prfectnewoffers.net Open in urlscan Pro
172.67.191.215 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hlmiq.com/to2/clickaine2.com/
Effective URL:
https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&actio...
Submission: On May 29 via manual (May 29th 2024, 6:12:11 am UTC) from JP — Scanned from JP

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 10 domains to perform 42 HTTP transactions. The main IP is 172.67.191.215, located in United States and belongs to CLOUDFLARENET, US. The main domain is prfectnewoffers.net.
TLS certificate: Issued by E1 on April 10th 2024. Valid for: 3 months.

This is the only time prfectnewoffers.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.132.202.70 142.132.202.70	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.208.22.1 88.208.22.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 12	139.45.197.244 139.45.197.244	9002 (RETN-AS) (RETN-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1 1	111.90.140.153 111.90.140.153	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
1 1	76.223.57.231 76.223.57.231	16509 (AMAZON-02) (AMAZON-02)
10	172.67.191.215 172.67.191.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2400:52e0:150... 2400:52e0:1501::1098:1	() ()
1	2404:6800:400... 2404:6800:4004:811::200a	() ()
6	2400:52e0:150... 2400:52e0:1501::1145:1	() ()
1	2404:6800:400... 2404:6800:400a:80a::2003	() ()
42	8

1 142.132.202.70 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.70.202.132.142.clients.your-server.de

hlmiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.22.1 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: mail.armadaboard.com

2299.2469april2024.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 139.45.197.244 (United Kingdom) 2 redirects

ASN9002 (RETN-AS, GB)

dolatiaschan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.90.140.153 (Malaysia) 1 redirects

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la

fmjtrk.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.57.231 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aa0765ea35863d62b.awsglobalaccelerator.com

f.mtrck.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.67.191.215 (United States)

ASN13335 (CLOUDFLARENET, US)

prfectnewoffers.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2400:52e0:1501::1098:1 (None, )

ASN- ()

mgkstatic33.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:811::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2400:52e0:1501::1145:1 (None, )

ASN- ()

static-133.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80a::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	b-cdn.net mgkstatic33.b-cdn.net static-133.b-cdn.net	3 MB
12	dolatiaschan.com 2 redirects dolatiaschan.com — Cisco Umbrella Rank: 562634	32 KB
10	prfectnewoffers.net prfectnewoffers.net	244 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11492	997 B
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com	4 KB
1	mtrck.org 1 redirects f.mtrck.org	1 KB
1	fmjtrk.live 1 redirects fmjtrk.live	321 B
1	2469april2024.com 1 redirects 2299.2469april2024.com — Cisco Umbrella Rank: 645192	542 B
1	hlmiq.com 1 redirects hlmiq.com — Cisco Umbrella Rank: 126538	334 B
42	10

	Domain	Requested by
12	dolatiaschan.com	2 redirects dolatiaschan.com
11	mgkstatic33.b-cdn.net	prfectnewoffers.net
10	prfectnewoffers.net	prfectnewoffers.net
6	static-133.b-cdn.net	mgkstatic33.b-cdn.net
2	my.rtmark.net	dolatiaschan.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	mgkstatic33.b-cdn.net
1	f.mtrck.org	1 redirects
1	fmjtrk.live	1 redirects
1	2299.2469april2024.com	1 redirects
1	hlmiq.com	1 redirects
42	11

This site contains no links.

Subject Issuer	Validity	Valid
dolatiaschan.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
rtmark.net R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
prfectnewoffers.net E1	`2024-04-10` - `2024-07-09`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2023-11-05` - `2024-11-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Frame ID: E3EF8F5E03F3A0E1FC669DD355BC9DA8
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hlmiq.com/to2/clickaine2.com/ HTTP 307
https://2299.2469april2024.com/4/232297?pageUri=&referer=&jsr=0&abl=0&acrc=1&acrs=own&bdd=timeout HTTP 307
https://dolatiaschan.com/4/7184682 Page URL
https://dolatiaschan.com/?z=7184682&syncedCookie=true&rhd=false HTTP 302
https://dolatiaschan.com/4/6118780/?var=7184682&btz=Asia/Tokyo&bto=-540&bar=x Page URL
https://dolatiaschan.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
https://fmjtrk.live/click?key=1eb9fcc8e1d9b6c0221c1s&visitor_id=819565354719383621&cost=0.001293... HTTP 307
https://f.mtrck.org/c?aid=tnW1DR&lpid=9trgqE&aff_sub5b=cpbcia46n9fs73bstnog HTTP 302
https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_... Page URL

Page Statistics

42
Requests

98 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

8
IPs

5
Countries

3335 kB
Transfer

4413 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hlmiq.com/to2/clickaine2.com/ HTTP 307
https://2299.2469april2024.com/4/232297?pageUri=&referer=&jsr=0&abl=0&acrc=1&acrs=own&bdd=timeout HTTP 307
https://dolatiaschan.com/4/7184682 Page URL
https://dolatiaschan.com/?z=7184682&syncedCookie=true&rhd=false HTTP 302
https://dolatiaschan.com/4/6118780/?var=7184682&btz=Asia/Tokyo&bto=-540&bar=x Page URL
https://dolatiaschan.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
https://fmjtrk.live/click?key=1eb9fcc8e1d9b6c0221c1s&visitor_id=819565354719383621&cost=0.001293&zoneid=6118780&campaignid=7706162&banner=19737970&zone_type={zone_type}&user_activity=high&subzone_id=119282 HTTP 307
https://f.mtrck.org/c?aid=tnW1DR&lpid=9trgqE&aff_sub5b=cpbcia46n9fs73bstnog HTTP 302
https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://hlmiq.com/to2/clickaine2.com/ HTTP 307
https://2299.2469april2024.com/4/232297?pageUri=&referer=&jsr=0&abl=0&acrc=1&acrs=own&bdd=timeout HTTP 307
https://dolatiaschan.com/4/7184682

Request Chain 5

https://dolatiaschan.com/?z=7184682&syncedCookie=true&rhd=false HTTP 302
https://dolatiaschan.com/4/6118780/?var=7184682&btz=Asia/Tokyo&bto=-540&bar=x

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

7184682 Show response
dolatiaschan.com/4/
Redirect Chain

https://hlmiq.com/to2/clickaine2.com/
https://2299.2469april2024.com/4/232297?pageUri=&referer=&jsr=0&abl=0&acrc=1&acrs=own&bdd=timeout
https://dolatiaschan.com/4/7184682

34 KB
14 KB

1056ms
474ms

Document
text/html

139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dolatiaschan.com/4/7184682

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c7d71b092c68c9183bcdc64aa0a848b511f5c8caf9d2d2f47b1b8d193bf8a905

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Wed, 29 May 2024 06:12:04 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 18c6700e05cdeb346b1ffba159e90d6a

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 29 May 2024 06:12:03 GMT
expires: Wed, 29 May 2024 06:12:03 UTC
last-modified: Wed, 29 May 2024 06:12:03 UTC
location: https://dolatiaschan.com/4/7184682
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: unsafe-url
server: nginx

POST
H2 200 sftouch
dolatiaschan.com/ 2 B
605 B 259ms
254ms Ping
text/plain 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dolatiaschan.com/sftouch?userId=00806bf2437e483dfa7016ac6d319e71&z=7184682&p_rid=3da41530-bde9-429a-8862-e712cc770d56&p_src=sf&branchId=0&rb=06bd3sMdVGBEHE8J_A2iYz0v65bxUWZhkP89PNr1ocskkWdsZpc6SIOePowFrl79K68sDPl301B2KtaBXwllpt39lsnR2-I0ereRaaMFf5KaQhy1bSvnaGyDT3uGTh8Uu5rfKVu0YGkeKqqFTJxJYhvtW8qX4_mc00aTEb9QqYG0TeACeGfHap_S6rVVJA096rfR8bJKd3XuQuA7d9v_TPW5s290mrHnc42nz7gbjoRgHQHRbRxmT5bdo5wRdZxOJa4udnNG_PdpVriq4KjLuDz_T8tgDe55EsTIGOeKD60=

Requested by

Host: dolatiaschan.com
URL: https://dolatiaschan.com/4/7184682

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "125.0.6422.112"
Referer: https://dolatiaschan.com/4/7184682
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: 4cb78d22ca34ca1cd7c36794b5072b41
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://dolatiaschan.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 737ms
237ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00806bf2437e483dfa7016ac6d319e71&z=7184682&p_rid=3da41530-bde9-429a-8862-e712cc770d56&p_src=sf

Requested by

Host: dolatiaschan.com
URL: https://dolatiaschan.com/4/7184682

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dolatiaschan.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H2 200 add Show response
dolatiaschan.com/log/ 12 B
385 B 250ms
243ms XHR
application/json 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dolatiaschan.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=3da41530-bde9-429a-8862-e712cc770d56

Requested by

Host: dolatiaschan.com
URL: https://dolatiaschan.com/4/7184682

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "125.0.6422.112"
Content-Type: text/plain;charset=UTF-8
Referer: https://dolatiaschan.com/4/7184682
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dolatiaschan.com
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length: 12

GET
H2 204 favicon.ico
dolatiaschan.com/ 0
150 B 237ms
236ms Other
text/plain 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dolatiaschan.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "125.0.6422.112"
Referer: https://dolatiaschan.com/4/7184682
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 29 May 2024 06:12:06 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

/ Show response
dolatiaschan.com/4/6118780/
Redirect Chain

https://dolatiaschan.com/?z=7184682&syncedCookie=true&rhd=false
https://dolatiaschan.com/4/6118780/?var=7184682&btz=Asia/Tokyo&bto=-540&bar=x

34 KB
14 KB

242ms
241ms

Document
text/html

139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dolatiaschan.com/4/6118780/?var=7184682&btz=Asia/Tokyo&bto=-540&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

abdc9976d25e44a918343ee831cf584c4d3444737fc920384adf8e6ab8875027

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://dolatiaschan.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "125.0.6422.112"
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Wed, 29 May 2024 06:12:06 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 1cc695ca5ac19e7f7c3a248bff0ea3cd

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://dolatiaschan.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Wed, 29 May 2024 06:12:06 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://dolatiaschan.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://dolatiaschan.com/4/6118780/?var=7184682&btz=Asia/Tokyo&bto=-540&bar=x
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 32864169a1c053d307cb3476675da2ba

GET
H2 204 favicon.ico
dolatiaschan.com/ 0
0 203ms
203ms Other
text/plain 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dolatiaschan.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "125.0.6422.112"
Referer: https://dolatiaschan.com/afu.php?zoneid=7184682&var=7184682&rid=mnhKzS_wDF_SW3g2Y1iWsw%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=125.0.6422.112
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 29 May 2024 06:12:06 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 sftouch
dolatiaschan.com/ 2 B
605 B 242ms
242ms Ping
text/plain 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dolatiaschan.com/sftouch?userId=00806bf2437e483dfa7016ac6d319e71&z=6118780&p_rid=1cb3272f-9e54-4626-a60c-5e6ff6fd1daa&p_src=sf&branchId=0&rb=j9PIlaQUT7Tu4LBCDobtlyv2m7NnHtszhJjzGRF9a4f9sqD3LhuMocNwWaUC4khudW5hUVsEJhnBzH_AaPHV4NNC_d3lFYtCf31UzzMDiOX2j_F2FZTzV_sTw_Us2oh8jkVbNHNCovajjY3tkgMpaa-cTbbbX_8nZhsqfeSeC-8oNj2rz3D8Lp4T4CqZNbQh1PI1POrA9nnT7DQPyH3Awf6IumgV4HGKuiYF3ynaDIsDPSfAFsjn-KvCcI4XVne2Wr_-z0n3KvrVqbarsT4ak_SWm89FEkcLquXOS5QngkUr4pf1

Requested by

Host: dolatiaschan.com
URL: https://dolatiaschan.com/4/6118780/?var=7184682&btz=Asia/Tokyo&bto=-540&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "125.0.6422.112"
Referer: https://dolatiaschan.com/4/6118780/?var=7184682&btz=Asia/Tokyo&bto=-540&bar=x
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: d549f7177c2326ca69f472dd79b5a0c8
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://dolatiaschan.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 img.gif
my.rtmark.net/ 43 B
506 B 238ms
237ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00806bf2437e483dfa7016ac6d319e71&z=6118780&p_rid=1cb3272f-9e54-4626-a60c-5e6ff6fd1daa&p_src=sf

Requested by

Host: dolatiaschan.com
URL: https://dolatiaschan.com/4/6118780/?var=7184682&btz=Asia/Tokyo&bto=-540&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dolatiaschan.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://dolatiaschan.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H2 200 add
dolatiaschan.com/log/ 12 B
385 B 241ms
241ms XHR
application/json 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dolatiaschan.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1cb3272f-9e54-4626-a60c-5e6ff6fd1daa

Requested by

Host: dolatiaschan.com
URL: https://dolatiaschan.com/4/6118780/?var=7184682&btz=Asia/Tokyo&bto=-540&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "125.0.6422.112"
Content-Type: text/plain;charset=UTF-8
Referer: https://dolatiaschan.com/4/6118780/?var=7184682&btz=Asia/Tokyo&bto=-540&bar=x
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dolatiaschan.com
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length: 12

GET
H2 204 favicon.ico
dolatiaschan.com/ 0
0 0ms
0ms Other
text/plain 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dolatiaschan.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "125.0.6422.112"
Referer: https://dolatiaschan.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=125.0.6422.112
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 29 May 2024 06:12:06 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

Primary Request / Show response
prfectnewoffers.net/bit-gpt-pp-ai/
Redirect Chain

https://dolatiaschan.com/?z=6118780&syncedCookie=false&rhd=false
https://fmjtrk.live/click?key=1eb9fcc8e1d9b6c0221c1s&visitor_id=819565354719383621&cost=0.001293&zoneid=6118780&campaignid=7706162&banner=19737970&zone_type={zone_type}&user_activity=high&subzone_i...
https://f.mtrck.org/c?aid=tnW1DR&lpid=9trgqE&aff_sub5b=cpbcia46n9fs73bstnog
https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=

31 KB
9 KB

803ms
744ms

Document
text/html

172.67.191.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b54609bfc9db854eb2b05f5a9a7e3698f8e312cf075f3eb116687b8fc1ef08a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://dolatiaschan.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "125.0.6422.112"
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 88b454be4cfd1d7b-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 29 May 2024 06:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xhrgxUmhJ%2Bvzp4ESBrRhW8MFRrZegodv0H17xiV4Hv%2FdX8ctGgpVb6FBza7I%2FJakJdHy0KOWb0BPWdTcPp%2Bmw0s3XmMFQRu%2FZI8pa1kE04n3YtBuWM5iFIXR4coaJ%2BKBPbtkpNXG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-proc: 1
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Wed, 29 May 2024 06:12:07 GMT
location: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
server: Caddy nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 204 favicon.ico
dolatiaschan.com/ 0
0 0ms
0ms Other
text/plain 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dolatiaschan.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "125.0.6422.112"
Referer: https://dolatiaschan.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=125.0.6422.112
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 29 May 2024 06:12:06 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 forms.css
prfectnewoffers.net/css/ 22 KB
4 KB 22ms
16ms Stylesheet
text/css 172.67.191.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99

Requested by

Host: prfectnewoffers.net
URL: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f93e02936033f95f052bec10b8041b15ec34b661a699957113f8646875c81718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:09 GMT
x-proc: 2
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 4150
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 24 May 2024 09:55:31 GMT
server: cloudflare
etag: W/"66506413-570a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SOV%2B6FN%2Be8lACsxx7LWv5NxAoY3PLJC40WtEcg%2BD2SN2sZIEUOT0r6sFE2FomN72W4Op3kFzNn0LOdtZu6%2BwpvPq7j1oOCE5dF2wDBKsP5pu9ALa7e7e0gZf7AtMRVqBsB9%2BoO4h"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 88b454c95f051d7b-NRT

GET
H3 200 flow.css
prfectnewoffers.net/css/ 385 B
667 B 19ms
13ms Stylesheet
text/css 172.67.191.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prfectnewoffers.net/css/flow.css?id=1a2dada5ba76c1b29ae1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:09 GMT
x-proc: 1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 4150
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 24 May 2024 09:55:25 GMT
server: cloudflare
etag: W/"6650640d-181"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMHuBLmvTl9Dc9gxBNGHLnlpEmXRsOyCewlhF51CDiXX2u5XrkHoCXtj7%2F1mgfd8EiJGDDetIpKuqzJ0xwyHwf02QYdMtNgOeeKSRejsY9Xt%2BmpTCD7zoVlOc%2FSXkw8sMXK%2FEBDz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 88b454c95f071d7b-NRT

GET
H2 200 funnel.css
mgkstatic33.b-cdn.net/43461/build/ 81 KB
22 KB 76ms
0ms Stylesheet
text/css 2400:52e0:1501::1098:1

General

Check archive.org

Show headers Download Go to

Full URL

https://mgkstatic33.b-cdn.net/43461/build/funnel.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1098:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1098 /

Resource Hash

8db1af5a48d72fa1716165f347f781448ac6228b5fd21ec8b9008c2758e87b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
cdn-edgestorageid: 1189
x-amz-request-id: tx00000702346f077814e49-0065f29eca-5281cd35-ams3c
cdn-cachedat: 03/14/2024 12:18:18
cdn-pullzone: 1367785
last-modified: Wed, 13 Mar 2024 15:17:25 GMT
server: BunnyCDN-JP1-1098
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"670878add58e57bb842fb7530256b6f7"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=3600
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
x-rgw-object-type: Normal
cdn-requestid: db8c4bf7dc07b1093ae1cd05042e3682
cf-ray: 864434a0db02e0ec-NRT
cdn-requestcountrycode: JP
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo.png
mgkstatic33.b-cdn.net/43461/images/ 12 KB
13 KB 76ms
0ms Image
image/png 2400:52e0:1501::1098:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgkstatic33.b-cdn.net/43461/images/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1098:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1098 /

Resource Hash

d13af073b360ef22d6fae9f4553a70389ba215b9d4dff52a9e2358417be6921c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1146
x-amz-request-id: tx000008b1c89a4d0b15148-0065f29eca-5280acec-ams3c
cdn-cachedat: 03/14/2024 12:18:18
cdn-pullzone: 1367785
content-length: 12510
last-modified: Wed, 13 Mar 2024 15:17:34 GMT
server: BunnyCDN-JP1-1098
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "34156c9cf33b3a62f654c05dce790379"
content-type: image/png
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: 09688bb111a9faf02c2e465a1d156659
accept-ranges: bytes
cf-ray: 864434a0db85f619-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 check-icon.png
prfectnewoffers.net/images/ 44 KB
44 KB 18ms
14ms Image
image/png 172.67.191.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prfectnewoffers.net/images/check-icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:09 GMT
x-proc: 3
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4144
alt-svc: h3=":443"; ma=86400
content-length: 45018
x-xss-protection: 1; mode=block
last-modified: Fri, 24 May 2024 08:55:02 GMT
server: cloudflare
etag: "665055e6-afda"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LDCHMaRYa0FyAiWCjYWNGlQ9IneayXm9%2BI7FUdqIsEdrvs%2BVh59cODQavUX1%2B2G8n0WZD3fM%2F%2FWZoJtnQYuvTiks75%2B4%2BtqpQ7OMSR0i3rjRtwnLbSYYzzjbpqaS2kEQ7Apwn531"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88b454c95f081d7b-NRT

GET
H2 200 Icon-ionic-md-trophy.png
mgkstatic33.b-cdn.net/43461/images/ 4 KB
5 KB 18ms
4ms Image
image/png 2400:52e0:1501::1098:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgkstatic33.b-cdn.net/43461/images/Icon-ionic-md-trophy.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1098:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1098 /

Resource Hash

3d25d49488fafac19a1fd40686a0d901d245e613db1d0b1ddb9a38fa101c659e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1062
x-amz-request-id: tx00000374b9d402d543229-0065f29eca-5280acec-ams3c
cdn-cachedat: 03/14/2024 12:18:20
cdn-pullzone: 1367785
content-length: 3992
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
server: BunnyCDN-JP1-1098
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "aa55fd19e5efcaea20c5baf81e722bbc"
content-type: image/png
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: b07fdc1dd6e37a891421a90be9fe0983
accept-ranges: bytes
cf-ray: 864434aedaede3a3-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Icon-awesome-download.png
mgkstatic33.b-cdn.net/43461/images/ 4 KB
4 KB 9ms
4ms Image
image/png 2400:52e0:1501::1098:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgkstatic33.b-cdn.net/43461/images/Icon-awesome-download.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1098:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1098 /

Resource Hash

cd37a4eede36ce73ad4388f7f6a0483c87455e888b16eaee0c9e076abf7882dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1195
x-amz-request-id: tx0000096a6b8a15cae6941-0065f29eca-5281cd35-ams3c
cdn-cachedat: 03/14/2024 12:18:21
cdn-pullzone: 1367785
content-length: 3776
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
server: BunnyCDN-JP1-1098
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "2973d7d42cbc07bd0099eec135a5de96"
content-type: image/png
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: 9dcbb70184db220a5920a3a93b585627
accept-ranges: bytes
cf-ray: 864434aedbfcafa3-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Icon-awesome-rocket.png
mgkstatic33.b-cdn.net/43461/images/ 4 KB
4 KB 2ms
1ms Image
image/png 2400:52e0:1501::1098:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgkstatic33.b-cdn.net/43461/images/Icon-awesome-rocket.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1098:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1098 /

Resource Hash

7cdbc2c72709df7bd0a11927adf1f751a7fc681d3e032267a2b9c4e328dcf40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1062
x-amz-request-id: tx000001277ebaeb444c088-0065f29eca-52830f45-ams3c
cdn-cachedat: 04/11/2024 01:09:37
cdn-pullzone: 1367785
content-length: 3717
last-modified: Wed, 13 Mar 2024 15:17:28 GMT
server: BunnyCDN-JP1-1098
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "e26549054b8a37aff472cc3c68ca9f92"
content-type: image/png
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: 299f698227ce25ec476d4b6e2763d9f4
accept-ranges: bytes
cf-ray: 8727179d9d8a262f-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 robot-and-phone-final-img.png
mgkstatic33.b-cdn.net/43461/images/ 396 KB
397 KB 9ms
6ms Image
image/png 2400:52e0:1501::1098:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgkstatic33.b-cdn.net/43461/images/robot-and-phone-final-img.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1098:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1098 /

Resource Hash

15775556fc3dd033df8b911c03448a47cc4e14f26e36aecc2ac378f76c9307d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1193
x-amz-request-id: tx00000c322e188418121f5-0065f29eca-52830f45-ams3c
cdn-cachedat: 03/14/2024 12:18:20
cdn-pullzone: 1367785
content-length: 405350
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
server: BunnyCDN-JP1-1098
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "b961c9e7e178aa1bb10a1ed8bbc37f76"
content-type: image/png
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: b40daf1d1cb7325cc09e929d22d9d66b
accept-ranges: bytes
cf-ray: 864434aedc8ededf-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 phone-with-shadow-bitbotapp.png
mgkstatic33.b-cdn.net/43461/images/ 99 KB
100 KB 7ms
6ms Image
image/png 2400:52e0:1501::1098:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgkstatic33.b-cdn.net/43461/images/phone-with-shadow-bitbotapp.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1098:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1098 /

Resource Hash

f6d18c1ec94df13f3f335ee98f1cdc6010656e117c6a5bd0b47812580c188123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1195
x-amz-request-id: tx000001497924583aa2f5c-0065f1c7cc-5281cd5d-ams3c
cdn-cachedat: 03/14/2024 12:18:20
cdn-pullzone: 1367785
content-length: 101329
last-modified: Wed, 13 Mar 2024 15:17:30 GMT
server: BunnyCDN-JP1-1098
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "8d3c7b42fdd79ef3c7d81aee046465c8"
content-type: image/png
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: 727058b563d8e85453a84c4f6a9076bb
accept-ranges: bytes
cf-ray: 864434aecc6af5c0-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Polygon-10.png
mgkstatic33.b-cdn.net/43461/images/ 465 B
1 KB 27ms
24ms Image
image/png 2400:52e0:1501::1098:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgkstatic33.b-cdn.net/43461/images/Polygon-10.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1098:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1098 /

Resource Hash

d074af86e879deab518c017c9078083a6dc2214d6ca96b892c245bab5c94ceb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1185
x-amz-request-id: tx00000105add3cb97a3b69-0065f29eca-5280acec-ams3c
cdn-cachedat: 03/14/2024 12:18:20
cdn-pullzone: 1367785
content-length: 465
last-modified: Wed, 13 Mar 2024 15:17:46 GMT
server: BunnyCDN-JP1-1098
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "250d763ae00c38fc8d960305e2f11950"
content-type: image/png
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: c5de909d106b3771e4ca833fa5134610
accept-ranges: bytes
cf-ray: 864434aeda9880b7-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0PTcCKIlgr.gif
mgkstatic33.b-cdn.net/43461/images/ 18 KB
18 KB 25ms
23ms Image
image/gif 2400:52e0:1501::1098:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgkstatic33.b-cdn.net/43461/images/0PTcCKIlgr.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1098:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1098 /

Resource Hash

f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
cdn-edgestorageid: 1066
x-amz-request-id: tx00000101b0333fa72db33-0065f712d5-52830f45-ams3c
cdn-cachedat: 04/22/2024 01:00:35
cdn-pullzone: 1367785
content-length: 17963
last-modified: Wed, 13 Mar 2024 15:17:39 GMT
server: BunnyCDN-JP1-1098
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "313d1440d21ae95e5dcfa2f447f14456"
content-type: image/gif
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: a5d6c9b4a013a0d6383a05eb877d37ca
accept-ranges: bytes
cf-ray: 8781ad7ccedd80a8-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 sad-face.svg
prfectnewoffers.net/media/ 1 KB
1 KB 17ms
16ms Image
image/svg+xml 172.67.191.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prfectnewoffers.net/media/sad-face.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
x-proc: 2
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 4017
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 24 May 2024 09:55:31 GMT
server: cloudflare
etag: W/"66506413-5dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mc84LaMH3rv6WndGFjjA60SmiOL01WgFoC0A8u9vjpHKZvTIbA4f5e6QUcltEQnjyMdW1vwwyQGJ%2FtxUxSdZ3TFgh7LHFELUIF7lHPXsVVefwOF8BUDFKl9ubrfMB9s79oZSnQfK"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88b454cba9321d7b-NRT

GET
H3 200 email-decode.min.js Show response
prfectnewoffers.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 20ms
17ms Script
application/javascript 172.67.191.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prfectnewoffers.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 May 2024 09:02:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664db4b7-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CuYziEtC%2FV32T3CMZvx9Y28UpAis0Xb5Hs5mt7yRSLd6qoZR4AbrU0XUYRePLmdXROVrrZsQnBVptNf1abJ7HDtn%2Fxw9P6UcNYmX25TgycAQXi7G0%2Fxva%2FjOHj48hC2HuB2Ev%2BxQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 88b454c9ef981d7b-NRT
expires: Fri, 31 May 2024 06:12:09 GMT

GET
H3 200 redirect.js Show response
prfectnewoffers.net/js/ 3 KB
2 KB 27ms
23ms Script
application/javascript 172.67.191.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prfectnewoffers.net/js/redirect.js?id=7205070985cfaaa84a2b

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fd8e205f7ba2def2d0a5b7212189d9b8766ca0c515b09c39412531d49fcc655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:09 GMT
x-proc: 1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 4144
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 24 May 2024 09:55:25 GMT
server: cloudflare
etag: W/"6650640d-ab2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2FwISF6bgZDVllp9UiUgmCXCc7ARZ1Yb39G7P%2FcmQgDD5TBQ443ws02SV1i4ERHihhLDskMGZXxuCvpATPGg5W513u%2F1zQc6FzIdRwmO9ZykLLA1wS5xcNYfHEr3CYJ8i04zhtFl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 88b454c9ef9b1d7b-NRT

GET
H3 200 l.js Show response
prfectnewoffers.net/js/ 412 KB
111 KB 21ms
21ms Script
application/javascript 172.67.191.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prfectnewoffers.net/js/l.js?id=f699e0c1aa11fe1bdd00

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

392c15facf9c22c83c1e8c4e47d73ea5875e4b7aaccd0b828874e56975081017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:09 GMT
x-proc: 3
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
age: 4017
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 24 May 2024 09:55:42 GMT
server: cloudflare
etag: W/"6650641e-66f42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BYbDgoho5fihMiwkQliygbpAEX8PPyITHQTbZlMdG6rmzg9HfUOzsZQoZEFjCn7mJOQTUDqnrFvwonauIxPP1ggKo0wJuH2qq%2FUMmAFaa5kCnKHk454lyek%2BG5Sp%2BpPNnB1K3VfJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 88b454ca1fbc1d7b-NRT

GET
H2 200 funnel.js Show response
mgkstatic33.b-cdn.net/43461/build/ 718 KB
220 KB 10ms
10ms Script
application/javascript 2400:52e0:1501::1098:1

General

Check archive.org

Show headers Download Go to

Full URL

https://mgkstatic33.b-cdn.net/43461/build/funnel.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1098:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1098 /

Resource Hash

c0bc7d84863d6352319f4638e7f027022d4e008ce7d0680148b6a884fcbdb8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
cdn-edgestorageid: 1190
x-amz-request-id: tx00000171f16e097b1d7c2-0065f29eca-5281cd5d-ams3c
cdn-cachedat: 03/14/2024 12:18:20
cdn-pullzone: 1367785
last-modified: Wed, 13 Mar 2024 15:17:26 GMT
server: BunnyCDN-JP1-1098
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"154334f976eb4c2bbea602efb4ad82ce"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: 93af9b49d3a75165221f75db0a63522b
cf-ray: 864434aa5dc23c03-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 86 KB
4 KB 214ms
52ms Stylesheet
text/css 2404:6800:4004:811::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap

Requested by

Host: mgkstatic33.b-cdn.net
URL: https://mgkstatic33.b-cdn.net/43461/build/funnel.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

84675537119f9cc7f7a12120e2cf7ebe9cf645accde5cffca6d6da0c6ed03b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mgkstatic33.b-cdn.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 May 2024 06:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 May 2024 06:12:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 May 2024 06:12:10 GMT

GET
H2 200 hero-img-new.jpg
static-133.b-cdn.net/43461/images/ 384 KB
385 KB 38ms
14ms Image
image/jpeg 2400:52e0:1501::1145:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-133.b-cdn.net/43461/images/hero-img-new.jpg

Requested by

Host: mgkstatic33.b-cdn.net
URL: https://mgkstatic33.b-cdn.net/43461/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1145:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1145 /

Resource Hash

d74199bd755af51a2080d1caad0f8655afebbd5da7b56ee3302699c7bd856b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mgkstatic33.b-cdn.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1061
x-amz-request-id: tx000001c2614e59fb41b02-0065f1c7cc-52827f33-ams3c
cdn-cachedat: 03/14/2024 12:18:22
cdn-pullzone: 561175
content-length: 393575
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
server: BunnyCDN-JP1-1145
cdn-proxyver: 1.04
cf-bgj: h2pri
etag: "8867f07ab37b30a70556531fab9ab745"
cdn-requestpullcode: 200
content-type: image/jpeg
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: 14abbae67b68757166a6519b345a9cdc
accept-ranges: bytes
cf-ray: 864434b5a9c2f58b-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 brush-stroke.svg
static-133.b-cdn.net/43461/images/ 121 KB
47 KB 26ms
3ms Image
image/svg+xml 2400:52e0:1501::1145:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-133.b-cdn.net/43461/images/brush-stroke.svg

Requested by

Host: mgkstatic33.b-cdn.net
URL: https://mgkstatic33.b-cdn.net/43461/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1145:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1145 /

Resource Hash

d8783d3e7e17ac28d426e6d7b992027af21ba4f86976b1526b9a1e53a047d169

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mgkstatic33.b-cdn.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
cdn-edgestorageid: 1172
x-amz-request-id: tx000005c4296c53e680ad2-0065f29eca-5281cd5d-ams3c
cdn-cachedat: 03/14/2024 12:18:22
cdn-pullzone: 561175
last-modified: Wed, 13 Mar 2024 15:17:35 GMT
server: BunnyCDN-JP1-1145
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2affaa6cbada4631a14b44e4390b0358"
vary: Accept-Encoding
content-type: image/svg+xml
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: 32d74313ed03c719455604924bd8cdc9
cf-ray: 864434bb6c44b011-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 flags.png
prfectnewoffers.net/images/vendor/intl-tel-input/build/ 69 KB
70 KB 22ms
20ms Image
image/png 172.67.191.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prfectnewoffers.net/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44

Requested by

Host: prfectnewoffers.net
URL: https://prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/css/forms.css?id=f996a15d4340ce7f6a99
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
x-proc: 3
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3854
alt-svc: h3=":443"; ma=86400
content-length: 70857
x-xss-protection: 1; mode=block
last-modified: Fri, 24 May 2024 09:55:42 GMT
server: cloudflare
etag: "6650641e-114c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mdy7DnLfOJ%2FT14ryfiSD7rerHwowyx808H0azXLHvVkthDOd0EwcqQTHajO0v51VSl3lm71wjyuXDJrQ1qiWgr3VWuzLSufszKjCqnpd1YPQaAMmWK8ZsrXShzLTsmGo9Msa%2B5Gg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88b454cc39a91d7b-NRT

GET
H2 200 bg-img-2.jpg
static-133.b-cdn.net/43461/images/ 236 KB
237 KB 29ms
12ms Image
image/jpeg 2400:52e0:1501::1145:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-133.b-cdn.net/43461/images/bg-img-2.jpg

Requested by

Host: mgkstatic33.b-cdn.net
URL: https://mgkstatic33.b-cdn.net/43461/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1145:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1145 /

Resource Hash

762daaf85334b0f65ee1a790a52257782cef0f4481df7ce04715bfd2acf0f633

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mgkstatic33.b-cdn.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1149
x-amz-request-id: tx0000090b60f5f7e80b015-0065f29eca-52830f45-ams3c
cdn-cachedat: 03/14/2024 12:18:23
cdn-pullzone: 561175
content-length: 241782
last-modified: Wed, 13 Mar 2024 15:17:40 GMT
server: BunnyCDN-JP1-1145
cdn-proxyver: 1.04
cf-bgj: h2pri
etag: "87ea1d39178e8229c5e1d3f4820d371b"
cdn-requestpullcode: 200
content-type: image/jpeg
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: a9a0bc286f0493b245d05e42134a7d57
accept-ranges: bytes
cf-ray: 864434c21b20f681-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 mockup-three-phone.png
static-133.b-cdn.net/43461/images/ 942 KB
944 KB 30ms
13ms Image
image/png 2400:52e0:1501::1145:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-133.b-cdn.net/43461/images/mockup-three-phone.png

Requested by

Host: mgkstatic33.b-cdn.net
URL: https://mgkstatic33.b-cdn.net/43461/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1145:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1145 /

Resource Hash

2236f4e50c3ddd56f65a30164785676c5d3a1569fa9297418679f25f6ff0bd90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mgkstatic33.b-cdn.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1065
x-amz-request-id: tx000002dd9f695ca30bbb0-0065f29eca-5281cd35-ams3c
cdn-cachedat: 03/14/2024 12:18:23
cdn-pullzone: 561175
content-length: 964789
last-modified: Wed, 13 Mar 2024 15:17:29 GMT
server: BunnyCDN-JP1-1145
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "d656e316c5f67a3d7eadc3a4e8a9c1f2"
content-type: image/png
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: 503ca53fa4978982ba1696cf1890e52c
accept-ranges: bytes
cf-ray: 864434c2180f80cc-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bg-img-3.jpg
static-133.b-cdn.net/43461/images/ 240 KB
241 KB 27ms
14ms Image
image/jpeg 2400:52e0:1501::1145:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-133.b-cdn.net/43461/images/bg-img-3.jpg

Requested by

Host: mgkstatic33.b-cdn.net
URL: https://mgkstatic33.b-cdn.net/43461/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1145:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1145 /

Resource Hash

9d89491bdea31bb858e17bb9add38046eefa867be00184f3b653798969e3a7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mgkstatic33.b-cdn.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1189
x-amz-request-id: tx000000225d7167c00f3db-0065f29eca-52827f33-ams3c
cdn-cachedat: 03/14/2024 12:18:24
cdn-pullzone: 561175
content-length: 246271
last-modified: Wed, 13 Mar 2024 15:17:38 GMT
server: BunnyCDN-JP1-1145
cdn-proxyver: 1.04
cf-bgj: h2pri
etag: "1b514cd6bf37cbbb0738a585510fd600"
cdn-requestpullcode: 200
content-type: image/jpeg
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: e8066d288c7b7c16a44de804a0dfbcf3
accept-ranges: bytes
cf-ray: 864434c20f7ae0ec-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bg-img-4.jpg
static-133.b-cdn.net/43461/images/ 366 KB
367 KB 25ms
14ms Image
image/jpeg 2400:52e0:1501::1145:1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-133.b-cdn.net/43461/images/bg-img-4.jpg

Requested by

Host: mgkstatic33.b-cdn.net
URL: https://mgkstatic33.b-cdn.net/43461/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1145:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1145 /

Resource Hash

26c2c413b4a6d8f79064e6a92528e0a886da3e41f99acf7e5b8a01ff082f3f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://mgkstatic33.b-cdn.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1193
x-amz-request-id: tx000003769d44dac3c04af-0065f1c7cc-5280acec-ams3c
cdn-cachedat: 03/14/2024 12:18:23
cdn-pullzone: 561175
content-length: 374893
last-modified: Wed, 13 Mar 2024 15:17:41 GMT
server: BunnyCDN-JP1-1145
cdn-proxyver: 1.04
cf-bgj: h2pri
etag: "ca2af1e0db4ffa75dc11257debbca866"
cdn-requestpullcode: 200
content-type: image/jpeg
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: adca2dec8057ad75d5be4a7be72df53b
accept-ranges: bytes
cf-ray: 864434c21d8dafe5-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 214ms
11ms Font
font/woff2 2404:6800:400a:80a::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Montserrat:wght@300;400;500;600;700&family=Noto+Sans:wght@300;400;500;600;700;800;900&family=Open+Sans:wght@400;500;600;700;800&family=Quicksand:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700;900&family=Tajawal:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://prfectnewoffers.net
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 20:07:16 GMT
x-content-type-options: nosniff
age: 381894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 May 2025 20:07:16 GMT

GET
H3 200 locate Show response
prfectnewoffers.net/ 151 B
1 KB 328ms
328ms XHR
application/json 172.67.191.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prfectnewoffers.net/locate

Requested by

Host: prfectnewoffers.net
URL: https://prfectnewoffers.net/js/l.js?id=f699e0c1aa11fe1bdd00

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.215 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b1559ba40685893ff37732b9f2366141e74982cf9dc954e0768ff77dfd4782b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-XSRF-TOKEN: eyJpdiI6Ik5QWkE4Z0EzV0xxVlZWWmxzXC94STlnPT0iLCJ2YWx1ZSI6IjBROXRmcHdHdUN3V2ZBQkNoSU1KeXdNMlptd1dDOFpJVkFtV3hUOG1NcGxsQ1FmVkJHZ2FGV3UzanNLYTgxZEIiLCJtYWMiOiI4YTJhYTA1ZjRhOGY0OTExNmM0M2NmYmMxZjI5ODU1NmRjOWYzOTU0ZjIwZDUwMmM0OTc2ZTVhNGYxZjU3ZWEyIn0=
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://prfectnewoffers.net/bit-gpt-pp-ai/?oid=133&qze=2&hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c&aff_sub=&saf=&cvu=&action=&aff_sub5=&url_id=133&aff_sub2=&aff_sub3=&aff_sub4=&tracker=cg&language=
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
x-proc: 3
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vCUWh3EbUx%2B5phHDpAQyWnINvmUHSfLub1PmwBZjN9MJZlGq8%2Ba2NBNIHb1w1WQLjZUcuTIijzEEn%2FVW5Iz06YVPNunYi9PdWM0nN28vHS4sN7KSrrSNbJW8GMLIu6Yh2yf1RBSl"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 88b454cdbaf61d7b-NRT
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 favicon.png
mgkstatic33.b-cdn.net/43461/images/ 2 KB
2 KB 6ms
5ms Other
image/png 2400:52e0:1501::1098:1

General

Check archive.org

Show headers Download Go to

Full URL

https://mgkstatic33.b-cdn.net/43461/images/favicon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1501::1098:1 -, , ASN (),

Reverse DNS

Software

BunnyCDN-JP1-1098 /

Resource Hash

a7e3b96b4eab4a0a983b1db97750021b9d18574877b51f5a23a600514694a887

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://prfectnewoffers.net/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 06:12:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
cdn-edgestorageid: 1188
x-amz-request-id: tx00000931254d7e4b970d6-0065f1c7a0-5280acec-ams3c
cdn-cachedat: 03/13/2024 16:41:00
cdn-pullzone: 1367785
content-length: 1805
last-modified: Wed, 13 Mar 2024 15:17:45 GMT
server: BunnyCDN-JP1-1098
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "482ce499d40d67a9f4e12e5c992e98ce"
content-type: image/png
x-do-cdn-uuid: b0c9cd13-c401-4707-9471-40949c09e155
cdn-cache: HIT
cdn-uid: 6f116605-ddce-4644-a514-65e3765b9786
cache-control: max-age=3600
x-rgw-object-type: Normal
cdn-requestid: 8aeca80b0a4e3d8ebdf7c8c4240cfc33
accept-ranges: bytes
cf-ray: 863d7810e8267821-NRT
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

POST event
prfectnewoffers.net/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prfectnewoffers.net
URL: https://prfectnewoffers.net/event?hitid=9c2829bb-9e42-498b-893a-a2c0e53b566c

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dolatiaschan.com/	1970-01-21 05:41:39	Name: OAID Value: 00806bf2437e483dfa7016ac6d319e71
dolatiaschan.com/	1970-01-21 05:41:39	Name: oaidts Value: 1716963124
my.rtmark.net/	1970-01-21 05:41:39	Name: ID Value: 00806bf2437e483dfa7016ac6d319e71
dolatiaschan.com/	1970-01-20 21:06:07	Name: syncedCookie Value: true
fmjtrk.live/	1970-01-21 05:41:39	Name: uclick Value: yumOkloJao411bL1amCYvz7Xt7vG4yNart5rE1yQlgFPv5B/wQZ04ihEi9kB6EHZ2UTcVg==
fmjtrk.live/	1970-01-21 05:41:39	Name: bcid Value: cpbcia46n9fs73bstnog
fmjtrk.live/	1970-01-21 05:41:39	Name: cid Value: cpbcia46n9fs73bstnog
f.mtrck.org/	1970-01-20 20:56:10	Name: XSRF-TOKEN Value: eyJpdiI6InFxVUQvTk1BMExKblJkU2NVRHAxWHc9PSIsInZhbHVlIjoiNWxaQ1Z0Q0VVaFQ5TkFwK2VhenNzMllMb3pIR2ZvaVJSWW1GcDN1cGduTzR2dmdRcEIrTGd3ZXhhU0FiSU1tYVhxa3JkZ1JOdXQ4QkY5RGV2Yzl0UlFaVDdLS1JDQWpGblBnMmR1ekdiWXorQ2FsYTF1SnUyWm1UMmh0Uk8wK2QiLCJtYWMiOiJmYTYyZjdmOWQyZDgyNjQyOTU0NmJlM2VmOWYyMzA2NjgxYTNmOGE5ZTBlZGQ1OGY0MzhmYWNkODljMTY5ZWEwIiwidGFnIjoiIn0%3D
f.mtrck.org/	1970-01-20 20:56:10	Name: clickbit_session Value: eyJpdiI6IlFscXpnTDd1YTY3MnF0TXJ3N2JjdUE9PSIsInZhbHVlIjoiU3NNM20zaDIremhiR05IMC9KNGJpNWJ1TTJ5LzBRZER1SnhKblVPaTg5ck1YaVNuejl5eWk1cVdXdTMzYmxEWmhjTHFIOHpyNFMrWTRabUZKM01CNHZtNEN5bVpPdzdueTNLaFpyem52THN4OTNSWkI0RXEvNU9UclZxYzB6SHMiLCJtYWMiOiI1YzY5N2ZhMmMzZGNlNmQwYzJiZmY3YTFmMTNkZjNmYzZiMWU1Njk1MWZmYTEzMDUxMmE5YjljYjI4NjkwMjc0IiwidGFnIjoiIn0%3D
f.mtrck.org/	1970-01-21 06:32:03	Name: cid Value: eyJpdiI6IjJhQVRSd3BSUDFCRjcrTlo3cDZ2NUE9PSIsInZhbHVlIjoiaHgxTjc3ZDhFSzExM0FOazI2YmZUQU1DVTF0YXllbmJNZnc5S0hNUldyZVF1VWFPTExsVDAxR1pYRFJZcFI4Z1lzeXUrbDdldk9zVXltT21NUVl0V2oyakF0SGcwUlltb3F2N0c5VDNPRnM9IiwibWFjIjoiMDc2ZjIzM2Q5ZGE2Yzg1MDhlNjE0NDUxOWUyNGRmZDI0ZTZjNDZjMzU5NjRiYjM4ZmUyMGYxZTI2MDZkMzBkNiIsInRhZyI6IiJ9
prfectnewoffers.net/	1970-01-20 20:56:10	Name: XSRF-TOKEN Value: eyJpdiI6Ik5QWkE4Z0EzV0xxVlZWWmxzXC94STlnPT0iLCJ2YWx1ZSI6IjBROXRmcHdHdUN3V2ZBQkNoSU1KeXdNMlptd1dDOFpJVkFtV3hUOG1NcGxsQ1FmVkJHZ2FGV3UzanNLYTgxZEIiLCJtYWMiOiI4YTJhYTA1ZjRhOGY0OTExNmM0M2NmYmMxZjI5ODU1NmRjOWYzOTU0ZjIwZDUwMmM0OTc2ZTVhNGYxZjU3ZWEyIn0%3D
prfectnewoffers.net/	1970-01-20 20:56:10	Name: c Value: eyJpdiI6IlFORWRWMGtJK3BvRmtBMExKK1dERnc9PSIsInZhbHVlIjoiSlo0N2RLY0FNQlJQV2lFSHBJeWFvMis2RFZXczljeUJaaXIybGxsaWtzR212aWY3QnVlUkRkYk9nSWxCWFI3TCIsIm1hYyI6IjViNDU2ZDc0Mzc5Mjg5NmQyOGQzNzJlY2RlMDI1ZDBkZmNmYWMwNGJjMzJhMTRjZWVmYTI5Njc5YjllZjQ3ZWYifQ%3D%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://dolatiaschan.com/4/7184682 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dolatiaschan.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=125.0.6422.112 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dolatiaschan.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=125.0.6422.112 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2299.2469april2024.com
dolatiaschan.com
f.mtrck.org
fmjtrk.live
fonts.googleapis.com
fonts.gstatic.com
hlmiq.com
mgkstatic33.b-cdn.net
my.rtmark.net
prfectnewoffers.net
static-133.b-cdn.net
prfectnewoffers.net
111.90.140.153
139.45.195.8
139.45.197.244
142.132.202.70
172.67.191.215
2400:52e0:1501::1098:1
2400:52e0:1501::1145:1
2404:6800:4004:811::200a
2404:6800:400a:80a::2003
76.223.57.231
88.208.22.1
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
15775556fc3dd033df8b911c03448a47cc4e14f26e36aecc2ac378f76c9307d8
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
2236f4e50c3ddd56f65a30164785676c5d3a1569fa9297418679f25f6ff0bd90
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26c2c413b4a6d8f79064e6a92528e0a886da3e41f99acf7e5b8a01ff082f3f97
392c15facf9c22c83c1e8c4e47d73ea5875e4b7aaccd0b828874e56975081017
3b1559ba40685893ff37732b9f2366141e74982cf9dc954e0768ff77dfd4782b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d25d49488fafac19a1fd40686a0d901d245e613db1d0b1ddb9a38fa101c659e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5fd8e205f7ba2def2d0a5b7212189d9b8766ca0c515b09c39412531d49fcc655
762daaf85334b0f65ee1a790a52257782cef0f4481df7ce04715bfd2acf0f633
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
7cdbc2c72709df7bd0a11927adf1f751a7fc681d3e032267a2b9c4e328dcf40b
84675537119f9cc7f7a12120e2cf7ebe9cf645accde5cffca6d6da0c6ed03b32
8db1af5a48d72fa1716165f347f781448ac6228b5fd21ec8b9008c2758e87b83
9d89491bdea31bb858e17bb9add38046eefa867be00184f3b653798969e3a7ea
a7e3b96b4eab4a0a983b1db97750021b9d18574877b51f5a23a600514694a887
abdc9976d25e44a918343ee831cf584c4d3444737fc920384adf8e6ab8875027
b54609bfc9db854eb2b05f5a9a7e3698f8e312cf075f3eb116687b8fc1ef08a6
c0bc7d84863d6352319f4638e7f027022d4e008ce7d0680148b6a884fcbdb8ca
c7d71b092c68c9183bcdc64aa0a848b511f5c8caf9d2d2f47b1b8d193bf8a905
cd37a4eede36ce73ad4388f7f6a0483c87455e888b16eaee0c9e076abf7882dc
d074af86e879deab518c017c9078083a6dc2214d6ca96b892c245bab5c94ceb1
d13af073b360ef22d6fae9f4553a70389ba215b9d4dff52a9e2358417be6921c
d74199bd755af51a2080d1caad0f8655afebbd5da7b56ee3302699c7bd856b0a
d8783d3e7e17ac28d426e6d7b992027af21ba4f86976b1526b9a1e53a047d169
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
f6d18c1ec94df13f3f335ee98f1cdc6010656e117c6a5bd0b47812580c188123
f93e02936033f95f052bec10b8041b15ec34b661a699957113f8646875c81718
f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

prfectnewoffers.net Open in urlscan Pro 172.67.191.215 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

42 Requests

98 %HTTPS

36 %IPv6

10 Domains

11 Subdomains

8 IPs

5 Countries

3335 kBTransfer

4413 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

prfectnewoffers.net Open in urlscan Pro
172.67.191.215 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

98 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

8
IPs

5
Countries

3335 kB
Transfer

4413 kB
Size

12
Cookies

42 HTTP transactions
0 data transactions