	berebereuolakola.com	Sinkholed
2024-04-16	medium	berebereuolakola.com	Sinkholed
2024-04-16	medium	ptaupsom.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	mgkstatic33.b-cdn.net/43461/build/funnel.js	ScriptElement	735 kB	2024-03-14	2024-08-20
Pretty URL mgkstatic33.b-cdn.net/43461/build/funnel.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-14 16:59 Last Seen2024-08-20 07:52 Times Seen367 Hash 154334f976eb4c2bbea602efb4ad82ce 419f09216939d9817c52e4f8f928e4e40c7e0cb4 c0bc7d84863d6352319f4638e7f027022d4e008ce7d0680148b6a884fcbdb8ca Loading...

	newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=	ScriptElement	397 B	2024-03-14	2024-08-20
Pretty URL newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= IP 104.21.45.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-14 16:59 Last Seen2024-08-20 07:52 Times Seen366 Hash a497a0afc16d3a49105f9199bffe7e9d f23d60f9f223603e9854a743f67e30a5d957124d c3e9748d0a3225d2b4471fd0721919c6b783eca4e9d21b0d51581b50e425d184 Loading...

	newgreatoffers.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-07-03
Pretty URL newgreatoffers.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.45.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-03 02:30 Times Seen83488 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	newgreatoffers.top/js/redirect.js?id=7205070985cfaaa84a2b	ScriptElement	2.7 kB	2023-03-11	2024-08-21
Pretty URL newgreatoffers.top/js/redirect.js?id=7205070985cfaaa84a2b IP 104.21.45.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:40 Last Seen2024-08-21 07:10 Times Seen377 Hash 7205070985cfaaa84a2b7e4b4312342a 9142390fc87574c77705c78b2b869ab9644756c4 5fd8e205f7ba2def2d0a5b7212189d9b8766ca0c515b09c39412531d49fcc655 Loading...

	newgreatoffers.top/js/l.js?id=f699e0c1aa11fe1bdd00	ScriptElement	422 kB	2024-03-26	2024-08-20
Pretty URL newgreatoffers.top/js/l.js?id=f699e0c1aa11fe1bdd00 IP 104.21.45.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-26 16:50 Last Seen2024-08-20 06:53 Times Seen352 Hash f699e0c1aa11fe1bdd00a7400b51ac84 4193182e4873223501193aa85eedade88d531ce5 392c15facf9c22c83c1e8c4e47d73ea5875e4b7aaccd0b828874e56975081017 Loading...

HTTP Transactions (51)

URL IP Response Size

rjmieo.com/images/play-2/icon1.png

185.162.87.220

7.3 kB

URL
rjmieo.com/images/play-2/icon1.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon1.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:01 GMT
content-type: image/png
content-length: 7252
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-1c54"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2

rjmieo.com/images/play-2/icon2.png

185.162.87.220

4.6 kB

URL
rjmieo.com/images/play-2/icon2.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon2.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:01 GMT
content-type: image/png
content-length: 4576
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-11e0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2

rjmieo.com/images/play-2/icon3.png

185.162.87.220

7.8 kB

URL
rjmieo.com/images/play-2/icon3.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon3.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:01 GMT
content-type: image/png
content-length: 7847
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-1ea7"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2

rjmieo.com/images/play-2/icon4.png

185.162.87.220

7.0 kB

URL
rjmieo.com/images/play-2/icon4.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon4.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:01 GMT
content-type: image/png
content-length: 7032
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-1b78"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2

rjmieo.com/images/play-2/icon5.png

185.162.87.220

3.3 kB

URL
rjmieo.com/images/play-2/icon5.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon5.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:01 GMT
content-type: image/png
content-length: 3264
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-cc0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2

rjmieo.com/images/play-2/icon7.png

185.162.87.220

3.3 kB

URL
rjmieo.com/images/play-2/icon7.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon7.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:01 GMT
content-type: image/png
content-length: 3283
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-cd3"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2

rjmieo.com/images/play-2/icon8.png

185.162.87.220

4.1 kB

URL
rjmieo.com/images/play-2/icon8.png
IP
185.162.87.220:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4064 bytes)
Hash
f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/play-2/icon8.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:01 GMT
content-type: image/png
content-length: 4064
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-fe0"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2

mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1102421&st=1341271&wd=560731&d=rjmieo.com&tpl=78&rnd=0.6639829314036875&sbid=DB06-0HN1F09U52QUQJQID&sbid2=a0128000intent%3A%2F%2Frjmieo.com%2Fplay

185.162.85.3

0 B

URL
mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1102421&st=1341271&wd=560731&d=rjmieo.com&tpl=78&rnd=0.6639829314036875&sbid=DB06-0HN1F09U52QUQJQID&sbid2=a0128000intent%3A%2F%2Frjmieo.com%2Fplay
IP
185.162.85.3:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rpe?a=1&s=1&act=18&src=2&p=1102421&st=1341271&wd=560731&d=rjmieo.com&tpl=78&rnd=0.6639829314036875&sbid=DB06-0HN1F09U52QUQJQID&sbid2=a0128000intent%3A%2F%2Frjmieo.com%2Fplay HTTP/1.1
Host: mdakky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rjmieo.com
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 16 Apr 2024 09:55:01 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2

wokoez.com/cuclc?aid=11822030677293287207&t=1713261301&s=1201763

185.162.85.4

217 B

URL
wokoez.com/cuclc?aid=11822030677293287207&t=1713261301&s=1201763
IP
185.162.85.4:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document, ASCII text, with no line terminators
Size
217 B (217 bytes)
Hash
d54f3903bea3ae16b6b3d4f9d830d0df
54b6d275349230140721ee4539c00d2d6c16f5f2
23a95f38c50d48147e6c80b6a36eddb050285880530ba480e536e9a069f06ba4

HTTP Headers

GET /cuclc?aid=11822030677293287207&t=1713261301&s=1201763 HTTP/1.1
Host: wokoez.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.18.0
date: Tue, 16 Apr 2024 09:55:01 GMT
content-type: text/html; charset=utf-8
content-length: 217
location: https://berebereuolakola.com/link?z=6849336&var=a560731&ymid=a2_11822030677293287207_560731_2_0
X-Firefox-Spdy: h2

berebereuolakola.com/link?z=6849336&var=a560731&ymid=a2_11822030677293287207_560731_2_0

139.45.196.64

0 B

URL
berebereuolakola.com/link?z=6849336&var=a560731&ymid=a2_11822030677293287207_560731_2_0
IP
139.45.196.64:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /link?z=6849336&var=a560731&ymid=a2_11822030677293287207_560731_2_0 HTTP/1.1
Host: berebereuolakola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rjmieo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Tue, 16 Apr 2024 09:55:01 GMT
content-length: 0
location: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a560731&clid={ymid}&r=http%3A%2F%2Fberebereuolakola.com%2Flink%3Fz%3D6849336%26var%3Da560731%26ymid%3Da2_11822030677293287207_560731_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
link: <https://cdntechone.com>; rel="dns-prefetch preconnect"
set-cookie: OAID=048040fc3c744c0ff071b209815d4f25; expires=Wed, 16 Apr 2025 09:55:01 GMT
oaidts=1713261301; expires=Wed, 16 Apr 2025 09:55:01 GMT
phpckd6849336=true; expires=Wed, 17 Apr 2024 09:55:01 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=b2d640d9-ba34-4f33-a77a-789160b0ef4a

37.48.68.71

2 B

URL
datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=b2d640d9-ba34-4f33-a77a-789160b0ef4a
IP
37.48.68.71:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=b2d640d9-ba34-4f33-a77a-789160b0ef4a HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1661
Origin: https://cdntechone.com
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 16 Apr 2024 09:55:01 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a560731&clid={ymid}&r=http%3A%2F%2Fberebereuolakola.com%2Flink%3Fz%3D6849336%26var%3Da560731%26ymid%3Da2_11822030677293287207_560731_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505

104.21.36.146

8.3 kB

URL
cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a560731&clid={ymid}&r=http%3A%2F%2Fberebereuolakola.com%2Flink%3Fz%3D6849336%26var%3Da560731%26ymid%3Da2_11822030677293287207_560731_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505
IP
104.21.36.146:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (18452)
Size
8.3 kB (8285 bytes)
Hash
bb831dd6d50f6c8b53353103ec9a3703
9d78eba98e3da16601fb5492a7d66030865293e0
785c9ae55eb9710019f4b32060731514e6bf11d2fb96e0c5bc5dec7d2bfc9319

HTTP Headers

GET /r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a560731&clid={ymid}&r=http%3A%2F%2Fberebereuolakola.com%2Flink%3Fz%3D6849336%26var%3Da560731%26ymid%3Da2_11822030677293287207_560731_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505 HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rjmieo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:01 GMT
content-type: text/html
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NnW3uMhj8dhNucMYqQhCx%2FDtfGR2fAi9vvVQ3AZCqtpYWENueytweVQ%2FpDnUpYPRWvBgLlHTgmEx74yYQz8oY2FueVrQ0BfMAKnxvMH84CSehay9MmZkJOdv%2BY5IzaTlDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c1f399ab4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

berebereuolakola.com/favicon.ico

139.45.196.64

0 B

URL
berebereuolakola.com/favicon.ico
IP
139.45.196.64:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: berebereuolakola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://berebereuolakola.com/link?z=6849336&var=a560731&ymid=a2_11822030677293287207_560731_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505
Cookie: OAID=048040fc3c744c0ff071b209815d4f25; oaidts=1713261301; phpckd6849336=true; allcnt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 16 Apr 2024 09:55:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=merge&userId=048040fc3c744c0ff071b209815d4f25&z=6849338&p_rid=62c6d5eb-1aef-4a57-98f4-1cef7ddf74c1&p_src=sf

139.45.195.8

43 B

URL
my.rtmark.net/img.gif?f=merge&userId=048040fc3c744c0ff071b209815d4f25&z=6849338&p_rid=62c6d5eb-1aef-4a57-98f4-1cef7ddf74c1&p_src=sf
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=merge&userId=048040fc3c744c0ff071b209815d4f25&z=6849338&p_rid=62c6d5eb-1aef-4a57-98f4-1cef7ddf74c1&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://berebereuolakola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 09:55:02 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=048040fc3c744c0ff071b209815d4f25; expires=Wed, 16 Apr 2025 09:55:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=62c6d5eb-1aef-4a57-98f4-1cef7ddf74c1

37.48.68.71

2 B

URL
datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=62c6d5eb-1aef-4a57-98f4-1cef7ddf74c1
IP
37.48.68.71:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=62c6d5eb-1aef-4a57-98f4-1cef7ddf74c1 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1537
Origin: https://berebereuolakola.com
DNT: 1
Connection: keep-alive
Referer: https://berebereuolakola.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 16 Apr 2024 09:55:02 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://berebereuolakola.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

POST ptaupsom.com/?z=6849338&syncedCookie=true&rhd=false

139.45.197.242

302 Found

0 B

URL User Request POST HTTP/2
ptaupsom.com/?z=6849338&syncedCookie=true&rhd=false
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Certificate
IssuerLet's Encrypt
Subjectptaupsom.com
FingerprintAB:9A:62:A1:9D:E4:06:4C:2A:03:DA:B9:42:CB:A2:16:50:FE:57:6E
ValidityFri, 08 Mar 2024 05:29:04 GMT - Thu, 06 Jun 2024 05:29:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /?z=6849338&syncedCookie=true&rhd=false HTTP/1.1
Host: ptaupsom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 715
Origin: https://berebereuolakola.com
DNT: 1
Connection: keep-alive
Referer: https://berebereuolakola.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Tue, 16 Apr 2024 09:55:02 GMT
content-length: 0
location: https://secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=804038770327565157&cost=0.001050&zoneid=6849338&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0
x-trace-id: 64255edd2d9333bb9a6f1ee8687f4519
link: <https://secureltrk.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://berebereuolakola.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00804040f6064265f26c488cc3d00a8c; expires=Wed, 16 Apr 2025 09:55:02 GMT; path=/; secure; SameSite=None
oaidts=1713261302; expires=Wed, 16 Apr 2025 09:55:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=804038770327565157&cost=0.001050&zoneid=6849338&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0

176.97.112.149

307 Temporary Redirect

0 B

URL User Request GET HTTP/2
secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=804038770327565157&cost=0.001050&zoneid=6849338&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0
IP
176.97.112.149:443
ASN
#43180 Virtual Systems LLC

Certificate
IssuerLet's Encrypt
Subjectsecureltrk.com
Fingerprint91:A8:57:2C:3B:9E:B5:B7:A7:E4:55:0C:08:59:E7:45:9D:A9:4C:9D
ValidityFri, 22 Mar 2024 12:23:21 GMT - Thu, 20 Jun 2024 12:23:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?key=964a6cb724a8ed441ad5&visitor_id=804038770327565157&cost=0.001050&zoneid=6849338&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 HTTP/1.1
Host: secureltrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Tue, 16 Apr 2024 09:55:03 GMT
location: https://g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cof4ltla6vts738dk9l0
server: Caddy
set-cookie: uclick=zb7exQpfMNo1hbXyaGCYtxGEaK+l/jQxCcbazM4s1Eao4NjLfI98UZJugk6rpeazMPPEbA==; Max-Age=31536000; SameSite=Lax
bcid=cof4ltla6vts738dk9l0; Max-Age=31536000; SameSite=Lax
cid=cof4ltla6vts738dk9l0; Max-Age=31536000; SameSite=Lax
x-request-id: 8d452204-f7bd-444d-8e7f-321b9bc76cb2
content-length: 0
X-Firefox-Spdy: h2

GET newgreatoffers.top/images/check-icon.png

104.21.45.150

200 OK

45 kB

URL GET HTTP/3
newgreatoffers.top/images/check-icon.png
IP
104.21.45.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subjectnewgreatoffers.top
Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D
ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT

File type
PNG image data, 900 x 520, 8-bit/color RGBA, non-interlaced
Size
45 kB (45018 bytes)
Hash
678be8aead34ae53e3a53f79ba30c820
a90e388c192e1287fb9132385e0e9960a1f7c15e
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016

HTTP Headers

GET /images/check-icon.png HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InJJaG1QMDYwck13a2d4cjhWUXF3Umc9PSIsInZhbHVlIjoiKzg5SXcrZ3R5ZSszUTlCVEkxTWlTYnZNelhcL2hRWFBGNXJ3WUtPbmprdUw3dFMydWtZSldmdWpyYkhkZnNXZDUiLCJtYWMiOiJkM2UwOGFhMjU0ZDY4YWZkNDYyNTVmODJlZTk5OGE3NTBkMDI2MGQ4MjM5NWZjZTk4ZjA5MjU5MTg0NTY1NGIxIn0%3D; c=eyJpdiI6IkI2UEZ0ZU84dlVaUktuWllTejZTeHc9PSIsInZhbHVlIjoiOEh2aHFHVW02RWVhVzg3WFNGM3ZnTFpVZGNQR2tTY0hXbk5DY1RpTnNTTEFURURncWtWOWZaM21rS0hrUFJlOSIsIm1hYyI6ImIyYjllNzYyYTFhNGIxZWZmNTM2NzI1ZGM5YzdkNmM0MTQ5YzNkYWU3MWUwYjhkYzZkNTZhOGZlMGQyNDBkZmIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 45018
last-modified: Wed, 27 Mar 2024 14:37:42 GMT
etag: "66042f36-afda"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
cache-control: max-age=14400
cf-cache-status: HIT
age: 101
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gfgyuzc8vnBta9Eo7Pcnvh5scpDkfamkzmWfecxHma%2F93l%2FVaR1db7iM7aspYxw%2FmuYnVnkgTOACB9DvSme2jBg1zwpYBhnWCy1L4%2BEIo0oBpSErMVy9RY7p4TPx5dRlt5rcR%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87534c2cbd8f568e-OSL
alt-svc: h3=":443"; ma=86400

GET mgkstatic33.b-cdn.net/43461/images/logo.png

194.242.11.186

200 OK

12 kB

URL GET HTTP/2
mgkstatic33.b-cdn.net/43461/images/logo.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
PNG image data, 436 x 130, 8-bit/color RGBA, non-interlaced
Size
12 kB (12510 bytes)
Hash
34156c9cf33b3a62f654c05dce790379
3e937d90138e64ceb158a1d7940e88551e7d3ae4
d13af073b360ef22d6fae9f4553a70389ba215b9d4dff52a9e2358417be6921c

HTTP Headers

GET /43461/images/logo.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 12510
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "34156c9cf33b3a62f654c05dce790379"
last-modified: Wed, 13 Mar 2024 15:17:34 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000008b1c89a4d0b15148-0065f29eca-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 864461ec3802b51d-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/14/2024 12:49:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 842517dba7291496e3e0230a02b936e8
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png

194.242.11.186

200 OK

4.0 kB

URL GET HTTP/2
mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
PNG image data, 71 x 72, 8-bit/color RGBA, non-interlaced
Size
4.0 kB (3992 bytes)
Hash
aa55fd19e5efcaea20c5baf81e722bbc
6e5466aa0c4bf4586f1d6e53ae63f9c1fc1a3f56
3d25d49488fafac19a1fd40686a0d901d245e613db1d0b1ddb9a38fa101c659e

HTTP Headers

GET /43461/images/Icon-ionic-md-trophy.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 3992
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "aa55fd19e5efcaea20c5baf81e722bbc"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000052d3ae9d438c6d95-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b73bf9f0b45-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 55587a53e90c7853814c3ecd65b54f2e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png

194.242.11.186

200 OK

3.8 kB

URL GET HTTP/2
mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
PNG image data, 78 x 78, 8-bit/color RGBA, non-interlaced
Size
3.8 kB (3776 bytes)
Hash
2973d7d42cbc07bd0099eec135a5de96
a657b46c370c998c751368bd9231d9729e2b8d23
cd37a4eede36ce73ad4388f7f6a0483c87455e888b16eaee0c9e076abf7882dc

HTTP Headers

GET /43461/images/Icon-awesome-download.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 3776
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "2973d7d42cbc07bd0099eec135a5de96"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000096a6b8a15cae6941-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b74dc1c0b55-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: aa0c63eb169c32df8de2d0fb0b7de7c0
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png

194.242.11.186

200 OK

3.7 kB

URL GET HTTP/2
mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced
Size
3.7 kB (3717 bytes)
Hash
e26549054b8a37aff472cc3c68ca9f92
6d982d6d54f9f1af0ee1b88992dd25a16c66d77d
7cdbc2c72709df7bd0a11927adf1f751a7fc681d3e032267a2b9c4e328dcf40b

HTTP Headers

GET /43461/images/Icon-awesome-rocket.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 3717
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "e26549054b8a37aff472cc3c68ca9f92"
last-modified: Wed, 13 Mar 2024 15:17:28 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001277ebaeb444c088-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc82efeb7130-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5de194ff1d9291925a9e353bde0c1de7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET mgkstatic33.b-cdn.net/43461/images/Polygon-10.png

194.242.11.186

200 OK

465 B

URL GET HTTP/2
mgkstatic33.b-cdn.net/43461/images/Polygon-10.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
PNG image data, 46 x 69, 8-bit/color RGBA, non-interlaced
Size
465 B (465 bytes)
Hash
250d763ae00c38fc8d960305e2f11950
130acf813f4c80c9cc7db53decc8799c28e3eb43
d074af86e879deab518c017c9078083a6dc2214d6ca96b892c245bab5c94ceb1

HTTP Headers

GET /43461/images/Polygon-10.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 465
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "250d763ae00c38fc8d960305e2f11950"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003cd7736e5659ab25-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc844d30b517-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e23a4234c5e27231b907c20775263aae
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif

194.242.11.186

200 OK

18 kB

URL GET HTTP/2
mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
GIF image data, version 89a, 64 x 64
Size
18 kB (17963 bytes)
Hash
313d1440d21ae95e5dcfa2f447f14456
8c850ce459c6b12090b887f19b3d824f49049a23
f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb

HTTP Headers

GET /43461/images/0PTcCKIlgr.gif HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/gif
content-length: 17963
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "313d1440d21ae95e5dcfa2f447f14456"
last-modified: Wed, 13 Mar 2024 15:17:39 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000020d12b6785ad2760-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 864461ec9f3a56ae-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/14/2024 12:49:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ce330ec9510747c2f8a412fdae296490
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png

194.242.11.186

200 OK

101 kB

URL GET HTTP/2
mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
PNG image data, 522 x 848, 8-bit/color RGBA, non-interlaced
Size
101 kB (101329 bytes)
Hash
8d3c7b42fdd79ef3c7d81aee046465c8
933e6035c9082dc87418519e8c4e6550c3f1d8a1
f6d18c1ec94df13f3f335ee98f1cdc6010656e117c6a5bd0b47812580c188123

HTTP Headers

GET /43461/images/phone-with-shadow-bitbotapp.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 101329
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "8d3c7b42fdd79ef3c7d81aee046465c8"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001497924583aa2f5c-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc830eae56a4-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 67da25f325de5f0b1ea7bed5f4790fc7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png

194.242.11.186

200 OK

405 kB

URL GET HTTP/2
mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
PNG image data, 960 x 795, 8-bit/color RGBA, non-interlaced
Size
405 kB (405350 bytes)
Hash
b961c9e7e178aa1bb10a1ed8bbc37f76
5a4ae86e986118b8792a85c6c561e07c1f23ee03
15775556fc3dd033df8b911c03448a47cc4e14f26e36aecc2ac378f76c9307d8

HTTP Headers

GET /43461/images/robot-and-phone-final-img.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 405350
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "b961c9e7e178aa1bb10a1ed8bbc37f76"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000d699074756f91dc7-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b76181e0b45-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 0309e62c444e5d9d4a18e12215bcf0f5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET newgreatoffers.top/js/l.js?id=f699e0c1aa11fe1bdd00

104.21.45.150

200 OK

115 kB

URL GET HTTP/3
newgreatoffers.top/js/l.js?id=f699e0c1aa11fe1bdd00
IP
104.21.45.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subjectnewgreatoffers.top
Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D
ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65336), with no line terminators
Size
115 kB (114701 bytes)
Hash
f699e0c1aa11fe1bdd00a7400b51ac84
4193182e4873223501193aa85eedade88d531ce5
392c15facf9c22c83c1e8c4e47d73ea5875e4b7aaccd0b828874e56975081017

HTTP Headers

GET /js/l.js?id=f699e0c1aa11fe1bdd00 HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InJJaG1QMDYwck13a2d4cjhWUXF3Umc9PSIsInZhbHVlIjoiKzg5SXcrZ3R5ZSszUTlCVEkxTWlTYnZNelhcL2hRWFBGNXJ3WUtPbmprdUw3dFMydWtZSldmdWpyYkhkZnNXZDUiLCJtYWMiOiJkM2UwOGFhMjU0ZDY4YWZkNDYyNTVmODJlZTk5OGE3NTBkMDI2MGQ4MjM5NWZjZTk4ZjA5MjU5MTg0NTY1NGIxIn0%3D; c=eyJpdiI6IkI2UEZ0ZU84dlVaUktuWllTejZTeHc9PSIsInZhbHVlIjoiOEh2aHFHVW02RWVhVzg3WFNGM3ZnTFpVZGNQR2tTY0hXbk5DY1RpTnNTTEFURURncWtWOWZaM21rS0hrUFJlOSIsIm1hYyI6ImIyYjllNzYyYTFhNGIxZWZmNTM2NzI1ZGM5YzdkNmM0MTQ5YzNkYWU3MWUwYjhkYzZkNTZhOGZlMGQyNDBkZmIifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 27 Mar 2024 14:41:29 GMT
vary: Accept-Encoding
etag: W/"66043019-66f42"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cache-control: max-age=14400
cf-cache-status: HIT
age: 101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=039bTeyHvoHeRMBvlsCyu2GwnK%2BDRh3c7QhkDDMQ7z55IHTZ%2FHr6PSNpcX2%2FpudQ1kRt2T7TlJDGmTADBzf9KYtUiGYnuLhpwEGAsWCOXFcmZefPdhHgQXktLrAGjM%2Bi0CaI7js%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c2cddb9568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET newgreatoffers.top/css/forms.css?id=f996a15d4340ce7f6a99

104.21.45.150

200 OK

4.0 kB

URL GET HTTP/3
newgreatoffers.top/css/forms.css?id=f996a15d4340ce7f6a99
IP
104.21.45.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subjectnewgreatoffers.top
Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D
ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT

File type
ASCII text, with very long lines (19895)
Size
4.0 kB (3988 bytes)
Hash
f996a15d4340ce7f6a994015a99c95d9
e59e2ce631dcf0619e149659a0052285e374def4
f93e02936033f95f052bec10b8041b15ec34b661a699957113f8646875c81718

HTTP Headers

GET /css/forms.css?id=f996a15d4340ce7f6a99 HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InJJaG1QMDYwck13a2d4cjhWUXF3Umc9PSIsInZhbHVlIjoiKzg5SXcrZ3R5ZSszUTlCVEkxTWlTYnZNelhcL2hRWFBGNXJ3WUtPbmprdUw3dFMydWtZSldmdWpyYkhkZnNXZDUiLCJtYWMiOiJkM2UwOGFhMjU0ZDY4YWZkNDYyNTVmODJlZTk5OGE3NTBkMDI2MGQ4MjM5NWZjZTk4ZjA5MjU5MTg0NTY1NGIxIn0%3D; c=eyJpdiI6IkI2UEZ0ZU84dlVaUktuWllTejZTeHc9PSIsInZhbHVlIjoiOEh2aHFHVW02RWVhVzg3WFNGM3ZnTFpVZGNQR2tTY0hXbk5DY1RpTnNTTEFURURncWtWOWZaM21rS0hrUFJlOSIsIm1hYyI6ImIyYjllNzYyYTFhNGIxZWZmNTM2NzI1ZGM5YzdkNmM0MTQ5YzNkYWU3MWUwYjhkYzZkNTZhOGZlMGQyNDBkZmIifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: text/css
last-modified: Wed, 27 Mar 2024 14:41:19 GMT
vary: Accept-Encoding
etag: W/"6604300f-570a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ug%2FNyurX%2BXBEr6chD5cYRadKxW4BWL%2B9iWzjBnYHWdOpXm5z92V13Nwja%2FFLimOawqIFUqAIknEuTWja2OeMD9f0Ccxei7Xyg1%2BXeGuhoV5Wk%2Bs7nkHqn2TJ94AlOVSCGZSOzT8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c2cbd83568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET mgkstatic33.b-cdn.net/43461/build/funnel.css

194.242.11.186

200 OK

22 kB

URL GET HTTP/2
mgkstatic33.b-cdn.net/43461/build/funnel.css
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (45962)
Size
22 kB (21775 bytes)
Hash
670878add58e57bb842fb7530256b6f7
4e642526889846d2b06727762c71c5ec59a60f16
8db1af5a48d72fa1716165f347f781448ac6228b5fd21ec8b9008c2758e87b83

HTTP Headers

GET /43461/build/funnel.css HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=3600
etag: W/"670878add58e57bb842fb7530256b6f7"
last-modified: Wed, 13 Mar 2024 15:17:25 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003038141ea2822112-0065f1c7cc-5280ad0f-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc805baf56a4-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 85cf6dc20b52e0adfe216923037c5a3e
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap

142.250.74.106

200 OK

4.1 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
4.1 kB (4072 bytes)
Hash
e82d916d8c958863cec8e06a59033b3e
b589adb80f344a271bca532fb63d79ffff99e37b
87bd8a53b5b25ad498dc9485d068c4d88241ecd2a04c4fc04d8094ac45d586b8

HTTP Headers

GET /css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 09:55:04 GMT
date: Tue, 16 Apr 2024 09:55:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET static-133.b-cdn.net/43461/images/hero-img-new.jpg

194.242.11.186

200 OK

394 kB

URL GET HTTP/2
static-133.b-cdn.net/43461/images/hero-img-new.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x935, components 3
Size
394 kB (393575 bytes)
Hash
8867f07ab37b30a70556531fab9ab745
b38438f367b8db496568700d6f07ffc17a185151
d74199bd755af51a2080d1caad0f8655afebbd5da7b56ee3302699c7bd856b0a

HTTP Headers

GET /43461/images/hero-img-new.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/jpeg
content-length: 393575
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "8867f07ab37b30a70556531fab9ab745"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000001c2614e59fb41b02-0065f1c7cc-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8673df3bda3bb51b-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/20/2024 07:08:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1756b247113ce2f3438ec06dc9737a3b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET static-133.b-cdn.net/43461/images/bg-img-2.jpg

194.242.11.186

200 OK

242 kB

URL GET HTTP/2
static-133.b-cdn.net/43461/images/bg-img-2.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x788, components 3
Size
242 kB (241782 bytes)
Hash
87ea1d39178e8229c5e1d3f4820d371b
ffbc7e6774a0e1fdcbc0fa2dea5fa1ee91b2095f
762daaf85334b0f65ee1a790a52257782cef0f4481df7ce04715bfd2acf0f633

HTTP Headers

GET /43461/images/bg-img-2.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/jpeg
content-length: 241782
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "87ea1d39178e8229c5e1d3f4820d371b"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx0000090b60f5f7e80b015-0065f29eca-52830f45-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 869c8b7778650b45-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 36c800badd3439a7aa27253df3b73ce6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET static-133.b-cdn.net/43461/images/bg-img-3.jpg

194.242.11.186

200 OK

246 kB

URL GET HTTP/2
static-133.b-cdn.net/43461/images/bg-img-3.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x473, components 3
Size
246 kB (246271 bytes)
Hash
1b514cd6bf37cbbb0738a585510fd600
e171926ee51ece136dc499e19c1adbb118f26f35
9d89491bdea31bb858e17bb9add38046eefa867be00184f3b653798969e3a7ea

HTTP Headers

GET /43461/images/bg-img-3.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/jpeg
content-length: 246271
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "1b514cd6bf37cbbb0738a585510fd600"
last-modified: Wed, 13 Mar 2024 15:17:38 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000000225d7167c00f3db-0065f29eca-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8673df3bdb3556cb-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/20/2024 07:08:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1a5a09194a5f589c665877635bcfda66
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET static-133.b-cdn.net/43461/images/mockup-three-phone.png

194.242.11.186

200 OK

965 kB

URL GET HTTP/2
static-133.b-cdn.net/43461/images/mockup-three-phone.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
PNG image data, 1920 x 808, 8-bit/color RGBA, non-interlaced
Size
965 kB (964789 bytes)
Hash
d656e316c5f67a3d7eadc3a4e8a9c1f2
41d0a52bb6ad7351526c739589b85b9c275e963d
2236f4e50c3ddd56f65a30164785676c5d3a1569fa9297418679f25f6ff0bd90

HTTP Headers

GET /43461/images/mockup-three-phone.png HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/png
content-length: 964789
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "d656e316c5f67a3d7eadc3a4e8a9c1f2"
last-modified: Wed, 13 Mar 2024 15:17:29 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000002dd9f695ca30bbb0-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8673df3bda460b3d-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/20/2024 07:08:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: dcc8ee30fb0cbc36e7cf594c6cf93e42
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET static-133.b-cdn.net/43461/images/bg-img-4.jpg

194.242.11.186

200 OK

375 kB

URL GET HTTP/2
static-133.b-cdn.net/43461/images/bg-img-4.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x692, components 3
Size
375 kB (374893 bytes)
Hash
ca2af1e0db4ffa75dc11257debbca866
9a4ecbbbb46dc174daa5eb39d804d00914602fdf
26c2c413b4a6d8f79064e6a92528e0a886da3e41f99acf7e5b8a01ff082f3f97

HTTP Headers

GET /43461/images/bg-img-4.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/jpeg
content-length: 374893
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "ca2af1e0db4ffa75dc11257debbca866"
last-modified: Wed, 13 Mar 2024 15:17:41 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000003769d44dac3c04af-0065f1c7cc-5280acec-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 869c8b777cce0b55-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6650f69cac6b4348056ed60625433631
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET newgreatoffers.top/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44

104.21.45.150

200 OK

71 kB

URL GET HTTP/3
newgreatoffers.top/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
IP
104.21.45.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subjectnewgreatoffers.top
Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D
ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT

File type
PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced
Size
71 kB (70857 bytes)
Hash
416250f60d785a2e02f17e054d2e4e44
21572c9751e5a3dc20395befa0fcb349c32c4811
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

HTTP Headers

GET /images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/css/forms.css?id=f996a15d4340ce7f6a99
Cookie: XSRF-TOKEN=eyJpdiI6InJJaG1QMDYwck13a2d4cjhWUXF3Umc9PSIsInZhbHVlIjoiKzg5SXcrZ3R5ZSszUTlCVEkxTWlTYnZNelhcL2hRWFBGNXJ3WUtPbmprdUw3dFMydWtZSldmdWpyYkhkZnNXZDUiLCJtYWMiOiJkM2UwOGFhMjU0ZDY4YWZkNDYyNTVmODJlZTk5OGE3NTBkMDI2MGQ4MjM5NWZjZTk4ZjA5MjU5MTg0NTY1NGIxIn0%3D; c=eyJpdiI6IkI2UEZ0ZU84dlVaUktuWllTejZTeHc9PSIsInZhbHVlIjoiOEh2aHFHVW02RWVhVzg3WFNGM3ZnTFpVZGNQR2tTY0hXbk5DY1RpTnNTTEFURURncWtWOWZaM21rS0hrUFJlOSIsIm1hYyI6ImIyYjllNzYyYTFhNGIxZWZmNTM2NzI1ZGM5YzdkNmM0MTQ5YzNkYWU3MWUwYjhkYzZkNTZhOGZlMGQyNDBkZmIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:05 GMT
content-type: image/png
content-length: 70857
last-modified: Wed, 27 Mar 2024 14:41:19 GMT
etag: "6604300f-114c9"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 102
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDPjs24emuVOXmPRdMIpNeq%2B3jGEYSGwQZrQyJDnQdLbYsumGgRkr9M%2Bcz7B%2BxiPmkRwpki4FHbnxQOH54HuKdp%2BuvTYt8atoYoaK8FCsUOOOJEd2KI8b3X0PMEza2AaXeiC9fU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87534c34b905568e-OSL
alt-svc: h3=":443"; ma=86400

GET g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cof4ltla6vts738dk9l0

76.223.57.231

302 Found

8.9 kB

URL User Request GET HTTP/2
g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cof4ltla6vts738dk9l0
IP
76.223.57.231:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectg.mtrck.org
FingerprintB1:97:7C:87:E0:27:AF:43:D2:96:20:A4:78:6D:0C:61:EF:62:F7:69
ValidityThu, 14 Mar 2024 05:51:05 GMT - Wed, 12 Jun 2024 05:51:04 GMT

File type
data
Size
8.9 kB (8906 bytes)
Hash
4d1522ec961cdb4ea92aef957239f409
c792c32288c343b34e67daa553e1163a7131775f
26b696c26efdae26435eb3d8eb4bb2cda3b1a9d08802ce063dfd3a1ac2b01053

HTTP Headers

GET /c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cof4ltla6vts738dk9l0 HTTP/1.1
Host: g.mtrck.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Tue, 16 Apr 2024 09:55:03 GMT
location: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
server: Caddy, nginx
set-cookie: XSRF-TOKEN=eyJpdiI6Ik5penVzRVhhNGd5WVNleXJKY2xLYXc9PSIsInZhbHVlIjoiNXFyMGZiOEVOejdpSnUwYkN6cFI2Sngzd1BCSzdDRkhPRzZJT2dPbnRodk9wRjJlQ0VBUUd6ZTU3L3dOSjk4NDJveFJQUVpvL1NxUTJ1dHk1c2lVOWtQbWNwbkh3MlFoUXZqNzBTUlZxdW82Z3kwT2pCRjlHS0E4SWJWVC8ya3QiLCJtYWMiOiIzNGQxNmQ3MzRiMjFlZWY3NTk5MDQ5MGQ0YjVmZjVlOWE4ZTZmNTIxMjE3OTMzZGZiZWYzYmIwZGU2MjgwOWUwIiwidGFnIjoiIn0%3D; expires=Tue, 16-Apr-2024 11:55:03 GMT; Max-Age=7200; path=/; samesite=lax
clickbit_session=eyJpdiI6IksxTThEUThFS2IwS1ZlWkpDcDVYOFE9PSIsInZhbHVlIjoidG0wTFQ4MjZiL3dDMnQyZUxDSVZqelhtblUzNUFNV29mbjlzdjVxVTF2bFl1R1V4TDVYVTQ0RmJyRXZ2d0JhZmp2aXl2MTN0NXZZcnNqMXloTWdZdDdzUm5SYXc1ckZmTXNQOUdWRUdlZ1BwWjVUQVRpODhlOThSbnp1NkFhSzUiLCJtYWMiOiJjYzYxZGY1OWE5MzAyODhiNzMwNDM3YWFkZWYzNWUzYTNjYTIxMDE1MzlhNDU2M2VkOGMzM2NmMzQ2M2U5NzJhIiwidGFnIjoiIn0%3D; expires=Tue, 16-Apr-2024 11:55:03 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cid=eyJpdiI6Ik1kdThUZHNra2NSZjVmREduOTVJOWc9PSIsInZhbHVlIjoiME9lUG8rdzRSWDlQYVNSZE5hOStwMGYvL3VZWW5UbGUwVHdVZ016T3YyTGZFSTFpdi95dkJmOGJrc25xbU1wWjB3c2o1eFd0RWd5Uk13TkxiUTBZd0NNbkxNT1puYzAyR3hWcmZHajNlMWc9IiwibWFjIjoiZGEwOTU3YTA1NDE1YjkyYzMxM2JmMmNmMWI5ZDlkOGMwMTU3MjRlM2Y3ZGQ4Mjc3OTJhMDAyMWZkYmViMTIwOSIsInRhZyI6IiJ9; expires=Sun, 31-Jul-2078 16:32:38 GMT; Max-Age=1713249455; path=/; httponly; samesite=lax
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newgreatoffers.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 458405
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newgreatoffers.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 458405
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newgreatoffers.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 458405
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newgreatoffers.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 458405
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET mgkstatic33.b-cdn.net/43461/images/favicon.png

194.242.11.186

200 OK

1.8 kB

URL GET HTTP/2
mgkstatic33.b-cdn.net/43461/images/favicon.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1805 bytes)
Hash
482ce499d40d67a9f4e12e5c992e98ce
9b8ce74d23795fdafa1bd6ca98a45a402e77dcc8
a7e3b96b4eab4a0a983b1db97750021b9d18574877b51f5a23a600514694a887

HTTP Headers

GET /43461/images/favicon.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:05 GMT
content-type: image/png
content-length: 1805
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "482ce499d40d67a9f4e12e5c992e98ce"
last-modified: Wed, 13 Mar 2024 15:17:45 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000931254d7e4b970d6-0065f1c7a0-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 874b2f61f8dd56ba-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/15/2024 10:17:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 621d3f0c683cd76a49b51638d1ea330d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

POST newgreatoffers.top/event?hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836

104.21.45.150

201 Created

8.0 kB

URL POST HTTP/3
newgreatoffers.top/event?hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836
IP
104.21.45.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subjectnewgreatoffers.top
Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D
ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT

File type
data
Size
8.0 kB (8047 bytes)
Hash
496b01e54b61f073350a21a9772cfe0c
719b0329561746d29d44671d966322e1d153f773
1eea1e60db49f43b75deea20695720af72f07df3502b113ec22eb3d6585eed4d

HTTP Headers

POST /event?hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836 HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6ImhQdis4c2ZTOFM2aTlpWHVDMUY1XC9nPT0iLCJ2YWx1ZSI6ImdrXC96MkdEdmlDS1Vpb2NxcjRVVHR6SVpPTEdhUTZPbitKTkV4dGdBZ0ZQNEttWG1MU0VpZ05HWEVDMGRBWFpGIiwibWFjIjoiMjY5YTRmNWE1ODZmNmI4YjU3MzQwNTljYzg2MWU4NmZhYWFiYmE0OTZkZWVhMzE1MzRlODk0ZGYxYTQyMjNlYSJ9
Content-Length: 182
Origin: https://newgreatoffers.top
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6ImhQdis4c2ZTOFM2aTlpWHVDMUY1XC9nPT0iLCJ2YWx1ZSI6ImdrXC96MkdEdmlDS1Vpb2NxcjRVVHR6SVpPTEdhUTZPbitKTkV4dGdBZ0ZQNEttWG1MU0VpZ05HWEVDMGRBWFpGIiwibWFjIjoiMjY5YTRmNWE1ODZmNmI4YjU3MzQwNTljYzg2MWU4NmZhYWFiYmE0OTZkZWVhMzE1MzRlODk0ZGYxYTQyMjNlYSJ9; c=eyJpdiI6IkowaWM4alhmMFpteEYxVTB3R2o2THc9PSIsInZhbHVlIjoiQlZlVHozZEhyWTVPUVhwRlFwOXVXMFNUM3d5NEJqUHpGUFRVUmxxWDFwQTVSU2wwcTgrQ2xMaWZNa2EwOVNJbCIsIm1hYyI6IjJiYWY0MzVmNGZlZjAxZTVmMjUwOGEzMmU3MzZlNzVlMTQ0Zjk3ZGMyNmE1MjUwMDQ0OTFhZDU1ZmQwNmQ2MDUifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 201 Created
date: Tue, 16 Apr 2024 09:55:05 GMT
content-type: application/json
cache-control: no-cache, private
access-control-allow-origin: https://newgreatoffers.top
vary: Origin
set-cookie: XSRF-TOKEN=eyJpdiI6InNTdjZSelpMM3FhUVJBS0NYQ2YxVnc9PSIsInZhbHVlIjoiaEFsZEF5cVlaNVBvbjJPVEsxZ1gwRkhKQ3dKYk1PU1R6K1l3bHc2N1BiN0JvbUtwQll2SWgzQ2NQeGhNeUJCUCIsIm1hYyI6IjZmMDNlMGExNmVhNTgyYzQyMDZiMjBlNzY3OWI0YTU4NDkyMjMxMmNmMWRiZGY1OTQ1ZGVjMWZkNzNhMjc4MWYifQ%3D%3D; expires=Tue, 16-Apr-2024 11:55:05 GMT; Max-Age=7200; path=/
c=eyJpdiI6IjIrXC96OGlSOUsreTZFZ3FNVjdoQXdRPT0iLCJ2YWx1ZSI6ImRTa05mcDdkWWsrUGRoSGhZMUFCTDVVWjVsVDVoSlVKcmh3SFo1Wk9YOG1JeDVRTjBGaUc1dXlId3k3SlFlaGkiLCJtYWMiOiJkMTFjMjc0YTNlZWFkMTEyOWM3MzAwNTg4MGQ1MTg3NzA1NTNkMjk5NWRjNjVlNzQ3MTBjMGU0ZDNmMGFmOTE4In0%3D; expires=Tue, 16-Apr-2024 11:55:05 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xUFNIYWGwc6JV3ZoMA4XTJZSh9dsU74SHkxeAzIz8KDjqJUydMnteK6whAm6quHJ%2BsIaxqr04zLKD3gL9Cbmb3jKnpOw6abBrllY6zkU92RDgJRgITT%2B39Tgyw8c9ohp0fQIazQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c366bc2568e-OSL
alt-svc: h3=":443"; ma=86400

GET newgreatoffers.top/js/redirect.js?id=7205070985cfaaa84a2b

104.21.45.150

200 OK

2.7 kB

URL GET HTTP/3
newgreatoffers.top/js/redirect.js?id=7205070985cfaaa84a2b
IP
104.21.45.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subjectnewgreatoffers.top
Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D
ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT

File type
JavaScript source, ASCII text, with very long lines (2812), with no line terminators
Size
2.7 kB (2738 bytes)
Hash
db1ca2ad2cadb6217bca95f7084e4dfa
7f0c9879b54c9220d7f62014dfd96dd1eacdb7c8
28e07720845339964050f6b68fd46908907d911a6abc687e2a41fc220ebf4f99

HTTP Headers

GET /js/redirect.js?id=7205070985cfaaa84a2b HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InJJaG1QMDYwck13a2d4cjhWUXF3Umc9PSIsInZhbHVlIjoiKzg5SXcrZ3R5ZSszUTlCVEkxTWlTYnZNelhcL2hRWFBGNXJ3WUtPbmprdUw3dFMydWtZSldmdWpyYkhkZnNXZDUiLCJtYWMiOiJkM2UwOGFhMjU0ZDY4YWZkNDYyNTVmODJlZTk5OGE3NTBkMDI2MGQ4MjM5NWZjZTk4ZjA5MjU5MTg0NTY1NGIxIn0%3D; c=eyJpdiI6IkI2UEZ0ZU84dlVaUktuWllTejZTeHc9PSIsInZhbHVlIjoiOEh2aHFHVW02RWVhVzg3WFNGM3ZnTFpVZGNQR2tTY0hXbk5DY1RpTnNTTEFURURncWtWOWZaM21rS0hrUFJlOSIsIm1hYyI6ImIyYjllNzYyYTFhNGIxZWZmNTM2NzI1ZGM5YzdkNmM0MTQ5YzNkYWU3MWUwYjhkYzZkNTZhOGZlMGQyNDBkZmIifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 27 Mar 2024 14:41:19 GMT
vary: Accept-Encoding
etag: W/"6604300f-ab2"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YEE8xTSbubYgRi3tDxvBlKe%2F3P3jj029obo5rlkUm87NguyNnONDEXF%2FsxAsPnOm0v3rMBGOcRCkG2ntAxxWMVMSirjv413dr8cdZtBk2eDpcaPLclpFwvZI63LUGejgW9UeteE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c2cddb8568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET static-133.b-cdn.net/43461/images/brush-stroke.svg

194.242.11.186

200 OK

124 kB

URL GET HTTP/2
static-133.b-cdn.net/43461/images/brush-stroke.svg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
124 kB (124282 bytes)
Hash
2affaa6cbada4631a14b44e4390b0358
e7ad09b7af15b3c1aaff622222a654343e358dfe
d8783d3e7e17ac28d426e6d7b992027af21ba4f86976b1526b9a1e53a047d169

HTTP Headers

GET /43461/images/brush-stroke.svg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: W/"2affaa6cbada4631a14b44e4390b0358"
last-modified: Wed, 13 Mar 2024 15:17:35 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000005c4296c53e680ad2-0065f29eca-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b777a0b56ae-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 81b81c3cc47eb5eba24ee632d908e3af
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

GET newgreatoffers.top/locate

104.21.45.150

200 OK

144 B

URL GET HTTP/3
newgreatoffers.top/locate
IP
104.21.45.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subjectnewgreatoffers.top
Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D
ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
144 B (144 bytes)
Hash
a78c1f9242aa33a87bd5f7a7f6cf21af
61484ea912efce8fe8b9aef0eb79eacadecd0968
47ba1d847752b8b99d6b67a2eaa654648624b7035ae2780c5efcbb328b09749e

HTTP Headers

GET /locate HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6InJJaG1QMDYwck13a2d4cjhWUXF3Umc9PSIsInZhbHVlIjoiKzg5SXcrZ3R5ZSszUTlCVEkxTWlTYnZNelhcL2hRWFBGNXJ3WUtPbmprdUw3dFMydWtZSldmdWpyYkhkZnNXZDUiLCJtYWMiOiJkM2UwOGFhMjU0ZDY4YWZkNDYyNTVmODJlZTk5OGE3NTBkMDI2MGQ4MjM5NWZjZTk4ZjA5MjU5MTg0NTY1NGIxIn0=
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InJJaG1QMDYwck13a2d4cjhWUXF3Umc9PSIsInZhbHVlIjoiKzg5SXcrZ3R5ZSszUTlCVEkxTWlTYnZNelhcL2hRWFBGNXJ3WUtPbmprdUw3dFMydWtZSldmdWpyYkhkZnNXZDUiLCJtYWMiOiJkM2UwOGFhMjU0ZDY4YWZkNDYyNTVmODJlZTk5OGE3NTBkMDI2MGQ4MjM5NWZjZTk4ZjA5MjU5MTg0NTY1NGIxIn0%3D; c=eyJpdiI6IkI2UEZ0ZU84dlVaUktuWllTejZTeHc9PSIsInZhbHVlIjoiOEh2aHFHVW02RWVhVzg3WFNGM3ZnTFpVZGNQR2tTY0hXbk5DY1RpTnNTTEFURURncWtWOWZaM21rS0hrUFJlOSIsIm1hYyI6ImIyYjllNzYyYTFhNGIxZWZmNTM2NzI1ZGM5YzdkNmM0MTQ5YzNkYWU3MWUwYjhkYzZkNTZhOGZlMGQyNDBkZmIifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:05 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImhQdis4c2ZTOFM2aTlpWHVDMUY1XC9nPT0iLCJ2YWx1ZSI6ImdrXC96MkdEdmlDS1Vpb2NxcjRVVHR6SVpPTEdhUTZPbitKTkV4dGdBZ0ZQNEttWG1MU0VpZ05HWEVDMGRBWFpGIiwibWFjIjoiMjY5YTRmNWE1ODZmNmI4YjU3MzQwNTljYzg2MWU4NmZhYWFiYmE0OTZkZWVhMzE1MzRlODk0ZGYxYTQyMjNlYSJ9; expires=Tue, 16-Apr-2024 11:55:05 GMT; Max-Age=7200; path=/
c=eyJpdiI6IkowaWM4alhmMFpteEYxVTB3R2o2THc9PSIsInZhbHVlIjoiQlZlVHozZEhyWTVPUVhwRlFwOXVXMFNUM3d5NEJqUHpGUFRVUmxxWDFwQTVSU2wwcTgrQ2xMaWZNa2EwOVNJbCIsIm1hYyI6IjJiYWY0MzVmNGZlZjAxZTVmMjUwOGEzMmU3MzZlNzVlMTQ0Zjk3ZGMyNmE1MjUwMDQ0OTFhZDU1ZmQwNmQ2MDUifQ%3D%3D; expires=Tue, 16-Apr-2024 11:55:05 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oR%2BH6U2t7RgNevdpMlJgx%2BB3vzSGaU5cu7a0TMy5IVtBc5VHnw0vYINeI3NemXKW%2BlCxqMH9BDDJS7bv9MtuIj8NEklQ6c0GOdx1U70HlH2mt8hTv428pwbcPrBgsuOM8KjogUo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c34b908568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET mgkstatic33.b-cdn.net/43461/build/funnel.js

194.242.11.186

200 OK

735 kB

URL GET HTTP/2
mgkstatic33.b-cdn.net/43461/build/funnel.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4
ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT

File type

Size
735 kB (735343 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /43461/build/funnel.js HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=3600
etag: W/"154334f976eb4c2bbea602efb4ad82ce"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000171f16e097b1d7c2-0065f29eca-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869b6440a89156bb-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 02:15:10
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 992d88efb873f05ae8d21d72655aa07a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

GET newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=

104.21.45.150

200 OK

30 kB

URL User Request GET HTTP/2
newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
IP
104.21.45.150:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectnewgreatoffers.top
Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D
ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT

File type

Size
30 kB (30120 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InJJaG1QMDYwck13a2d4cjhWUXF3Umc9PSIsInZhbHVlIjoiKzg5SXcrZ3R5ZSszUTlCVEkxTWlTYnZNelhcL2hRWFBGNXJ3WUtPbmprdUw3dFMydWtZSldmdWpyYkhkZnNXZDUiLCJtYWMiOiJkM2UwOGFhMjU0ZDY4YWZkNDYyNTVmODJlZTk5OGE3NTBkMDI2MGQ4MjM5NWZjZTk4ZjA5MjU5MTg0NTY1NGIxIn0%3D; expires=Tue, 16-Apr-2024 11:55:03 GMT; Max-Age=7200; path=/
c=eyJpdiI6IkI2UEZ0ZU84dlVaUktuWllTejZTeHc9PSIsInZhbHVlIjoiOEh2aHFHVW02RWVhVzg3WFNGM3ZnTFpVZGNQR2tTY0hXbk5DY1RpTnNTTEFURURncWtWOWZaM21rS0hrUFJlOSIsIm1hYyI6ImIyYjllNzYyYTFhNGIxZWZmNTM2NzI1ZGM5YzdkNmM0MTQ5YzNkYWU3MWUwYjhkYzZkNTZhOGZlMGQyNDBkZmIifQ%3D%3D; expires=Tue, 16-Apr-2024 11:55:03 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FyAy81GRuIkiz6MFCMGV7y6yh3hchAihSpYO1gtBTIZVGu6hNr4g9uIkQgJAQljD7tI8cEs9qGo7gV1KUVpwWAgjEWyTF1C6J5kVmniQXGImJ82YV9NzQW3bB%2B3PJPpcRJtDqw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c295ff30afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET newgreatoffers.top/css/flow.css?id=1a2dada5ba76c1b29ae1

104.21.45.150

200 OK

385 B

URL GET HTTP/3
newgreatoffers.top/css/flow.css?id=1a2dada5ba76c1b29ae1
IP
104.21.45.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subjectnewgreatoffers.top
Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D
ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT

File type
ASCII text, with very long lines (387), with no line terminators
Size
385 B (385 bytes)
Hash
716b5bae177d32d4cd7705aea9c3aea6
528d34269613ca77e628a9f9e96c860db310b30e
5a4a12046a65a7d262113515770984da1c25d37e7e85cb169de334467043d386

HTTP Headers

GET /css/flow.css?id=1a2dada5ba76c1b29ae1 HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InJJaG1QMDYwck13a2d4cjhWUXF3Umc9PSIsInZhbHVlIjoiKzg5SXcrZ3R5ZSszUTlCVEkxTWlTYnZNelhcL2hRWFBGNXJ3WUtPbmprdUw3dFMydWtZSldmdWpyYkhkZnNXZDUiLCJtYWMiOiJkM2UwOGFhMjU0ZDY4YWZkNDYyNTVmODJlZTk5OGE3NTBkMDI2MGQ4MjM5NWZjZTk4ZjA5MjU5MTg0NTY1NGIxIn0%3D; c=eyJpdiI6IkI2UEZ0ZU84dlVaUktuWllTejZTeHc9PSIsInZhbHVlIjoiOEh2aHFHVW02RWVhVzg3WFNGM3ZnTFpVZGNQR2tTY0hXbk5DY1RpTnNTTEFURURncWtWOWZaM21rS0hrUFJlOSIsIm1hYyI6ImIyYjllNzYyYTFhNGIxZWZmNTM2NzI1ZGM5YzdkNmM0MTQ5YzNkYWU3MWUwYjhkYzZkNTZhOGZlMGQyNDBkZmIifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: text/css
last-modified: Wed, 27 Mar 2024 14:41:29 GMT
vary: Accept-Encoding
etag: W/"66043019-181"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cache-control: max-age=14400
cf-cache-status: HIT
age: 101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hNPb8bRNpchNiEe4fzPn0Fd5x8xlYirmaOUTBzTzVZIzx62kHvfdfMEyUmEtcn4vTSAxNge0LYCMGRUFTKfoiX2LDy5ls%2BWBMiXxmleKMhy%2F4pt4XyOnODNYi8SSQYDnWMsDc8o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c2cbd89568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET newgreatoffers.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.45.150

200 OK

1.2 kB

URL GET HTTP/3
newgreatoffers.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.45.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subjectnewgreatoffers.top
Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D
ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT

File type
HTML document, ASCII text, with very long lines (1271), with no line terminators
Size
1.2 kB (1239 bytes)
Hash
40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InJJaG1QMDYwck13a2d4cjhWUXF3Umc9PSIsInZhbHVlIjoiKzg5SXcrZ3R5ZSszUTlCVEkxTWlTYnZNelhcL2hRWFBGNXJ3WUtPbmprdUw3dFMydWtZSldmdWpyYkhkZnNXZDUiLCJtYWMiOiJkM2UwOGFhMjU0ZDY4YWZkNDYyNTVmODJlZTk5OGE3NTBkMDI2MGQ4MjM5NWZjZTk4ZjA5MjU5MTg0NTY1NGIxIn0%3D; c=eyJpdiI6IkI2UEZ0ZU84dlVaUktuWllTejZTeHc9PSIsInZhbHVlIjoiOEh2aHFHVW02RWVhVzg3WFNGM3ZnTFpVZGNQR2tTY0hXbk5DY1RpTnNTTEFURURncWtWOWZaM21rS0hrUFJlOSIsIm1hYyI6ImIyYjllNzYyYTFhNGIxZWZmNTM2NzI1ZGM5YzdkNmM0MTQ5YzNkYWU3MWUwYjhkYzZkNTZhOGZlMGQyNDBkZmIifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 08:31:34 GMT
etag: W/"661ce5e6-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XEmk3CInDBf%2FLtNGUsazl0Zfx0L8%2BYrvsrhHDZmGQmFqC5fXeMvnVNycTnbVoUM6WRMK8C5HpDrtbhmbrPtht9qR6%2F99nfWoyI1VgFexxCnIjXKliZTLxvKw0C5wdZ99GJpY9v4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87534c2ccdb3568e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 18 Apr 2024 09:55:03 GMT
cache-control: max-age=172800, public
content-encoding: gzip

GET newgreatoffers.top/media/sad-face.svg

104.21.45.150

200 OK

1.5 kB

URL GET HTTP/3
newgreatoffers.top/media/sad-face.svg
IP
104.21.45.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Certificate
IssuerGoogle Trust Services LLC
Subjectnewgreatoffers.top
Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D
ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1500 bytes)
Hash
bdcbafe1e1645bbc976b921ce3bd9f4e
425452c8d3c086c51b181cfe80a301203864f62d
cfe7deb082ac3df432e92adddb66f59764d147cfbd5862742a16cec471fa86f0

HTTP Headers

GET /media/sad-face.svg HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f923-5ec6-4ca8-a17c-bf15c129b836&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6InJJaG1QMDYwck13a2d4cjhWUXF3Umc9PSIsInZhbHVlIjoiKzg5SXcrZ3R5ZSszUTlCVEkxTWlTYnZNelhcL2hRWFBGNXJ3WUtPbmprdUw3dFMydWtZSldmdWpyYkhkZnNXZDUiLCJtYWMiOiJkM2UwOGFhMjU0ZDY4YWZkNDYyNTVmODJlZTk5OGE3NTBkMDI2MGQ4MjM5NWZjZTk4ZjA5MjU5MTg0NTY1NGIxIn0%3D; c=eyJpdiI6IkI2UEZ0ZU84dlVaUktuWllTejZTeHc9PSIsInZhbHVlIjoiOEh2aHFHVW02RWVhVzg3WFNGM3ZnTFpVZGNQR2tTY0hXbk5DY1RpTnNTTEFURURncWtWOWZaM21rS0hrUFJlOSIsIm1hYyI6ImIyYjllNzYyYTFhNGIxZWZmNTM2NzI1ZGM5YzdkNmM0MTQ5YzNkYWU3MWUwYjhkYzZkNTZhOGZlMGQyNDBkZmIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/svg+xml
last-modified: Wed, 27 Mar 2024 14:41:29 GMT
vary: Accept-Encoding
etag: W/"66043019-5dc"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cache-control: max-age=14400
cf-cache-status: HIT
age: 100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTi1iKoIp0ttGXJSoRls3C8vW5TAXgRj7ph8OiX7Shj2saORGSX16Gj%2B0jb2EUqVUfArUGhxnGtD3TJYYDKMwyfeBBG9%2FwMWpStttFA6VqEZBgZ8ziB3AWlzNiWfPMu%2FIW%2FPcOw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c2ccdae568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (51)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections