| rjmieo.com/images/play-2/icon1.png |  185.162.87.220 | | 7.3 kB |
URL rjmieo.com/images/play-2/icon1.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /images/play-2/icon1.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:00 GMT
content-type: image/png
content-length: 7252
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-1c54"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| rjmieo.com/images/play-2/icon2.png | 185.162.87.220 | | 4.6 kB |
URL rjmieo.com/images/play-2/icon2.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashc947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /images/play-2/icon2.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:00 GMT
content-type: image/png
content-length: 4576
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-11e0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| rjmieo.com/images/play-2/icon3.png | 185.162.87.220 | | 7.8 kB |
URL rjmieo.com/images/play-2/icon3.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /images/play-2/icon3.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:00 GMT
content-type: image/png
content-length: 7847
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-1ea7"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| rjmieo.com/images/play-2/icon4.png | 185.162.87.220 | | 7.0 kB |
URL rjmieo.com/images/play-2/icon4.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hash7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /images/play-2/icon4.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:00 GMT
content-type: image/png
content-length: 7032
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-1b78"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| rjmieo.com/images/play-2/icon5.png | 185.162.87.220 | | 3.3 kB |
URL rjmieo.com/images/play-2/icon5.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hash1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /images/play-2/icon5.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:00 GMT
content-type: image/png
content-length: 3264
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-cc0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| rjmieo.com/images/play-2/icon7.png | 185.162.87.220 | | 3.3 kB |
URL rjmieo.com/images/play-2/icon7.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Hashb512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /images/play-2/icon7.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:00 GMT
content-type: image/png
content-length: 3283
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-cd3"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| rjmieo.com/images/play-2/icon8.png | 185.162.87.220 | | 4.1 kB |
URL rjmieo.com/images/play-2/icon8.png IP185.162.87.220:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashf92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /images/play-2/icon8.png HTTP/1.1
Host: rjmieo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000intent://rjmieo.com/play-2_1?h=waWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzEsInNyYyI6Mn0=eyJ&si1=DB06-0HN1F09U52QUQJQID&si2=a0128000
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.0
date: Tue, 16 Apr 2024 09:55:00 GMT
content-type: image/png
content-length: 4064
last-modified: Tue, 09 Apr 2024 07:34:22 GMT
etag: "6614ef7e-fe0"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1102421&st=1341271&wd=560731&d=rjmieo.com&tpl=78&rnd=0.35441964600173037&sbid=DB06-0HN1F09U52QUQJQID&sbid2=a0128000intent%3A%2F%2Frjmieo.com%2Fplay | 185.162.85.14 | | 0 B |
URL mdakky.com/rpe?a=1&s=1&act=18&src=2&p=1102421&st=1341271&wd=560731&d=rjmieo.com&tpl=78&rnd=0.35441964600173037&sbid=DB06-0HN1F09U52QUQJQID&sbid2=a0128000intent%3A%2F%2Frjmieo.com%2Fplay IP185.162.85.14:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rpe?a=1&s=1&act=18&src=2&p=1102421&st=1341271&wd=560731&d=rjmieo.com&tpl=78&rnd=0.35441964600173037&sbid=DB06-0HN1F09U52QUQJQID&sbid2=a0128000intent%3A%2F%2Frjmieo.com%2Fplay HTTP/1.1
Host: mdakky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rjmieo.com
DNT: 1
Connection: keep-alive
Referer: https://rjmieo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 16 Apr 2024 09:55:00 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| wokoez.com/phtbload?a=1&e=aeyJwaWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzF9 | 185.162.85.19 | | 358 B |
URL wokoez.com/phtbload?a=1&e=aeyJwaWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzF9 IP185.162.85.19:0 ASN#39572 DataWeb Global Group B.V.
File typegzip compressed data, from Unix Hash4b7ae3f4222043a35df3c80a576296a1 a16d04b9e3aa3b236b493e441f11ec63732d7268 7d0ed053dedcbec16778f6a7ed2f8dc32e01a883d3bd1e219816f7ea5c6f00a6
GET /phtbload?a=1&e=aeyJwaWQiOjExMDI0MjEsInNpZCI6MTM0MTI3MSwid2lkIjo1NjA3MzF9 HTTP/1.1
Host: wokoez.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rjmieo.com/
Origin: https://rjmieo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 16 Apr 2024 09:55:01 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Platform-Version
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| berebereuolakola.com/link?z=6849336&var=a560731&ymid=a2_8439266813790470875_560731_2_0 |  139.45.196.64 | | 0 B |
URL berebereuolakola.com/link?z=6849336&var=a560731&ymid=a2_8439266813790470875_560731_2_0 IP139.45.196.64:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /link?z=6849336&var=a560731&ymid=a2_8439266813790470875_560731_2_0 HTTP/1.1
Host: berebereuolakola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rjmieo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Tue, 16 Apr 2024 09:55:01 GMT
content-length: 0
location: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a560731&clid={ymid}&r=http%3A%2F%2Fberebereuolakola.com%2Flink%3Fz%3D6849336%26var%3Da560731%26ymid%3Da2_8439266813790470875_560731_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
link: <https://cdntechone.com>; rel="dns-prefetch preconnect"
set-cookie: OAID=048040d3e29b4d58e97e2b98189519a2; expires=Wed, 16 Apr 2025 09:55:01 GMT
oaidts=1713261301; expires=Wed, 16 Apr 2025 09:55:01 GMT
phpckd6849336=true; expires=Wed, 17 Apr 2024 09:55:01 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a560731&clid={ymid}&r=http%3A%2F%2Fberebereuolakola.com%2Flink%3Fz%3D6849336%26var%3Da560731%26ymid%3Da2_8439266813790470875_560731_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505 |  172.67.195.28 | | 13 kB |
URL cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a560731&clid={ymid}&r=http%3A%2F%2Fberebereuolakola.com%2Flink%3Fz%3D6849336%26var%3Da560731%26ymid%3Da2_8439266813790470875_560731_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505 IP172.67.195.28:0
File typeHTML document, ASCII text, with very long lines (18452) Hashbb831dd6d50f6c8b53353103ec9a3703 9d78eba98e3da16601fb5492a7d66030865293e0 785c9ae55eb9710019f4b32060731514e6bf11d2fb96e0c5bc5dec7d2bfc9319
GET /r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=6849336&axcusid1=a560731&clid={ymid}&r=http%3A%2F%2Fberebereuolakola.com%2Flink%3Fz%3D6849336%26var%3Da560731%26ymid%3Da2_8439266813790470875_560731_2_0%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505 HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rjmieo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:01 GMT
content-type: text/html
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0nCE%2B6iSCotKqTD%2B%2FfJrCzF6895dkrnAlQLGMA%2BVuvHKz7ySz4KUKJBLXDQ3Xk173GObnzqsTvkP7hRbeAVY%2FzqAbyls7xoh6RXNrz1fIonE5ZoidxVLQkyewPfEArJHCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c1d38a60b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=a083cb3f-7b32-4146-aee7-0832613f092b | 37.48.68.71 | | 2 B |
URL datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=a083cb3f-7b32-4146-aee7-0832613f092b IP37.48.68.71:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=a083cb3f-7b32-4146-aee7-0832613f092b HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1660
Origin: https://cdntechone.com
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 16 Apr 2024 09:55:01 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| berebereuolakola.com/link?z=6849336&var=a560731&ymid=a2_8439266813790470875_560731_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505 | 139.45.196.64 | | 13 kB |
URL berebereuolakola.com/link?z=6849336&var=a560731&ymid=a2_8439266813790470875_560731_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505 IP139.45.196.64:0
File typegzip compressed data, max speed, from Unix Hashac0d7ef688948b0aa61a3d3168a4a0bb 49a6562e270cf587ce75dbd64d8c50276711f8d4 f2a676a19b33ae1d646bdf567aa65e1f145e2c87376e32de1ca90ac8752fddc8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /link?z=6849336&var=a560731&ymid=a2_8439266813790470875_560731_2_0&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=10505 HTTP/1.1
Host: berebereuolakola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: OAID=048040d3e29b4d58e97e2b98189519a2; oaidts=1713261301; phpckd6849336=true
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 09:55:01 GMT
content-type: text/html; charset=utf8
x-trace-id: 6de55db4aa62ff6cf3db9ad16ab3b0cf
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=048040d3e29b4d58e97e2b98189519a2; expires=Wed, 16 Apr 2025 09:55:01 GMT; path=/; secure; SameSite=None
oaidts=1713261301; expires=Wed, 16 Apr 2025 09:55:01 GMT; path=/; secure; SameSite=None
allcnt=1; expires=Wed, 16 Apr 2025 09:55:01 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=048040d3e29b4d58e97e2b98189519a2&z=6849338&p_rid=132297d0-a2e2-4e08-8e70-c35b4a98ab10&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=048040d3e29b4d58e97e2b98189519a2&z=6849338&p_rid=132297d0-a2e2-4e08-8e70-c35b4a98ab10&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=048040d3e29b4d58e97e2b98189519a2&z=6849338&p_rid=132297d0-a2e2-4e08-8e70-c35b4a98ab10&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://berebereuolakola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 09:55:02 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=048040d3e29b4d58e97e2b98189519a2; expires=Wed, 16 Apr 2025 09:55:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ptaupsom.com/?z=6849338&syncedCookie=true&rhd=false | 139.45.197.242 | 302 Found | 0 B |
URL User Request POST HTTP/2ptaupsom.com/?z=6849338&syncedCookie=true&rhd=false IP139.45.197.242:443
CertificateIssuerLet's Encrypt Subjectptaupsom.com FingerprintAB:9A:62:A1:9D:E4:06:4C:2A:03:DA:B9:42:CB:A2:16:50:FE:57:6E ValidityFri, 08 Mar 2024 05:29:04 GMT - Thu, 06 Jun 2024 05:29:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /?z=6849338&syncedCookie=true&rhd=false HTTP/1.1
Host: ptaupsom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 714
Origin: https://berebereuolakola.com
DNT: 1
Connection: keep-alive
Referer: https://berebereuolakola.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Tue, 16 Apr 2024 09:55:02 GMT
content-length: 0
location: https://secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=804038767743865779&cost=0.001050&zoneid=6849338&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0
x-trace-id: 308c9161d4813fac243b066c0fea5e9e
link: <https://secureltrk.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://berebereuolakola.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080407ebf4e4081ff6031580e42d04b; expires=Wed, 16 Apr 2025 09:55:02 GMT; path=/; secure; SameSite=None
oaidts=1713261302; expires=Wed, 16 Apr 2025 09:55:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=804038767743865779&cost=0.001050&zoneid=6849338&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 |  176.97.112.149 | 307 Temporary Redirect | 0 B |
URL User Request GET HTTP/2secureltrk.com/click?key=964a6cb724a8ed441ad5&visitor_id=804038767743865779&cost=0.001050&zoneid=6849338&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 IP176.97.112.149:443 ASN#43180 Virtual Systems LLC
CertificateIssuerLet's Encrypt Subjectsecureltrk.com Fingerprint91:A8:57:2C:3B:9E:B5:B7:A7:E4:55:0C:08:59:E7:45:9D:A9:4C:9D ValidityFri, 22 Mar 2024 12:23:21 GMT - Thu, 20 Jun 2024 12:23:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?key=964a6cb724a8ed441ad5&visitor_id=804038767743865779&cost=0.001050&zoneid=6849338&campaignid=7910866&banner=20283117&zone_type={zone_type}&user_activity=high&subzone_id=0 HTTP/1.1
Host: secureltrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Tue, 16 Apr 2024 09:55:02 GMT
location: https://g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cof4ltla6vts738dk9g0
server: Caddy
set-cookie: uclick=y7rewlgOO9s137WmbGCYvr+xvwqAU8rFUuIv3upgHgKAMGca6eHzI28q+oq4hzGmO+YcFw==; Max-Age=31536000; SameSite=Lax
bcid=cof4ltla6vts738dk9g0; Max-Age=31536000; SameSite=Lax
cid=cof4ltla6vts738dk9g0; Max-Age=31536000; SameSite=Lax
x-request-id: 97e27de8-720c-48de-b9dd-7643991fc827
content-length: 0
X-Firefox-Spdy: h2
|
|
| newgreatoffers.top/images/check-icon.png | 172.67.215.176 | 200 OK | 45 kB |
URL GET HTTP/3newgreatoffers.top/images/check-icon.png IP172.67.215.176:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectnewgreatoffers.top Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT
File typePNG image data, 900 x 520, 8-bit/color RGBA, non-interlaced Hash678be8aead34ae53e3a53f79ba30c820 a90e388c192e1287fb9132385e0e9960a1f7c15e 79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
GET /images/check-icon.png HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ijh2bUlocVc5VTBPS0VYXC96WDZLSGVnPT0iLCJ2YWx1ZSI6IjRZOU41S3JjOTFldW1ERk1pRnprOEhtVW5uZkVMcVpteHhXWVBWNk85dTJicGlVR0taQUp4SStuR0hyeWYxOXEiLCJtYWMiOiJlOGZjMDVjMmM3ZmFlMDRhMTdjM2QxNTNiMzU3MTFjYzkxNTVjYTYyN2EwMDNjY2ZlNDI0NGRlYTUwYjc4ZDQzIn0%3D; c=eyJpdiI6ImQrazFXd0lWbHBJVWlqV2Fjb2VTSVE9PSIsInZhbHVlIjoiU0hNV2R0SE1NVnZcL3E4cHNVK1JnNkdiUlwvMlVOZ29cL2JUVTFcLzNNKzZoXC9oWmZ5dFpkYytST3dtY3JxdTdnQUVKIiwibWFjIjoiMTQ0NWUxNDY3NjkwZDQxMGQ4NzhjNThlZTFjNDIzOGEwNDI5ZjVlY2Q5ZTY3NjEzZDhiOWU3YjUwNTI3YTU3NiJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 45018
last-modified: Wed, 27 Mar 2024 14:37:42 GMT
etag: "66042f36-afda"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
cache-control: max-age=14400
cf-cache-status: HIT
age: 101
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JHyV8%2BpK%2Fq9L7dIuJFvfm9OF6EBgagAc2gmXmyQdQzYjNna1GWKp9UkU9qzQfJUDnksjBz3Uw2Vt6GFhXws6Lc69jqIbzOMvyiLihcGY7BAOmzUWQ9WCOjE13PfoOUbc%2BCUuvag%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87534c29ea1956c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| newgreatoffers.top/css/flow.css?id=1a2dada5ba76c1b29ae1 | 172.67.215.176 | 200 OK | 642 B |
URL GET HTTP/3newgreatoffers.top/css/flow.css?id=1a2dada5ba76c1b29ae1 IP172.67.215.176:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectnewgreatoffers.top Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT
File typeASCII text, with very long lines (311) Hash1a2dada5ba76c1b29ae13ddd11b16743 5076e9545fae3a01adce54e076706173de9f48c5 df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
GET /css/flow.css?id=1a2dada5ba76c1b29ae1 HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ijh2bUlocVc5VTBPS0VYXC96WDZLSGVnPT0iLCJ2YWx1ZSI6IjRZOU41S3JjOTFldW1ERk1pRnprOEhtVW5uZkVMcVpteHhXWVBWNk85dTJicGlVR0taQUp4SStuR0hyeWYxOXEiLCJtYWMiOiJlOGZjMDVjMmM3ZmFlMDRhMTdjM2QxNTNiMzU3MTFjYzkxNTVjYTYyN2EwMDNjY2ZlNDI0NGRlYTUwYjc4ZDQzIn0%3D; c=eyJpdiI6ImQrazFXd0lWbHBJVWlqV2Fjb2VTSVE9PSIsInZhbHVlIjoiU0hNV2R0SE1NVnZcL3E4cHNVK1JnNkdiUlwvMlVOZ29cL2JUVTFcLzNNKzZoXC9oWmZ5dFpkYytST3dtY3JxdTdnQUVKIiwibWFjIjoiMTQ0NWUxNDY3NjkwZDQxMGQ4NzhjNThlZTFjNDIzOGEwNDI5ZjVlY2Q5ZTY3NjEzZDhiOWU3YjUwNTI3YTU3NiJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: text/css
last-modified: Wed, 27 Mar 2024 14:41:29 GMT
vary: Accept-Encoding
etag: W/"66043019-181"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cache-control: max-age=14400
cf-cache-status: HIT
age: 101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dgooSuvSeDq1iFhbAxAGhUDSd7pkAZH7jBT4TBV4IRpnpuuKLY8qaIKSol15WqNST8Y%2FGwl%2B8j%2B4OQjV4cRlA61ZLoQrEyF0D6DAHSUFtYXJO6CRPALxu1O2HItzUztYs%2BaR%2F8w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c29ea1256c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mgkstatic33.b-cdn.net/43461/images/logo.png |  194.242.11.186 | 200 OK | 12 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/logo.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 436 x 130, 8-bit/color RGBA, non-interlaced Hash34156c9cf33b3a62f654c05dce790379 3e937d90138e64ceb158a1d7940e88551e7d3ae4 d13af073b360ef22d6fae9f4553a70389ba215b9d4dff52a9e2358417be6921c
GET /43461/images/logo.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 12510
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "34156c9cf33b3a62f654c05dce790379"
last-modified: Wed, 13 Mar 2024 15:17:34 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000008b1c89a4d0b15148-0065f29eca-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 864461ec3802b51d-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/14/2024 12:49:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 56749c0a10ff9864f3b5c969ddaec2d4
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png | 194.242.11.186 | 200 OK | 4.0 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 71 x 72, 8-bit/color RGBA, non-interlaced Hashaa55fd19e5efcaea20c5baf81e722bbc 6e5466aa0c4bf4586f1d6e53ae63f9c1fc1a3f56 3d25d49488fafac19a1fd40686a0d901d245e613db1d0b1ddb9a38fa101c659e
GET /43461/images/Icon-ionic-md-trophy.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 3992
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "aa55fd19e5efcaea20c5baf81e722bbc"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000052d3ae9d438c6d95-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b73bf9f0b45-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 18fa3f09b10bc0d345052734947f7bde
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png | 194.242.11.186 | 200 OK | 3.8 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 78 x 78, 8-bit/color RGBA, non-interlaced Hash2973d7d42cbc07bd0099eec135a5de96 a657b46c370c998c751368bd9231d9729e2b8d23 cd37a4eede36ce73ad4388f7f6a0483c87455e888b16eaee0c9e076abf7882dc
GET /43461/images/Icon-awesome-download.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 3776
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "2973d7d42cbc07bd0099eec135a5de96"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000096a6b8a15cae6941-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b74dc1c0b55-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8522a6b4a06a3319304deb7ce29bae8d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png | 194.242.11.186 | 200 OK | 3.7 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced Hashe26549054b8a37aff472cc3c68ca9f92 6d982d6d54f9f1af0ee1b88992dd25a16c66d77d 7cdbc2c72709df7bd0a11927adf1f751a7fc681d3e032267a2b9c4e328dcf40b
GET /43461/images/Icon-awesome-rocket.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 3717
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "e26549054b8a37aff472cc3c68ca9f92"
last-modified: Wed, 13 Mar 2024 15:17:28 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001277ebaeb444c088-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc82efeb7130-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 51e25ee214599399773f5796e24b77d7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/Polygon-10.png | 194.242.11.186 | 200 OK | 465 B |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/Polygon-10.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 46 x 69, 8-bit/color RGBA, non-interlaced Hash250d763ae00c38fc8d960305e2f11950 130acf813f4c80c9cc7db53decc8799c28e3eb43 d074af86e879deab518c017c9078083a6dc2214d6ca96b892c245bab5c94ceb1
GET /43461/images/Polygon-10.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 465
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "250d763ae00c38fc8d960305e2f11950"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003cd7736e5659ab25-0065f1c7cc-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc844d30b517-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 50a097f3f48a487d3ff82a95ead4f2d0
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif | 194.242.11.186 | 200 OK | 18 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeGIF image data, version 89a, 64 x 64 Hash313d1440d21ae95e5dcfa2f447f14456 8c850ce459c6b12090b887f19b3d824f49049a23 f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb
GET /43461/images/0PTcCKIlgr.gif HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/gif
content-length: 17963
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "313d1440d21ae95e5dcfa2f447f14456"
last-modified: Wed, 13 Mar 2024 15:17:39 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000020d12b6785ad2760-0065f29eca-52830f45-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 864461ec9f3a56ae-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/14/2024 12:49:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5a1002fab83e0c68aabffa90b3388343
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png | 194.242.11.186 | 200 OK | 405 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 960 x 795, 8-bit/color RGBA, non-interlaced Size405 kB (405350 bytes) Hashb961c9e7e178aa1bb10a1ed8bbc37f76 5a4ae86e986118b8792a85c6c561e07c1f23ee03 15775556fc3dd033df8b911c03448a47cc4e14f26e36aecc2ac378f76c9307d8
GET /43461/images/robot-and-phone-final-img.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 405350
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "b961c9e7e178aa1bb10a1ed8bbc37f76"
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000d699074756f91dc7-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b76181e0b45-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:41
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 489d7efae3c30abaa9a96a2889261d8a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png | 194.242.11.186 | 200 OK | 101 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 522 x 848, 8-bit/color RGBA, non-interlaced Size101 kB (101329 bytes) Hash8d3c7b42fdd79ef3c7d81aee046465c8 933e6035c9082dc87418519e8c4e6550c3f1d8a1 f6d18c1ec94df13f3f335ee98f1cdc6010656e117c6a5bd0b47812580c188123
GET /43461/images/phone-with-shadow-bitbotapp.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/png
content-length: 101329
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "8d3c7b42fdd79ef3c7d81aee046465c8"
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000001497924583aa2f5c-0065f1c7cc-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc830eae56a4-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 191d23c72f888656ffacd93c19257864
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| newgreatoffers.top/js/l.js?id=f699e0c1aa11fe1bdd00 | 172.67.215.176 | 200 OK | 115 kB |
URL GET HTTP/3newgreatoffers.top/js/l.js?id=f699e0c1aa11fe1bdd00 IP172.67.215.176:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectnewgreatoffers.top Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65336), with no line terminators Size115 kB (114701 bytes) Hashf699e0c1aa11fe1bdd00a7400b51ac84 4193182e4873223501193aa85eedade88d531ce5 392c15facf9c22c83c1e8c4e47d73ea5875e4b7aaccd0b828874e56975081017
GET /js/l.js?id=f699e0c1aa11fe1bdd00 HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ijh2bUlocVc5VTBPS0VYXC96WDZLSGVnPT0iLCJ2YWx1ZSI6IjRZOU41S3JjOTFldW1ERk1pRnprOEhtVW5uZkVMcVpteHhXWVBWNk85dTJicGlVR0taQUp4SStuR0hyeWYxOXEiLCJtYWMiOiJlOGZjMDVjMmM3ZmFlMDRhMTdjM2QxNTNiMzU3MTFjYzkxNTVjYTYyN2EwMDNjY2ZlNDI0NGRlYTUwYjc4ZDQzIn0%3D; c=eyJpdiI6ImQrazFXd0lWbHBJVWlqV2Fjb2VTSVE9PSIsInZhbHVlIjoiU0hNV2R0SE1NVnZcL3E4cHNVK1JnNkdiUlwvMlVOZ29cL2JUVTFcLzNNKzZoXC9oWmZ5dFpkYytST3dtY3JxdTdnQUVKIiwibWFjIjoiMTQ0NWUxNDY3NjkwZDQxMGQ4NzhjNThlZTFjNDIzOGEwNDI5ZjVlY2Q5ZTY3NjEzZDhiOWU3YjUwNTI3YTU3NiJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 27 Mar 2024 14:41:29 GMT
vary: Accept-Encoding
etag: W/"66043019-66f42"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cache-control: max-age=14400
cf-cache-status: HIT
age: 101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9n4ty4e2jDxLdFDKWa%2BlqdrT4%2BvI6S1FAtxjHvouxFL6F5wvYbn9Oa%2FvG%2FKDLnqHpVJd6pU70vj7xD2yhKC%2Boy9F2oaXfp3eVUDvUaAPYcJ4nnVV0DkHW1kdg%2BzkoSItDaBU3dI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c2a0a5856c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newgreatoffers.top/js/redirect.js?id=7205070985cfaaa84a2b | 172.67.215.176 | 200 OK | 1.6 kB |
URL GET HTTP/3newgreatoffers.top/js/redirect.js?id=7205070985cfaaa84a2b IP172.67.215.176:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectnewgreatoffers.top Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT
File typeJavaScript source, ASCII text, with very long lines (2738), with no line terminators Hash7205070985cfaaa84a2b7e4b4312342a 9142390fc87574c77705c78b2b869ab9644756c4 5fd8e205f7ba2def2d0a5b7212189d9b8766ca0c515b09c39412531d49fcc655
GET /js/redirect.js?id=7205070985cfaaa84a2b HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ijh2bUlocVc5VTBPS0VYXC96WDZLSGVnPT0iLCJ2YWx1ZSI6IjRZOU41S3JjOTFldW1ERk1pRnprOEhtVW5uZkVMcVpteHhXWVBWNk85dTJicGlVR0taQUp4SStuR0hyeWYxOXEiLCJtYWMiOiJlOGZjMDVjMmM3ZmFlMDRhMTdjM2QxNTNiMzU3MTFjYzkxNTVjYTYyN2EwMDNjY2ZlNDI0NGRlYTUwYjc4ZDQzIn0%3D; c=eyJpdiI6ImQrazFXd0lWbHBJVWlqV2Fjb2VTSVE9PSIsInZhbHVlIjoiU0hNV2R0SE1NVnZcL3E4cHNVK1JnNkdiUlwvMlVOZ29cL2JUVTFcLzNNKzZoXC9oWmZ5dFpkYytST3dtY3JxdTdnQUVKIiwibWFjIjoiMTQ0NWUxNDY3NjkwZDQxMGQ4NzhjNThlZTFjNDIzOGEwNDI5ZjVlY2Q5ZTY3NjEzZDhiOWU3YjUwNTI3YTU3NiJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 27 Mar 2024 14:41:19 GMT
vary: Accept-Encoding
etag: W/"6604300f-ab2"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2F9koKWkXIzzgjDKgvB5hkybZOJbZqY68456zgQJfhGcixKmV%2BtxRtKJlNl171xIDfm9RrOofCw8%2FsWbjoNFWYyVgvG7qzNszw%2FXsv1y0%2BSz%2F28Jz3nzpcAkHKRTNfsYeOGqcoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c2a0a5556c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap | 142.250.74.106 | 200 OK | 4.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap IP142.250.74.106:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash8687ba1a91c0b53782307340714b6c1c 2b0fcfe20c21617bdc5e0bed4ad99bd6d531f16d d819474b00f367bee462cf5ff25c49890c7db7b0859956b9fb1a54e5f2f741c2
GET /css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 09:55:04 GMT
date: Tue, 16 Apr 2024 09:55:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| newgreatoffers.top/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 | 172.67.215.176 | 200 OK | 71 kB |
URL GET HTTP/3newgreatoffers.top/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 IP172.67.215.176:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectnewgreatoffers.top Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT
File typePNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced Hash416250f60d785a2e02f17e054d2e4e44 21572c9751e5a3dc20395befa0fcb349c32c4811 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
GET /images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44 HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/css/forms.css?id=f996a15d4340ce7f6a99
Cookie: XSRF-TOKEN=eyJpdiI6Ijh2bUlocVc5VTBPS0VYXC96WDZLSGVnPT0iLCJ2YWx1ZSI6IjRZOU41S3JjOTFldW1ERk1pRnprOEhtVW5uZkVMcVpteHhXWVBWNk85dTJicGlVR0taQUp4SStuR0hyeWYxOXEiLCJtYWMiOiJlOGZjMDVjMmM3ZmFlMDRhMTdjM2QxNTNiMzU3MTFjYzkxNTVjYTYyN2EwMDNjY2ZlNDI0NGRlYTUwYjc4ZDQzIn0%3D; c=eyJpdiI6ImQrazFXd0lWbHBJVWlqV2Fjb2VTSVE9PSIsInZhbHVlIjoiU0hNV2R0SE1NVnZcL3E4cHNVK1JnNkdiUlwvMlVOZ29cL2JUVTFcLzNNKzZoXC9oWmZ5dFpkYytST3dtY3JxdTdnQUVKIiwibWFjIjoiMTQ0NWUxNDY3NjkwZDQxMGQ4NzhjNThlZTFjNDIzOGEwNDI5ZjVlY2Q5ZTY3NjEzZDhiOWU3YjUwNTI3YTU3NiJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/png
content-length: 70857
last-modified: Wed, 27 Mar 2024 14:41:19 GMT
etag: "6604300f-114c9"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 101
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCYJsFQS0Ndc0Z4brdUd6pbXHQyiRPAW5e2u44TaPs0Avwv3gLRq9rchix%2Ba5vF5XhHOLdGkJm4xTJ1%2BHmN3Yr%2BmSrJWezC6kwHj3e6AYLP7MnmIAgaqDm24yEh1C8GurQ9Z3D0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87534c2f2af756c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static-133.b-cdn.net/43461/images/hero-img-new.jpg | 194.242.11.186 | 200 OK | 394 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/hero-img-new.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x935, components 3 Size394 kB (393575 bytes) Hash8867f07ab37b30a70556531fab9ab745 b38438f367b8db496568700d6f07ffc17a185151 d74199bd755af51a2080d1caad0f8655afebbd5da7b56ee3302699c7bd856b0a
GET /43461/images/hero-img-new.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/jpeg
content-length: 393575
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "8867f07ab37b30a70556531fab9ab745"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000001c2614e59fb41b02-0065f1c7cc-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8673df3bda3bb51b-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/20/2024 07:08:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bcc1749388080cfb113fe537c96d9b6d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| newgreatoffers.top/css/forms.css?id=f996a15d4340ce7f6a99 | 172.67.215.176 | 200 OK | 245 kB |
URL GET HTTP/3newgreatoffers.top/css/forms.css?id=f996a15d4340ce7f6a99 IP172.67.215.176:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectnewgreatoffers.top Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT
File typeASCII text, with very long lines (19895) Size245 kB (245298 bytes) Hashf996a15d4340ce7f6a994015a99c95d9 e59e2ce631dcf0619e149659a0052285e374def4 f93e02936033f95f052bec10b8041b15ec34b661a699957113f8646875c81718
GET /css/forms.css?id=f996a15d4340ce7f6a99 HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ijh2bUlocVc5VTBPS0VYXC96WDZLSGVnPT0iLCJ2YWx1ZSI6IjRZOU41S3JjOTFldW1ERk1pRnprOEhtVW5uZkVMcVpteHhXWVBWNk85dTJicGlVR0taQUp4SStuR0hyeWYxOXEiLCJtYWMiOiJlOGZjMDVjMmM3ZmFlMDRhMTdjM2QxNTNiMzU3MTFjYzkxNTVjYTYyN2EwMDNjY2ZlNDI0NGRlYTUwYjc4ZDQzIn0%3D; c=eyJpdiI6ImQrazFXd0lWbHBJVWlqV2Fjb2VTSVE9PSIsInZhbHVlIjoiU0hNV2R0SE1NVnZcL3E4cHNVK1JnNkdiUlwvMlVOZ29cL2JUVTFcLzNNKzZoXC9oWmZ5dFpkYytST3dtY3JxdTdnQUVKIiwibWFjIjoiMTQ0NWUxNDY3NjkwZDQxMGQ4NzhjNThlZTFjNDIzOGEwNDI5ZjVlY2Q5ZTY3NjEzZDhiOWU3YjUwNTI3YTU3NiJ9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: text/css
last-modified: Wed, 27 Mar 2024 14:41:19 GMT
vary: Accept-Encoding
etag: W/"6604300f-570a"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
cache-control: max-age=14400
cf-cache-status: HIT
age: 101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVdB39uPmGu57%2BVVMBjzWYLgLgaElXJgpawPjvgHwRgq3YqiRIgrQ3qfLn7tGlpFmyTkP4O9O7GikOSLoVb%2B1k0sG5NrpvnvUXPe3%2B4UgEoaVe2tKVHCElYjZOpEy0mMHbfDMT8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c29ea0d56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newgreatoffers.top/media/sad-face.svg | 172.67.215.176 | 200 OK | 247 kB |
URL GET HTTP/3newgreatoffers.top/media/sad-face.svg IP172.67.215.176:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectnewgreatoffers.top Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT
File typeSVG Scalable Vector Graphics image Size247 kB (246955 bytes) Hashb53fccab8b86eecc2ff24237d099321d 39ad520ffafe5e725ac32e823911575dbfb89ec9 186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
GET /media/sad-face.svg HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ijh2bUlocVc5VTBPS0VYXC96WDZLSGVnPT0iLCJ2YWx1ZSI6IjRZOU41S3JjOTFldW1ERk1pRnprOEhtVW5uZkVMcVpteHhXWVBWNk85dTJicGlVR0taQUp4SStuR0hyeWYxOXEiLCJtYWMiOiJlOGZjMDVjMmM3ZmFlMDRhMTdjM2QxNTNiMzU3MTFjYzkxNTVjYTYyN2EwMDNjY2ZlNDI0NGRlYTUwYjc4ZDQzIn0%3D; c=eyJpdiI6ImQrazFXd0lWbHBJVWlqV2Fjb2VTSVE9PSIsInZhbHVlIjoiU0hNV2R0SE1NVnZcL3E4cHNVK1JnNkdiUlwvMlVOZ29cL2JUVTFcLzNNKzZoXC9oWmZ5dFpkYytST3dtY3JxdTdnQUVKIiwibWFjIjoiMTQ0NWUxNDY3NjkwZDQxMGQ4NzhjNThlZTFjNDIzOGEwNDI5ZjVlY2Q5ZTY3NjEzZDhiOWU3YjUwNTI3YTU3NiJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: image/svg+xml
last-modified: Wed, 27 Mar 2024 14:41:29 GMT
vary: Accept-Encoding
etag: W/"66043019-5dc"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cache-control: max-age=14400
cf-cache-status: HIT
age: 100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LdtRRmjomRgubbqEMMrP0xT%2Bqrcqsw9RVDFS06Q3D9d%2B%2BLL24ZyZplB%2FlPKdTzCnb9ZDV5goP7Sr6dlkUCtN9TzY8PEqYiGRgolHSs6T96VusVIXXK6Kfe4KmS4UFVyB8FDebGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c2a0a4f56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static-133.b-cdn.net/43461/images/mockup-three-phone.png | 194.242.11.186 | 200 OK | 965 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/mockup-three-phone.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 1920 x 808, 8-bit/color RGBA, non-interlaced Size965 kB (964789 bytes) Hashd656e316c5f67a3d7eadc3a4e8a9c1f2 41d0a52bb6ad7351526c739589b85b9c275e963d 2236f4e50c3ddd56f65a30164785676c5d3a1569fa9297418679f25f6ff0bd90
GET /43461/images/mockup-three-phone.png HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/png
content-length: 964789
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "d656e316c5f67a3d7eadc3a4e8a9c1f2"
last-modified: Wed, 13 Mar 2024 15:17:29 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000002dd9f695ca30bbb0-0065f29eca-5281cd35-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 8673df3bda460b3d-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/20/2024 07:08:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e3bc168d37397186132774efde22230a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-4.jpg | 194.242.11.186 | 200 OK | 375 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-4.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x692, components 3 Size375 kB (374893 bytes) Hashca2af1e0db4ffa75dc11257debbca866 9a4ecbbbb46dc174daa5eb39d804d00914602fdf 26c2c413b4a6d8f79064e6a92528e0a886da3e41f99acf7e5b8a01ff082f3f97
GET /43461/images/bg-img-4.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/jpeg
content-length: 374893
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "ca2af1e0db4ffa75dc11257debbca866"
last-modified: Wed, 13 Mar 2024 15:17:41 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000003769d44dac3c04af-0065f1c7cc-5280acec-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 869c8b777cce0b55-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 94a5396888bc1162698241d5003efd7b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newgreatoffers.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 458404
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| newgreatoffers.top/locate | 172.67.215.176 | 200 OK | 588 B |
URL GET HTTP/3newgreatoffers.top/locate IP172.67.215.176:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectnewgreatoffers.top Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT
Hashbc2aab60f97289405e571e0b2c1efe36 804e18026d40a5c1d78b2b8a26a2b69173606449 9e7422acea1beb599ac9c537df70ecda3490679365ff5605f58d7720acb39a18
GET /locate HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6Ijh2bUlocVc5VTBPS0VYXC96WDZLSGVnPT0iLCJ2YWx1ZSI6IjRZOU41S3JjOTFldW1ERk1pRnprOEhtVW5uZkVMcVpteHhXWVBWNk85dTJicGlVR0taQUp4SStuR0hyeWYxOXEiLCJtYWMiOiJlOGZjMDVjMmM3ZmFlMDRhMTdjM2QxNTNiMzU3MTFjYzkxNTVjYTYyN2EwMDNjY2ZlNDI0NGRlYTUwYjc4ZDQzIn0=
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ijh2bUlocVc5VTBPS0VYXC96WDZLSGVnPT0iLCJ2YWx1ZSI6IjRZOU41S3JjOTFldW1ERk1pRnprOEhtVW5uZkVMcVpteHhXWVBWNk85dTJicGlVR0taQUp4SStuR0hyeWYxOXEiLCJtYWMiOiJlOGZjMDVjMmM3ZmFlMDRhMTdjM2QxNTNiMzU3MTFjYzkxNTVjYTYyN2EwMDNjY2ZlNDI0NGRlYTUwYjc4ZDQzIn0%3D; c=eyJpdiI6ImQrazFXd0lWbHBJVWlqV2Fjb2VTSVE9PSIsInZhbHVlIjoiU0hNV2R0SE1NVnZcL3E4cHNVK1JnNkdiUlwvMlVOZ29cL2JUVTFcLzNNKzZoXC9oWmZ5dFpkYytST3dtY3JxdTdnQUVKIiwibWFjIjoiMTQ0NWUxNDY3NjkwZDQxMGQ4NzhjNThlZTFjNDIzOGEwNDI5ZjVlY2Q5ZTY3NjEzZDhiOWU3YjUwNTI3YTU3NiJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IlcrcllPdjF1TDVWU0ZDY094c3FGVXc9PSIsInZhbHVlIjoiUE9YMlR2aWVXQjRRaDh3VHNWcVlKQ2tCZnR4MU95OU9XYzVSa2wyOVl6S2FjSzV4TU8wRXFmZXg2ekFkZDlsVSIsIm1hYyI6IjRjMWFhZGI2MDgzZDcxZmExYmNmMTlhMWMxMmRkOWU0NzZmYThmNWZiZTI2YWE4YTQxYzc5NTVjYTE2Y2UwNDYifQ%3D%3D; expires=Tue, 16-Apr-2024 11:55:04 GMT; Max-Age=7200; path=/
c=eyJpdiI6InREZVFJakJyNklOZWVkRzJVa2VhNUE9PSIsInZhbHVlIjoia1JIMzVQNHBcL1ZQRkRLTDM3dkR3dytvV1hQUHFlek5qQnpSNWt6aXR6S09rQ1RUYmtvQm1ZQUc4YU01Rm85YnciLCJtYWMiOiI4YzU3NWE2YzY0YTU0ZTI2ZDMwY2FjZjhlOWIyZmFiOWMyNTQ2NmQ3ZTY5OTQ4NjIzYTNhOTdmMzhlN2IzZWNjIn0%3D; expires=Tue, 16-Apr-2024 11:55:04 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2BZINU8piImvPW%2Bu7tUVItIFVCaaTiuPeL%2F18QJ8TdztU8PnosaELbqdBgWKs%2B3gUXwNMh5ES4XWbsPONDOW6SHHg2BmYTRoGHquXkGIVOBLw8s5u4g3J3W1PqiTAmhYY1%2Bj3hI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c309d3d56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newgreatoffers.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 458404
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newgreatoffers.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 458404
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newgreatoffers.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 458404
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| berebereuolakola.com/ | 139.45.196.64 | | 16 B |
IP139.45.196.64:0
File typeASCII text, with no line terminators Hash7feadfe891c04432562e6d2b4d35f38a fc25b473cdcdf8551d51bed416dd604f3e1d158f e836cf151c055c64b3b2991de7067f3d9e925b51d1050e57ff93a7b88667031f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: berebereuolakola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 16 Apr 2024 09:55:04 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 16
Connection: keep-alive
|
|
| mgkstatic33.b-cdn.net/43461/images/favicon.png | 194.242.11.186 | 200 OK | 1.8 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/images/favicon.png IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash482ce499d40d67a9f4e12e5c992e98ce 9b8ce74d23795fdafa1bd6ca98a45a402e77dcc8 a7e3b96b4eab4a0a983b1db97750021b9d18574877b51f5a23a600514694a887
GET /43461/images/favicon.png HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/png
content-length: 1805
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "482ce499d40d67a9f4e12e5c992e98ce"
last-modified: Wed, 13 Mar 2024 15:17:45 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000931254d7e4b970d6-0065f1c7a0-5280acec-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 874b2f61f8dd56ba-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/15/2024 10:17:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 66e28f516a1df65917377395e7c296d0
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/build/funnel.js | 194.242.11.186 | 200 OK | 735 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/build/funnel.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
Size735 kB (735343 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /43461/build/funnel.js HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=3600
etag: W/"154334f976eb4c2bbea602efb4ad82ce"
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000171f16e097b1d7c2-0065f29eca-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869b6440a89156bb-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 02:15:10
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ce1323805be05cb30ad78885b5c075a0
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cof4ltla6vts738dk9g0 | 76.223.57.231 | 302 Found | 30 kB |
URL User Request GET HTTP/2g.mtrck.org/c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cof4ltla6vts738dk9g0 IP76.223.57.231:443
CertificateIssuerLet's Encrypt Subjectg.mtrck.org FingerprintB1:97:7C:87:E0:27:AF:43:D2:96:20:A4:78:6D:0C:61:EF:62:F7:69 ValidityThu, 14 Mar 2024 05:51:05 GMT - Wed, 12 Jun 2024 05:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c?aid=xoLG2W&lpid=9trgqE&aff_sub5b=cof4ltla6vts738dk9g0 HTTP/1.1
Host: g.mtrck.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Tue, 16 Apr 2024 09:55:02 GMT
location: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
server: Caddy, nginx
set-cookie: XSRF-TOKEN=eyJpdiI6IkpOWEk0Qlh1UWFiOGNqT2h0VjBUdXc9PSIsInZhbHVlIjoidmdsZVhseGwxWnNvU21wYURVQ29hcVlNMUJaMnY4L3lna1ZBWXRHdFdBZHAvRVlxc1Vya3M5cmNmOXFzRGQ1TUV6Vk1GTC9iTjR6K0RqZ1IwVS82VDRrNHNwaS9HWXFOSlovSlNUbk9hRThSbjVwRDBaelg0bm1YZElaTk8rNTEiLCJtYWMiOiI3MTUwNWYwNGEyMTYyMDU3YTdhYWE2M2RiMWJmZTI5YjgzNDllY2MzMzRhMGM4NWNmNDFjYjQ1MmQ1ZDk1YjBkIiwidGFnIjoiIn0%3D; expires=Tue, 16-Apr-2024 11:55:02 GMT; Max-Age=7200; path=/; samesite=lax
clickbit_session=eyJpdiI6IlNRUkRtOWtreG5KMFo3SktXZFlZaFE9PSIsInZhbHVlIjoiMzV1OXJwKzJoRnJZYUJ3S3FadTdDZVk3WVQwYlJYa3dSQjJ5WVlXaUI0S2pUZUgxMWJJdzFRb0ZWcTRYVjdmTTBweVYzcjhhdnU1T0lmU0dhY21yTHpGVk5TRC9zM0MwYXUxOFlyUHBZcnRHOUxtN1NVQ0JqZmRqNUdXa255N2IiLCJtYWMiOiI3NmFjYjIxODYwNTIyN2I3NDhlYWFiMzllODZjYzEwNTRiZjEzNTA3OTEzNDZlYzE5YTc3ODdmYzE1ODY2MjY5IiwidGFnIjoiIn0%3D; expires=Tue, 16-Apr-2024 11:55:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cid=eyJpdiI6Ilpoc0w0eGdMQVM2NVFuaEd1U2w1bGc9PSIsInZhbHVlIjoiVDhrQjhWSVNkT3VpbVowMG9TdXRNVVk0VUlhb0h1N1FuMmw2QURoS3dVRmc5T0dpNUROUUxvZEszQitPMkhkbnJBMEFLeGltRDcxN2VXdlMvNkJGTzNLRFptM2hWeHpVRHJuVllrbDVQMU09IiwibWFjIjoiMjRmN2Q0MjdkYzNkMDY2MWE1MGJkNGZmMzFlMmI5OTBlMzUzNGE1Yjk3ZmQwNTk2Y2E0YWQxNDdkYTdiMmFmZiIsInRhZyI6IiJ9; expires=Sun, 31-Jul-2078 16:32:37 GMT; Max-Age=1713249455; path=/; httponly; samesite=lax
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/brush-stroke.svg | 194.242.11.186 | 200 OK | 124 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/brush-stroke.svg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size124 kB (124282 bytes) Hash2affaa6cbada4631a14b44e4390b0358 e7ad09b7af15b3c1aaff622222a654343e358dfe d8783d3e7e17ac28d426e6d7b992027af21ba4f86976b1526b9a1e53a047d169
GET /43461/images/brush-stroke.svg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: W/"2affaa6cbada4631a14b44e4390b0358"
last-modified: Wed, 13 Mar 2024 15:17:35 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000005c4296c53e680ad2-0065f29eca-5281cd5d-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: HIT
cf-ray: 869c8b777a0b56ae-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 869525baa570abd69e98a7e913590109
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mgkstatic33.b-cdn.net/43461/build/funnel.css | 194.242.11.186 | 200 OK | 83 kB |
URL GET HTTP/2mgkstatic33.b-cdn.net/43461/build/funnel.css IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeASCII text, with very long lines (45962) Hash670878add58e57bb842fb7530256b6f7 4e642526889846d2b06727762c71c5ec59a60f16 8db1af5a48d72fa1716165f347f781448ac6228b5fd21ec8b9008c2758e87b83
GET /43461/build/funnel.css HTTP/1.1
Host: mgkstatic33.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 1367785
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=3600
etag: W/"670878add58e57bb842fb7530256b6f7"
last-modified: Wed, 13 Mar 2024 15:17:25 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003038141ea2822112-0065f1c7cc-5280ad0f-ams3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cf-cache-status: REVALIDATED
cf-ray: 865fdc805baf56a4-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2024 20:51:30
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ca0795027262b34b9cffa42bbf53cd13
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| newgreatoffers.top/event?hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13 | 172.67.215.176 | 201 Created | 2 B |
URL POST HTTP/3newgreatoffers.top/event?hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13 IP172.67.215.176:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectnewgreatoffers.top Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /event?hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13 HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IlcrcllPdjF1TDVWU0ZDY094c3FGVXc9PSIsInZhbHVlIjoiUE9YMlR2aWVXQjRRaDh3VHNWcVlKQ2tCZnR4MU95OU9XYzVSa2wyOVl6S2FjSzV4TU8wRXFmZXg2ekFkZDlsVSIsIm1hYyI6IjRjMWFhZGI2MDgzZDcxZmExYmNmMTlhMWMxMmRkOWU0NzZmYThmNWZiZTI2YWE4YTQxYzc5NTVjYTE2Y2UwNDYifQ==
Content-Length: 182
Origin: https://newgreatoffers.top
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6IlcrcllPdjF1TDVWU0ZDY094c3FGVXc9PSIsInZhbHVlIjoiUE9YMlR2aWVXQjRRaDh3VHNWcVlKQ2tCZnR4MU95OU9XYzVSa2wyOVl6S2FjSzV4TU8wRXFmZXg2ekFkZDlsVSIsIm1hYyI6IjRjMWFhZGI2MDgzZDcxZmExYmNmMTlhMWMxMmRkOWU0NzZmYThmNWZiZTI2YWE4YTQxYzc5NTVjYTE2Y2UwNDYifQ%3D%3D; c=eyJpdiI6InREZVFJakJyNklOZWVkRzJVa2VhNUE9PSIsInZhbHVlIjoia1JIMzVQNHBcL1ZQRkRLTDM3dkR3dytvV1hQUHFlek5qQnpSNWt6aXR6S09rQ1RUYmtvQm1ZQUc4YU01Rm85YnciLCJtYWMiOiI4YzU3NWE2YzY0YTU0ZTI2ZDMwY2FjZjhlOWIyZmFiOWMyNTQ2NmQ3ZTY5OTQ4NjIzYTNhOTdmMzhlN2IzZWNjIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 201 Created
date: Tue, 16 Apr 2024 09:55:05 GMT
content-type: application/json
cache-control: no-cache, private
access-control-allow-origin: https://newgreatoffers.top
vary: Origin
set-cookie: XSRF-TOKEN=eyJpdiI6IjRyeFZQRFJBY1pcL2kyckIzTEY3K29RPT0iLCJ2YWx1ZSI6Ill0cWJaUnlKT29DQThWWDY1a0RWT1B2b2dsaVVkMURoOU1semRWZ3MrQXg5eU5menZYMzNaVGxDMmVoNHRYcjQiLCJtYWMiOiJhOGVmNzhmYzQ1MTMyZGUzOTlhNDk1ZDBhY2YyYjRjNDhlMDAxMjI2ZDhkZTIxNGI5ZWQ1YjJjYzVjMzlhNmRhIn0%3D; expires=Tue, 16-Apr-2024 11:55:05 GMT; Max-Age=7200; path=/
c=eyJpdiI6Im5PdXV0ZFpTMjQ5ZTZmR2FYMUdOVnc9PSIsInZhbHVlIjoia2h4UmNkSDZVaFwvNkFxRW5Lc1k0VTRrVnhBbjU2eVI2MmtHNkhJQVRvOTBIQUJlR3F3a2s2T2wxXC9kZjArR3FlIiwibWFjIjoiMTVkMjEyNDRiZjk0YjIxYmE4MjNiNzU2YTFmZDVhNGQ0MDA4MmI0YjIxNjQzM2M5M2Q4N2YwMzM2MGY5MjQzNyJ9; expires=Tue, 16-Apr-2024 11:55:05 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7UXpdhPcAKPRyV2k8UJo0WevKQS70dzrvCrjr3hWHk3YJXsmnPgtBabxYiYh9S%2B%2Fx4ENM36iPrpBQE2DhF6gBkjWbaE%2F6g0GTfKq%2BtJzP5NZnjtHbGPClptxB03zHnRrp4WBLMw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c322fb156c9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= | 172.67.215.176 | 200 OK | 30 kB |
URL User Request GET HTTP/2newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= IP172.67.215.176:443
CertificateIssuerGoogle Trust Services LLC Subjectnewgreatoffers.top Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Ijh2bUlocVc5VTBPS0VYXC96WDZLSGVnPT0iLCJ2YWx1ZSI6IjRZOU41S3JjOTFldW1ERk1pRnprOEhtVW5uZkVMcVpteHhXWVBWNk85dTJicGlVR0taQUp4SStuR0hyeWYxOXEiLCJtYWMiOiJlOGZjMDVjMmM3ZmFlMDRhMTdjM2QxNTNiMzU3MTFjYzkxNTVjYTYyN2EwMDNjY2ZlNDI0NGRlYTUwYjc4ZDQzIn0%3D; expires=Tue, 16-Apr-2024 11:55:03 GMT; Max-Age=7200; path=/
c=eyJpdiI6ImQrazFXd0lWbHBJVWlqV2Fjb2VTSVE9PSIsInZhbHVlIjoiU0hNV2R0SE1NVnZcL3E4cHNVK1JnNkdiUlwvMlVOZ29cL2JUVTFcLzNNKzZoXC9oWmZ5dFpkYytST3dtY3JxdTdnQUVKIiwibWFjIjoiMTQ0NWUxNDY3NjkwZDQxMGQ4NzhjNThlZTFjNDIzOGEwNDI5ZjVlY2Q5ZTY3NjEzZDhiOWU3YjUwNTI3YTU3NiJ9; expires=Tue, 16-Apr-2024 11:55:03 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vuHd1Stkz9GDiROOR3r5Pgi0Ua7kLgXin0m6LJTOFWt34OylsFMDhsWsEOXDE0KETExVOr%2FYY3DjVlE9iA0ggGP1k7Y9oTYxOX1H8yX2PI%2FjtciivE8lomcqj39LYDnq7YLzoFM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87534c26d9df56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static-133.b-cdn.net/43461/images/bg-img-3.jpg | 194.242.11.186 | 200 OK | 246 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-3.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1920x473, components 3 Size246 kB (246271 bytes) Hash1b514cd6bf37cbbb0738a585510fd600 e171926ee51ece136dc499e19c1adbb118f26f35 9d89491bdea31bb858e17bb9add38046eefa867be00184f3b653798969e3a7ea
GET /43461/images/bg-img-3.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/jpeg
content-length: 246271
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "1b514cd6bf37cbbb0738a585510fd600"
last-modified: Wed, 13 Mar 2024 15:17:38 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx000000225d7167c00f3db-0065f29eca-52827f33-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 8673df3bdb3556cb-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/20/2024 07:08:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e080082b434ceaf45bc1a984e68b12b1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| newgreatoffers.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 172.67.215.176 | 200 OK | 1.2 kB |
URL GET HTTP/3newgreatoffers.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP172.67.215.176:443
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerGoogle Trust Services LLC Subjectnewgreatoffers.top Fingerprint8D:52:89:23:5C:65:D7:D9:03:5A:E6:CA:C5:DF:46:16:56:55:B5:2D ValidityWed, 10 Apr 2024 05:11:29 GMT - Tue, 09 Jul 2024 05:11:28 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: newgreatoffers.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Cookie: XSRF-TOKEN=eyJpdiI6Ijh2bUlocVc5VTBPS0VYXC96WDZLSGVnPT0iLCJ2YWx1ZSI6IjRZOU41S3JjOTFldW1ERk1pRnprOEhtVW5uZkVMcVpteHhXWVBWNk85dTJicGlVR0taQUp4SStuR0hyeWYxOXEiLCJtYWMiOiJlOGZjMDVjMmM3ZmFlMDRhMTdjM2QxNTNiMzU3MTFjYzkxNTVjYTYyN2EwMDNjY2ZlNDI0NGRlYTUwYjc4ZDQzIn0%3D; c=eyJpdiI6ImQrazFXd0lWbHBJVWlqV2Fjb2VTSVE9PSIsInZhbHVlIjoiU0hNV2R0SE1NVnZcL3E4cHNVK1JnNkdiUlwvMlVOZ29cL2JUVTFcLzNNKzZoXC9oWmZ5dFpkYytST3dtY3JxdTdnQUVKIiwibWFjIjoiMTQ0NWUxNDY3NjkwZDQxMGQ4NzhjNThlZTFjNDIzOGEwNDI5ZjVlY2Q5ZTY3NjEzZDhiOWU3YjUwNTI3YTU3NiJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 09:55:03 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 08:31:34 GMT
etag: W/"661ce5e6-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYV21xLjUjw7mwSCmjLbPwG3CgB1uKIM2IEhJvu1YLZXpE3OH%2FBY6WdiFJAXtIndYK7yP31xIETtDPGNsUfOI1U8otShhrA3Zi11w%2BSvwVAOqf37JSaE94P8hZyZlgHnXMbw9aw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87534c2a0a5256c9-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 18 Apr 2024 09:55:03 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| static-133.b-cdn.net/43461/images/bg-img-2.jpg | 194.242.11.186 | 200 OK | 242 kB |
URL GET HTTP/2static-133.b-cdn.net/43461/images/bg-img-2.jpg IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://newgreatoffers.top/bit-gpt-pp-ai/?oid=133&qze=1&hitid=9bd1f922-d431-4302-bb09-31c0f1e9ab13&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x788, components 3 Size242 kB (241782 bytes) Hash87ea1d39178e8229c5e1d3f4820d371b ffbc7e6774a0e1fdcbc0fa2dea5fa1ee91b2095f 762daaf85334b0f65ee1a790a52257782cef0f4481df7ce04715bfd2acf0f633
GET /43461/images/bg-img-2.jpg HTTP/1.1
Host: static-133.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgkstatic33.b-cdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 09:55:04 GMT
content-type: image/jpeg
content-length: 241782
server: BunnyCDN-NO1-830
cdn-pullzone: 561175
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cdn-requestcountrycode: NO
cache-control: max-age=3600
etag: "87ea1d39178e8229c5e1d3f4820d371b"
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
cf-bgj: h2pri
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: tx0000090b60f5f7e80b015-0065f29eca-52830f45-ams3c
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cf-cache-status: HIT
cf-ray: 869c8b7778650b45-OSL
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/25/2024 05:36:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cd439802b64a1acd29c493e636df7bde
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|