| manylucksurvey.top/js/v-react-dom.production.min.js.c3329619.js | 172.67.192.143 | 200 OK | 42 kB |
URL GET HTTP/3manylucksurvey.top/js/v-react-dom.production.min.js.c3329619.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (65440) Hashf5e47be85ac64238a6511377c99bef6b 14202f5ec5092ffcb622a84db5877f1c99493b4c 198b63ec93086fb7042c6052dc6558626c506852de0903547cd1b2d52780839e
GET /js/v-react-dom.production.min.js.c3329619.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-1f94f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cRyGRnWopIJmOCKG7Pk98uwLQzCZp%2FcBw4JiQIGQ%2FXxsAvocsp3Mtvoe1cO4KjFHeXbqZteLTNyUUmx4gVN40tYEm8YFx2YlkmX9Z%2FjpmTFuK3KT1fuzdb5bGIB9KrIryIMimPY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0ad9ec97128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/s-storageService.js.bb9f7a22.js | 172.67.192.143 | 200 OK | 1.3 kB |
URL GET HTTP/3manylucksurvey.top/js/s-storageService.js.bb9f7a22.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (2170), with no line terminators Hasha804db09269d602a8a7a50877b60fc86 7aa84eb6c94037c3bfabdf407060ba7b9ca73ff3 f5e3a988f32cdcd8ccdff165e33a1807acdde6426cecbb464c315306ff5e6f6f
GET /js/s-storageService.js.bb9f7a22.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-87a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WauGaZ8OyxlkXAcCORC4dkCocfFh5g6o4HsqzHkO8JHHbYtWhIpcYLb8k6ZoOwPhV3wCqtFr0VFakhIsxj5UVol7TbJTvdAUMLY%2F6L9iqoKJD%2Fq8K2QEM2LJ36g6t8f2uJBydzI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0ad8ea77128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-index.js.da9f7529.js | 172.67.192.143 | 200 OK | 14 kB |
URL GET HTTP/3manylucksurvey.top/js/v-index.js.da9f7529.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (40911) Hashf0c16b073e12930f7cbd321dd6f8f9b9 af74daaab1c8cb17152c3352d40ab89afea0b29d 9058ace69791e8a1eb5f9849c20a6dcd6e0f9018696ed0e563c3da7082aec861
GET /js/v-index.js.da9f7529.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-a01c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QEGTqrvFeNh%2BV9I8UGc8GzsYCnRZQnvPTZiwpCs2IIzlAppVw3MccW1o8njcH5Q%2BNAoIZZFhoILZxdXa57axdLHicuwPjqWx8H3v1glyFvAX9mR3VCWg8UKRI4gbyuEpV7tkhOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0ad8ea57128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 722
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 465c1cc8fb7a852617dc04d423a9f86a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/css/_core-survey.d3ac2ee0.css | 172.67.192.143 | 200 OK | 3.5 kB |
URL GET HTTP/3manylucksurvey.top/css/_core-survey.d3ac2ee0.css IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
Hashb46c09785a51ec87d6931129cd3b489c bb01e01c33e71a4f1612d1da3e831a39a99848cb 8d239430bdb1eae8e66387dd3d0e83aca653232d668025bdaa6a09c92e1c595c
GET /css/_core-survey.d3ac2ee0.css HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-54"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OQu%2BlANZUHGrrpXZLlJij0Wi%2FUzkBrWT9%2Bw8fk3VvvAvz3dY1ne%2BRvVZBxeZsSrH25zMxAMFZoiBNoZVBLzeyorsbQ53qyjxMLCnfN5F%2Fx75Jaag0YANemRqekcJcyYXo%2BkMuCQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0ad9ed87128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-node.js.28d8082c.js | 172.67.192.143 | 200 OK | 2.6 kB |
URL GET HTTP/3manylucksurvey.top/js/v-node.js.28d8082c.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (6251), with no line terminators Hashf61d0e9af048cd71962dcb945f405c63 aefdc99a8057ced201da8aba0640905dd05375d8 1d383bb00e9e3a4d2f58354b41bc0ffc60516bcdcf4486516b8638236b0aeb9d
GET /js/v-node.js.28d8082c.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-186b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AiQ6iqvmg16Bj0RhOAIYZRp3z9n1AzunAeOFTU32UMRdnTbJGQDoSfx8efyGpXx5w89Dm1lihxoYLV2Qw2gf1ZFEPFzvjy%2BGDoiiT%2Fbw%2FTN8zYBkw8wGHanvvg0kWOma6mWnKQY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b048a67128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-dom-to-react.js.26fdf751.js | 172.67.192.143 | 200 OK | 1.2 kB |
URL GET HTTP/3manylucksurvey.top/js/v-dom-to-react.js.26fdf751.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (1085), with no line terminators Hashb9187a6f31bd6c7c0cfe0bcb37ecf60a 1150c33a65703059e43c0d85b1680aa04d4d60e6 a5f216a4ea67c8f005b6cededba525ee330a2d4f8caedc8232f44e4e163e5ebd
GET /js/v-dom-to-react.js.26fdf751.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-43d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F54V2lnJtm3G01fNPChqtMa5j3k2qkZ%2FDhvQEx01y%2FoHpc0yZ%2F%2Fm3uF%2BVKD4REyGuIebmduwT1lJrWUHXo%2BeKzDyGlN%2FTk77KJT2fQTPI1jg%2F0V1OyhzZ00aZIJ4MymwKG588fU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b048ab7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| offpichuan.com/track?offer_id=2755&z=4526262&request_var=2&variable2=3c00b5skqs48k&oaid=swe9azpz5bmreo236e7gnu2v7za034a0 | 139.45.197.237 | 200 OK | 182 B |
URL GET HTTP/2offpichuan.com/track?offer_id=2755&z=4526262&request_var=2&variable2=3c00b5skqs48k&oaid=swe9azpz5bmreo236e7gnu2v7za034a0 IP139.45.197.237:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerLet's Encrypt Subjectoffpichuan.com Fingerprint8B:DE:51:B7:81:9E:EA:DE:73:A4:3D:67:F9:5E:6F:7B:F4:D6:77:5A ValidityMon, 15 Apr 2024 21:54:27 GMT - Sun, 14 Jul 2024 21:54:26 GMT
Hash518fbbd5a95951cd6212498955368d69 f6b781a48dee7d09f5b29745c4ced1397642bbe1 f8c19e1cf3423fb386d154c3effb94bc2774d81de6af91588f731e2ce2b6a4f8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?offer_id=2755&z=4526262&request_var=2&variable2=3c00b5skqs48k&oaid=swe9azpz5bmreo236e7gnu2v7za034a0 HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/json
content-length: 182
x-trace-id: 97a412d3e5e0b104b276032526dd1003
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-13.webp | 172.67.192.143 | 200 OK | 640 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-13.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash8532ec97225298a9c3ae5e393f62e462 fc26fa010830045fa91a16ac9b8c89c45bb35232 9c45568c99b7782b240341ba6729ecacc59d41a8ced9b9846ca4ac51e50c5320
GET /img/comments/person-sweep-13.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 640
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-280"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pSmfJmWjxlXPSKDqAd%2F88OQhKnOk0jG3b8ZOOFkxV%2FilaRD30hCAaeFdXuR2cFiznQfObaqsBrpz4iIZ0ZsfEnA9kE6%2BVUBuBkS1vmRFAKA%2F1mdcvr8e%2BOy4jHMvvU2EQloamPE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b1598d7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-11.webp | 172.67.192.143 | 200 OK | 502 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-11.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash7ec874233fc75e1ec8df712b7ebbd7d2 cc219fb2b7e6057a8303283023dd1aa09a082455 9bb6b14a5a503d3c52bc6fc2e7c236a90e7971ceb41cb99e5245fcfc39ef328b
GET /img/comments/person-sweep-11.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 502
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-1f6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v0fLap%2BGiOswMAq30oCbsD%2FQlNGkPYYhH%2FjdfomFfs3PYF8SekH7zhz%2FglsIkvTGHoIbQr7wDc3poUKgKx56wGvtrZhSbxgeMdbyQvEaHNF2nQOCkQlJKVVah0vfPCf4BTpmn%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b1598a7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-attributes-to-props.js.a2e7cd04.js | 172.67.192.143 | 200 OK | 1.3 kB |
URL GET HTTP/3manylucksurvey.top/js/v-attributes-to-props.js.a2e7cd04.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (702), with no line terminators Hasheb57bdb06e45aff1918587283bf415aa 27d660f01e5c888c9d38a6f784ee2f4458d7d89f ecdd5f30b2bd16e4aa0274c6fce3d598419837aa257c285f2e6d18ac5df9ce0b
GET /js/v-attributes-to-props.js.a2e7cd04.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-2be"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Az5x%2B75zr3Qn%2FMPhwsgwL170N%2FInbPeitU8%2F8A9lriok%2FU2zNfZhRzh6RA4OY1zC%2B1pPIr2Zmbx9MZMPbyOj8NFx8FOr9SUCbLeQLa0Hr2j0%2FKR3SSTAdGKXcDTwfyfK6crcekg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b048ad7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-6.webp | 172.67.192.143 | 200 OK | 462 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-6.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashdfb961fdb848e75591268fde9c186902 2218e96a5c5081f5bef43fda74fd8f0cbb025003 4cf92de9b24fb1484bc1d97880c20589e113b9b1f065df1963e0648f3a38474d
GET /img/comments/person-sweep-6.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 462
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-1ce"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ggBD9zUvvYe%2BH6EhIbweMHXGC1jErGvhNoKkr22Uaf8VFi9KgqCmWuiinESrG755UweKg5XokTjgwTdXFw5iVXLQTmo1k7%2Bk0wVz7tD1PlLND05CcAhquLJOHUyzhYlgrsRGc%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b1497c7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-5.webp | 172.67.192.143 | 200 OK | 588 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-5.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash25e1107a0e365082ccd6093e0073f05c 7b0d3c741f2bbabbcac99f29bee8cf2f9eaa1841 935ec86b128c0bb7bfafc5915a46c0c3709c47b90509e26e4c994d8ef5587cf2
GET /img/comments/person-sweep-5.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 588
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-24c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0YSQTUM%2F4vH1fJRxh8MFzTTfD5d8nqW1px7CB2v4suFVNvRL3xDnFObM%2BlcD4Wnw%2BlLrl6F6%2BrcXl%2B4%2FI9Wt7xYzXv2aH5E%2BNnnlLtnyjxNSauZ0KO%2BKBK%2Bqde%2B2ryw5BoB39WU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b149797128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-7.webp | 172.67.192.143 | 200 OK | 610 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-7.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hasheb52e160b8ea5a1e0de8b2453f46d642 4d28311b4ca822a0a74e318c9d1f54def088b509 2e9c67781abf2cfbabb240bfd08ca836658063849f3303b85027203eec1d37c5
GET /img/comments/person-sweep-7.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 610
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-262"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7fsL0DOa603AwfW6VcVam9zX5eknDwS1kF7LATi7%2Ba2CvVx%2BUUykuFl0G%2BcS%2FWJ2cbJyrro443pgx%2FqrVBoZgW3t8zgCR6svK4QXD5eOCwK4NOppAUZJ89y9KjfxAqJdOdl2fYM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b1497f7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-9.webp | 172.67.192.143 | 200 OK | 818 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-9.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hasha61b1f29004e5a54130bc57051a49c0d 7f60eef07e311b3598895343111d90282a002ea0 b3de11ad2ace70aa9786af4a9e65db774466fe25aca16e16dabdfa7ec76b0a53
GET /img/comments/person-sweep-9.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 818
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-332"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F6LXwjt%2F3QtqneEPLoHnwIXhQT2gc%2FapbwPmsmk%2FIP9BxOdAb67gu7QVuZ5tnCMEZ8dPuV3xe2rTYkJTaWpvzk2DaLhJVo3HyRlMGdKJ7KS4Ws9Yzs263PndLOAeqVRICKgZF9U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b149857128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-8.webp | 172.67.192.143 | 200 OK | 696 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-8.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash6a6742fef0cd1bd74f6da94e9fb833e1 ccaae2ff48574bbb04072b2efc5864b9177017a5 96bf5ed5aa8149269a215cf19a17889c762b8cddb2fe36229849c8379c2d4aa6
GET /img/comments/person-sweep-8.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 696
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-2b8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v2Ca25VK0JoG6ZkVOKL8aK7aq5N6q4EqZaEokOmWZ%2FaAVJ%2FT6727SEb4Hwg%2FC6gqxptJs4IJMNbwj2wQ1cO76Xw8lNDwhYOAD4Suqg%2FP%2BaougGE3Pb%2B1EI6vXEY4gfDKTZlxTgs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b149837128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-index.mjs.19622407.js | 172.67.192.143 | 200 OK | 8.6 kB |
URL GET HTTP/3manylucksurvey.top/js/v-index.mjs.19622407.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (35287), with no line terminators Hash1de1ec2d8e7940b88970d8fbce40ed6d 510aa24127fb8bc3578d9ca4628b2eea5a84ce01 b473156bef833bcfb2e84658093f1ebc1e64011dcba904e26ccb31f1cad8b762
GET /js/v-index.mjs.19622407.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-89d7"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1sjafAiEsXOpaYksALLemojLt1OfP0nD3iwQgwtZObOhrCAfFqlxXMDJxNXoshlj5h41xIpRKEwncueVgL%2BCuTRB401%2F1%2F9R29u%2BjgtWuEmzNC%2B9wUt88BjmHxKx9ZelQ9F%2B9HI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b038a57128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-12.webp | 172.67.192.143 | 200 OK | 668 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-12.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashc57b8a772545ee6e05fedb58c143beb1 6cb5aef79f86275a725cfdd406c7038b24d80aa9 03389ef007f0fd3486a5c71848fd2b67cc05341cf449bcdd34a81a1d4048b090
GET /img/comments/person-sweep-12.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 668
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-29c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ApfdZOdlndaaXoYlA046JF22rrOp9mRtAKn9RuLyuZuSmumJuS1Qry6srKfXEWlhOhl7dYze1Rida4kOqyfOYL2WRWfyYZe7G%2BPnyS53tOrjgAfuBgINRfqlNH39uy1%2BQAeuzow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b1598c7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-14.webp | 172.67.192.143 | 200 OK | 626 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-14.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash7c494127025f1ec09a96c16bf0531a36 0c2f9302c41f99da9fb5eead2c364bdbdf435156 e6443a7cdcc5ee11ece88ce10824fd79851700e4bd3dc6259d1a816182b82e5b
GET /img/comments/person-sweep-14.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 626
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-272"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FrWpoz6NlqA01WIfjZIr%2FL2iWz3y%2BwbDZ%2BRRFgjPZEoL1lDN0T0GzTIqpdzp3aZPdf8SSK1yYJlfH5kw2nP%2BIoJ%2BhK9ykoHBxOYb5O22TjVkYajtFwZqK2%2B%2Bq%2F89e26xao3b5lM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b1598e7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-possibleStandardNamesOptimized.js.205abacb.js | 172.67.192.143 | 200 OK | 3.6 kB |
URL GET HTTP/3manylucksurvey.top/js/v-possibleStandardNamesOptimized.js.205abacb.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (7577), with no line terminators Hash754d15b064e9a8ceb8a31b38b1d81c9a 54ebff161ad4bfdabcff1771c25f945f8b39907e 948a15cf425885066c4d071b20d8920f6439a0e3e6684b200f68db637fdc7f8d
GET /js/v-possibleStandardNamesOptimized.js.205abacb.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-1d99"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kUpKQvKAoo%2F%2FeXeBdw0WMzj6L3vLXxn%2FXUC1MZ6tG%2B6Mc0cZdBVYj1l443vgU7s9Fhvt1VfOgpRQbqDOQpmq%2BrwF1xdd1QdkcB00nXR5ueB33z369sptiT3nGSgBPKp6Re4TQ4w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b048a77128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-domparser.js.97173b2e.js | 172.67.192.143 | 200 OK | 1.2 kB |
URL GET HTTP/3manylucksurvey.top/js/v-domparser.js.97173b2e.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (1720), with no line terminators Hash52ca18eed5d7b4a88f79e075608522fb 8332ab1afc8d9c23d127cbc785fb41af81563732 ce352016d1e917abce6b5552ae2fdc941a8998300566b138d04383ae461f0a9d
GET /js/v-domparser.js.97173b2e.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-6b8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1shbWo7Io%2B3%2FbJ41kaiR6TaYC%2F9vaFvOYfg6y5oPcDKGjtZthze4ST6g7uYKA4uEvpc8V9QGOSH1pd1GpEpY0TiuMCwCzrNIQlnn2Pq3rR0ur6zMDU9TE%2BadoM1ks1jRUz8YDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b048aa7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/SweepHeader.b279c2bf.js | 172.67.192.143 | 200 OK | 1.2 kB |
URL GET HTTP/3manylucksurvey.top/js/SweepHeader.b279c2bf.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (1009), with no line terminators Hash0fe439de7df51eacd129903e89a15baa cd04958d3fa581e73b01c27ea41d97d5a430d75f b79bec35661387c45718f5592adf5634587c228d85d45c3b5139bac73214bdf9
GET /js/SweepHeader.b279c2bf.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-3f1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A9YaWrwQ1OsmaoqAMobmEsRtRPtvbC%2Fbd6OLQscTH0T%2FCcdYfzSm36BSv1busYjEF9ewRlnF5Q4Wk8UQ86%2FUbw8TjKhrl2cT2LZ4OAzelARYqhoRdkGm92hQL%2FjfKZFQrz4FoJk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b038a37128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 0 B |
IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 04:57:10 GMT
content-length: 0
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 04:57:10 GMT
content-length: 0
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ofklefkian.com/zone?&pub=0&zone_id=6163354&is_mobile=false&domain=manylucksurvey.top&var=4526262&ymid=2&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2ofklefkian.com/zone?&pub=0&zone_id=6163354&is_mobile=false&domain=manylucksurvey.top&var=4526262&ymid=2&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest IP139.45.197.251:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerLet's Encrypt Subjectofklefkian.com Fingerprint04:A9:FE:8D:C9:B9:EE:6F:3A:C4:29:EA:19:AD:C3:1D:7D:3E:14:02 ValiditySun, 14 Apr 2024 05:38:05 GMT - Sat, 13 Jul 2024 05:38:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6163354&is_mobile=false&domain=manylucksurvey.top&var=4526262&ymid=2&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest HTTP/1.1
Host: ofklefkian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 04:57:10 GMT
content-length: 0
x-trace-id: 0c3c94c35f66ce31e9fde8a59a279b39
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 04:57:10 GMT
content-length: 0
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 175 B |
IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hasha7fbccd9aed97a405c912f014e54e33d d1f5a4e6a184f566d272fb282c7719dac8da4d38 27abda38a3b61986ba145f4fc9a02407cc4649fb26b3cec1a4bda41b7cba21c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 153
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/json; charset=utf-8
content-length: 175
x-trace-id: 810e4ebb186e7ab46d5a70597b4b86f5
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 803
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: ae88e614f148875f5dde1d421b5ad464
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2573
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 35f3cd8fe1ece0f7ee9b1666e0526c8c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/pfe/current/stattag.js | 172.67.192.143 | 200 OK | 7.8 kB |
URL GET HTTP/3manylucksurvey.top/pfe/current/stattag.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (19053), with no line terminators Hash3a74216e872211a9c770302bb7d4a63f 7e63556174a7d66eee407218e503ec0aae2c0f9e 03405209d89a927b81d53eb13968663069760776389c5400bb79d11bd9f78f78
GET /pfe/current/stattag.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-4a6d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G1u%2Bl%2Bfu3ZXVN%2F1jiOuZXrBnVzIcPrjGmIEPL8kMPGv5cpKmjgInFyXGOoTw82EdNiJQU%2F5ZCHxxIdhnMjut5SFXnZPoxvymZ26bU4Gsb%2BgBq6v4nCLFoVt95Ni5SFIVRDH68is%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b25a257128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/sweep/tokens10k.png | 172.67.192.143 | 200 OK | 82 kB |
URL GET HTTP/3manylucksurvey.top/img/sweep/tokens10k.png IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typePNG image data, 480 x 500, 8-bit colormap, non-interlaced Hash10337a4976db716ba3b8cad1f0f1f736 788015c74e561249cc5318fc178e564b68bce44d fef211dba7465da86e75019f78dcdf59af496394963b0bc6cc78b02286effe58
GET /img/sweep/tokens10k.png HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:11 GMT
content-type: image/png
content-length: 82163
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-140f3"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2F3HqfTJZkjc5jghpU%2BWpOGycOWWouj3g2hZjHybAhEkX%2BwRTZlRHxT5%2BqXsbnQL5iuIaFCoqp2ZnP8fqnNFamIfLmPTs5QVDw7wvBx1DJBrbTneAXwVSXpxlLRlmqK8n8b9DA4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b2ca777128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/sw/sw6163354.js?var=4526262&var_3=null&var_4=null&ymid=2&ab2_ttl=5184000000 | 172.67.192.143 | 200 OK | 358 B |
URL GET HTTP/3manylucksurvey.top/sw/sw6163354.js?var=4526262&var_3=null&var_4=null&ymid=2&ab2_ttl=5184000000 IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
Hash5280f2efc60d08cd5ce397fb72eeca20 ba785c010bce010aa3112ea80544c97dd1d89f9d b776f53bab6d41e37ab9e7c263ddeb567111ea9d40403349653c9898be4fdbdc
GET /sw/sw6163354.js?var=4526262&var_3=null&var_4=null&ymid=2&ab2_ttl=5184000000 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-529"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=niJpUlCE6gjjJQIXl6olzA7scgXfnmr%2BvV8Eu72zJtccePR8QXtqp0QCr39F2Motc94XFtcNkP70hsIx%2Bi9oaXbEMsbK%2BYQa%2FVwcyqY0OEr9FXfnFzc%2FrJtNI5xiPDfKscVwfgs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b1f9f57128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/favicon.ico | 172.67.192.143 | 200 OK | 10 kB |
URL GET HTTP/3manylucksurvey.top/favicon.ico IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash668ba1a9fa1890ba16cb8adc28d3dad8 5e35223b2541265114eaf61b9da2556c812fea17 7746cf1b553433822522f2dc432f55fe64eee1f1cf823ef6adfde02e58e1d7e2
GET /favicon.ico HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:11 GMT
content-type: image/x-icon
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-47e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RttIIy2OArBel7%2BvKc697vEOaf%2FwKbPtd5TKS9tXF3Z4DDf6VL%2FAHNgBZSgKuaNAGM%2Fc9D83dNpmcx1%2F4CupbaEmUv1%2BLc53e4eWF8kRik8OSiGQ2yuW%2F3vW%2FmLctmzGHy2TiWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b48b8f7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-utilities.js.d1112fc4.js | 172.67.192.143 | 200 OK | 11 kB |
URL GET HTTP/3manylucksurvey.top/js/v-utilities.js.d1112fc4.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (2577), with no line terminators Hash18cb151303391373ec2138ce7f10bd7f c3d6fdc026a675d23ac14beebd3a46e3e72e9dc4 93cc28fc75a9cbc865ed918e1a8d139ecf52c3a7d9a2caef63ed7092f69ee142
GET /js/v-utilities.js.d1112fc4.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-a11"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XDoX9oiAWG53fc7yvr2Vf5oK%2BlhYQrVwwklB1PD7CrYTJpP6fmNqATyq%2F4PcguDZx%2FZYer7rtfZ83dVIhm4Uuyrwf0UWHLQheoL8WvwN8QCwLsjaD9vUVJjHmcX066ERU%2BO2T%2FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b048a97128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/css/SweepHeader.8e7220ee.css | 172.67.192.143 | 200 OK | 9.1 kB |
URL GET HTTP/3manylucksurvey.top/css/SweepHeader.8e7220ee.css IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (369) Hash0c5fdf34738f40ebf4f3d3d0b62f7132 016839671a08a08990b75652b1d84a0caef8c819 f72012f6e5d94e810521b1408bc6ffa8d2126b9ed32e419b1d513739ac16f8a9
GET /css/SweepHeader.8e7220ee.css HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-172"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cg0m48hPeRftVxNcpV5cTbKwPxbisZyN8C3TicuslqjjWDPop7tz%2FArW%2FvQAAXDZU9ahjZLxUOc7gPUkQuhSeEpQNbUrpsg4MFm8RHXVu1ntscpgU7JODHxFy3Hs%2Bc2zV97SKKk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b028977128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-constants.js.49317f47.js | 172.67.192.143 | 200 OK | 9.6 kB |
URL GET HTTP/3manylucksurvey.top/js/v-constants.js.49317f47.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (600), with no line terminators Hash973e735a355fd5b10428c250e8fd7236 bd3fb14c90e2700400c69b15a84e317d52493bd9 16f1d5ca604ad59b9e5b484b1a0cf2d43eebda055ecee80ac847fbcc4437f0b2
GET /js/v-constants.js.49317f47.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-258"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TcgNAw%2FUySZOO7xA2%2F7tkDKB9%2FoANKc1%2BXgwp1pnVhVG2kNB2Lt%2BCDa7WAWPsm1QrrZGRgWmxCBnmUlGa3XpxcDNOS7c7bwpMoKQjJXi%2Bj%2FbzOg8RTEJhguV51uM0xc%2B4RaPw6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b048b17128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Cookie: ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 04:57:33 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=swe9azpz5bmreo236e7gnu2v7za034a0; expires=Wed, 07 May 2025 04:57:33 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/sweeps-survey.724f05c4.js | 172.67.192.143 | 200 OK | 5.8 kB |
URL GET HTTP/3manylucksurvey.top/js/sweeps-survey.724f05c4.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (6111), with no line terminators Hash8f7b854a31f40bf9be7af8ea81b5f176 bd2ea265c24d6147930a142b34527dcb4d55879e 0f7d320f1c7de2e4777cf2a8c99fb464188c4d196fb82c640f6d1b3d6f592cce
GET /js/sweeps-survey.724f05c4.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-16d0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CBcSVWix6yKhyyPcVpLntn2pITnPNpquETMEoDaleOr6mTSUWyNwveZCsuIYbyvcd2RMqa5wGtrE5CkKcZrjxdy8Nb6aYiWjwv92fynYpCYSqsV1TnC1lQ5xitKjLZFT0TPdqMo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0ad9ed67128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=swe9azpz5bmreo236e7gnu2v7za034a0 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=swe9azpz5bmreo236e7gnu2v7za034a0 IP139.45.195.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash9020262e037289ea7468f32cca9b32aa 4b5619e296a6cbe21c90eded42e10da19ccba7b5 612447ca2098720e8f9d1d75524b3fbd5d01d40d29dec4fd3a429c9a336f6467
GET /gid.js?userId=swe9azpz5bmreo236e7gnu2v7za034a0 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=swe9azpz5bmreo236e7gnu2v7za034a0; expires=Wed, 07 May 2025 04:57:10 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/v-html-to-dom.js.ff1ae7e0.js | 172.67.192.143 | 200 OK | 364 B |
URL GET HTTP/3manylucksurvey.top/js/v-html-to-dom.js.ff1ae7e0.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (373), with no line terminators Hash57f543d4f79657dc92755e2f2031da65 4884f924743049d7812b58958633a40f65e159b5 0fcc39a4a2b765b1ed92a6093fe6dc70e0a886914746f5af6fda6e3d1dc7417d
GET /js/v-html-to-dom.js.ff1ae7e0.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-16c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hnUgBV04foKKJpKF1%2BtS%2FA1lDo5ik7zLSR3yypWB1JTiVKD7UHFHGgaZTel1TvbKSdZirNCzSwTnwh%2Fj%2BKRcKCttGliL0SW4y3duDRqA0h40oRXeK9h7QaUZ%2F5WsxYYuqGyDKaA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b048af7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/SurveyContainer.e2959212.js | 172.67.192.143 | 200 OK | 57 kB |
URL GET HTTP/3manylucksurvey.top/js/SurveyContainer.e2959212.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (57003) Hash1716bf0d79004adf0eb2cdcd64159891 67852b096bcc8817fb0b9b98abf264e40a59310c 56cd17eb9def743ef4bc4909a6eacb77266b749181cfcaec4d478336b1c6ff21
GET /js/SurveyContainer.e2959212.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-defd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bebTX6iMHG4voxTIKhFNFB%2FzmZF%2FjhWfvxUvTJwW2r96cjIbZp25yfbiDLlVIwwef2FwssdCQzwpxgswr2GR6XGcUFC0hxqqWtDPW8DKKyxOg%2B%2FE16oNK7vkt5Gf4J1zgc3LJE8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b048b27128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=121abd6d-daee-4295-bbc2-c07f05c5d46e | 37.48.68.71 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=121abd6d-daee-4295-bbc2-c07f05c5d46e IP37.48.68.71:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash6949f52318584a4b51c719a9b84a7287 9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905 72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=121abd6d-daee-4295-bbc2-c07f05c5d46e HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1454
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 07 May 2024 04:57:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://manylucksurvey.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| manylucksurvey.top/js/config/dict/cookie-consent-1.json?v=10 | 172.67.192.143 | 200 OK | 6.8 kB |
URL GET HTTP/3manylucksurvey.top/js/config/dict/cookie-consent-1.json?v=10 IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6009), with no line terminators Hash4b2ff958e811a50d2f641818590b443d 6abae297812bb55fad869e953e7fdf7469cbe1ae 9c77a5f3d0028d9ba122ed15728ee7b144619431f8302503a19c5785ddaa06b8
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/json
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-1a65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g24mIVw1wwPPAq%2B9fVAUzo39X1e9iRFvUF0aA1mTNHmy4OoWPcJRbo8DatTFvT3oKBfe9HwbYZEZ7k174gCb7F%2BPvsirgrB%2BnEnCUlUtAZzEi2bUVdEkrAOZV2HRd%2F%2FqY9%2FsCSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0af4fe37128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-10.webp | 172.67.192.143 | 200 OK | 572 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-10.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash206819c13484a7a818f1e4499be3704e ada2f34308d6eaa0d004ed0c732e5a3aa7fda1db f4eed862cbcf8f9ce2bde63cf3e13e73ed3e58ac93ec4bb14301b248c4d58e1f
GET /img/comments/person-sweep-10.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 572
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-23c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RnDpcgFCkpw5UEJAkANdsoJ7LsJFMqjLa8ruVQkAywziaeZCjGNffrIojZ7hdV7M76qCVPYipThyZ2dcCrIe%2FdO0O0w3cqGxoOLKSb%2Bn3DXSbd%2B1Qr12YuMUH0L97HMnCw9ktbs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b149877128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/css/sweeps-survey.f5ae42b0.css | 172.67.192.143 | 200 OK | 94 kB |
URL GET HTTP/3manylucksurvey.top/css/sweeps-survey.f5ae42b0.css IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash895c99e8dc2cac2fe41b6e4623314c0e aa530776c5425e3f15a8ad66ee1bc43840172ac6 bb88f272fbb80a919f86655f6cffff6d8419f09b60e279c9727d904f16d73d9c
GET /css/sweeps-survey.f5ae42b0.css HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=93694
etag: W/"662b7650-16dfe"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2B9Dczhu8%2BZ7DDBu6yeqCwRoOgOE0Dp%2BKCUWJ1IyWZW5m3qU26ni528vJpLGcdAk4SieI%2BFzkOa%2BrXCXJEroEbAG6hMPRZTuGYtedEi2YCaomIHPAAJMdJf0mI4prrP6XM4S8MY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0ad9edb7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-15.webp | 172.67.192.143 | 200 OK | 576 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-15.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash6c0726564aa84c5f1161bd0051e0c5e0 6df7e7122e0d007e7ea187c3c35fbc869f8ef8e5 98ff0218f67c0bce5c834a0145c686f56d3a7ca1b948341a3181739da66883b2
GET /img/comments/person-sweep-15.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 576
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-240"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nylblo9Nr0deeNjtlEzHslHiPKIn6WTGRVkYtWMAAE55i4WJ6FPtKjyqxhEj33DsSGR1n6YEJZH0NNJeM6bz6WoYvwu%2FOTTAIS0DhcA5AhbjmivmlbmxTnMu6LrWDbCCqiGHvuY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b159917128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-4.webp | 172.67.192.143 | 200 OK | 800 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-4.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashb1c95558f71bd6614c52433c225b6a28 7c903c12b48199ac1e1b3c8846baf12693b97a28 8e5987af9fd886b03617f6e4980035a877697b9ccdeb9f002c41baa1d6ee8912
GET /img/comments/person-sweep-4.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 800
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-320"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2BtxXwIpBDr3Ke7%2FRYdyKPb5pPWMZfJtyXbXu5DQahZMfXEbzHGTWwUxnn%2FzK0xXDO6I3vCAxkU68h3R4DRaAh7bHnk319enx6TaBARNOeiknKT2UeUzIbSsY5JZvuEBXBJNf74%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b139777128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/_rtc.f86a36d7.js | 172.67.192.143 | 200 OK | 12 kB |
URL GET HTTP/3manylucksurvey.top/js/_rtc.f86a36d7.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (12222), with no line terminators Hash128d6eec0793a7e02c314d2f6245f260 c9f09311c3f229b770f38d0cc69b422430f1c748 bf1606ac64db254cc565a094e7162a96f31f7e48ddece56fc92c654559e5abb8
GET /js/_rtc.f86a36d7.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-2fbe"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVg51w4%2Bv%2Fn%2Bm8fjQTLwZsaPSaxP3PDKRet35X0TIqKbB5EPtDgXhVTm6G2zTWO6oF3uwQU4KXlRKZ8hko6uRHm4V8eHBW9w6%2BcFwT0ZoFh4kYlnitM0JdK8U11THwKBqwAHKh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0ad8e9f7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k | 172.67.192.143 | 200 OK | 7.9 kB |
URL User Request GET HTTP/2manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k IP172.67.192.143:443
CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeHTML document, ASCII text, with very long lines (8134), with no line terminators Hashf99d54c9ee3865f982d1099bdc61155f 83955028f7a58acbd0a2199f79ae501d6d3afa56 d122da6bad371a70444aede6db6ac774d49b2f913ef0c9b83a68dc38dfb48379
GET /sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 04:57:09 GMT
content-type: text/html
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2B2PdJNLM3EA82tztp6YQu189fAqvk1mlzPs6Nt3Qx13QSC16e0Fddix0Nfr8lQtWc2y6RReaTdtGoBV4t5T8KRSnpjz%2BK%2BrUMeQ69ivN8ORHlRZE%2FsbuX6ZceqkAbeBOHPvvJ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0aa589856ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/s-checkSessionStorageAvailable.ts.e8412d91.js | 172.67.192.143 | 200 OK | 330 B |
URL GET HTTP/3manylucksurvey.top/js/s-checkSessionStorageAvailable.ts.e8412d91.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (338), with no line terminators Hash6eb1ccbb769935debb74de9858287720 5302f94074f05eb22f05368dfe3464b85c89fb48 1e016cce8f09ded837e6e46c9e26d5dddccc19bbfa89c9dc583c04d85e2c7bb4
GET /js/s-checkSessionStorageAvailable.ts.e8412d91.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-14a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X7iZ65%2BKxs%2BTNaxlA1%2BOdfMB6YC37sEdm8WVnHwqLkjxCpzEv3hHmhXzViGXdKj7EFHYXc92MJPkKy0ihZtWEhBeRX3mGRccxP16EO2DwK5xobabCK383pesi6K2wsAm%2BsAcHwU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0ad8ea97128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-1.webp | 172.67.192.143 | 200 OK | 862 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-1.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x52, Scaling: [none]x[none], YUV color, decoders should clamp Hash384118eb5e49870ad443d90051c692cb 35a73704dcf55b3232f2e9cfc333ff2ecfdcc19f 1ae21006f04f15e16a8057644615cdf8a8a9b39db706f53ba9a925327a6a1635
GET /img/comments/person-sweep-1.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 862
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-35e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZsCuilCM%2BG9c7RdBgWMqo8yebJvctesalk6Em9zk95%2BiwirVirkJU81dXWyT2RsUWiZOk%2BiamT%2FnwLGYmMoYki6zqv8WbDoFOzjErG%2FoVSSlE3HwiIvMZUIJBGJQ5orFPxxtyME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b1296a7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-3.webp | 172.67.192.143 | 200 OK | 582 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-3.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash8347ebfbfa18beba17d356a3dbacb100 f1d66a05e07953cea27fe277e72a495a8e3de2e7 318e494a7bcf7cb28173e54feebeb44ba93b4c17a423c7036d2fcac40e4db6cd
GET /img/comments/person-sweep-3.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 582
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-246"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyjoeXay0%2BrNny0bFi6Q0VtyasHHoeXQyRjNCheAlnxOX1nLV29dmBAXSfVs2tW6v2FQPDjcEoU2plBVs9X0QXUdK7N3c7yJL%2Bs3TFop9D4fNZgp4kLjxuI84K05%2FflQKih5ehk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b139747128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/_each-land-config.3299fec3.js | 172.67.192.143 | 200 OK | 72 kB |
URL GET HTTP/3manylucksurvey.top/js/_each-land-config.3299fec3.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (65452) Hashe50959a36d50199dd1e5357099e71a21 e9bde06c83f10ac6300701792180dc50c298e79b 231a989a44135e73887bfa3a1a56a6205e7e00a00f746976bb4bc0601125ab77
GET /js/_each-land-config.3299fec3.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-1196b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gjr55onVeeguHETAjumA0Tn5MPnI9JKLDKwpgxDRtDNcffUazgDiWe6EKT2mfcu268r04rMgaYRvfLYPcTpDWB2wDF92yYawP0GMmzxZ8FDBQ2FhSBsdTYDesoouX85VeUVgELY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0ad9ec87128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-2.webp | 172.67.192.143 | 200 OK | 538 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-2.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashe4d97f0d392aca4fa78b0928438d0168 55f713d8826a9a65e11fddf4c5fa4ea5939953b2 7058be64334990621fbc8cc06782aac5116c6e8a6d7700d892cb8b36f06c5866
GET /img/comments/person-sweep-2.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 538
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-21a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZzILlXspIqOEDOEESJvGzCv8oG6KYKSo2wv0nKIjiRH2m5QGJIlBeVqSVs%2FNe1nkYtmRJ0vGsW0GORQTaEdJZwZ2wXjRcvEo0h0uiiDtVAKTIWeMhcYBJ9wtWmYo5RoxDvGYLI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b139717128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/config/sd/sd-2755-en.js?v=10 | 172.67.192.143 | 200 OK | 6.1 kB |
URL GET HTTP/3manylucksurvey.top/js/config/sd/sd-2755-en.js?v=10 IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (6364), with no line terminators Hash393964f0f170398158701313e2864602 284d16d89faaaff80f695dbbbc6c9263cd2df81c 9c6adc425d55f88c232f92bcd4a9a0a64c2b25741d3aaeceb37e7134e81b39b8
GET /js/config/sd/sd-2755-en.js?v=10 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-17ec"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xo949LM9i19qE2K3n4d55%2FuOeAJPdsZGzlyoi1sHmPxGMjeFlvPL2%2FNjPA0y%2BM2XpmegtAq8C3Av57wL%2BzJpCJDuq9GBNLB0uigBrf00AVIJjJcG5vzU%2BJkRe9aJqthLNkMc40o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0af1fbf7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/config/comments/en-sweep.json | 172.67.192.143 | 200 OK | 4.9 kB |
URL GET HTTP/3manylucksurvey.top/js/config/comments/en-sweep.json IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (5602), with no line terminators Hashe365b2a50ff785aa57118984ebc86b5d 0cf187164eaa42ff7e244ba653bbde659feaa5bc 3094a84e8e909474fae4e0db6685d9b407d4493efd9389efe35caf326c95a6f0
GET /js/config/comments/en-sweep.json HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/json
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-12f9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfayuFPVv1SQlIble6NQVIibqyLRPDzPNt0vu6201H818EljYbg5NY4DPFZQSYXvkfTybnkg0NKgzyfJqWLOnouwySNq8rW0juCr%2FLrhZknJFvdrFc%2BT65ICRCRpuNfyfDJQywY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b018897128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-16.webp | 172.67.192.143 | 200 OK | 734 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-16.webp IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash0e8c55db8fda61ba2565a293b72e36e1 ef9deaad0f8a71da57252bcf543ea369673d39ff 79b1a144ec7d571b7a155cd2852da72e89b2954affca1448001e3fed2227cb34
GET /img/comments/person-sweep-16.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; syncedCookie=true; oaidts=1715057830; ID=swe9azpz5bmreo236e7gnu2v7za034a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: image/webp
content-length: 734
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-2de"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ClYGGYJ9ALeyt4smiW8ilpXR3%2BWDwrZvUmDeuNbk1IGtluRaRO8rO1snv9Mjd03Hp9B4bZuXBA8KbyqOlPKFwRETltpJVvobnz1SZoykYdfsx1yZaOKYjj%2FHdpi2pgy1S3YrHc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0b159947128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/s-checkLocalStorageAvailable.ts.f2fef93d.js | 172.67.192.143 | 200 OK | 330 B |
URL GET HTTP/3manylucksurvey.top/js/s-checkLocalStorageAvailable.ts.f2fef93d.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (338), with no line terminators Hash9a78659da737fccc89546e61f0eb6213 84e705584bdbc81715e0326742f426c2f472d3a9 bb46fe2e65cc91e5a01a8e731754fdc9b8f30813835a673bd96b48672ac82d60
GET /js/s-checkLocalStorageAvailable.ts.f2fef93d.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-14a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oD7xvjXOXzH8AlYVqC7gzbQ9xXFSfm%2F0axS70ZhKxqXXqBQic%2BXoKWx%2BR8k4aJOhmRZUORz%2BMvOzBDiOdeeOHud6nSfcQkMC7nysIKDtgE0VghuJLkSf6Ke3WtPphWhPFVW9y5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0ad8eae7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-redux-toolkit.esm.js.fe3487ca.js | 172.67.192.143 | 200 OK | 11 kB |
URL GET HTTP/3manylucksurvey.top/js/v-redux-toolkit.esm.js.fe3487ca.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (11319), with no line terminators Hash5aa3676547abc9a38889c09e69ca968d d19ea919192e86f97c34c0a5959ad05c52299aec 21648e7ba668a077e403b6bd1a38f05d55d987737b959d57e3b3c53787107eb7
GET /js/v-redux-toolkit.esm.js.fe3487ca.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-2c37"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HfyiWNkkcmDj8AZASqJGUZ6M7WQOkU9xTcWI2W6ywsHTnTnHv9KCGZLeybvbTUqarCcM7Z078eBvxnF7CVxDz6CP%2B4KM%2FGQkFs8VM9qt80qY7rtXQIK4pQhdfs6jrbGZ0%2F12tZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0ad9ec47128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/_core-survey.1b09882a.js | 172.67.192.143 | 200 OK | 170 kB |
URL GET HTTP/3manylucksurvey.top/js/_core-survey.1b09882a.js IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
Size170 kB (169676 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/_core-survey.1b09882a.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-296cc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c3TeUYayJKbGNKlbUx3Mv2bHeqW8ffas1BnOPJozW%2F9Y%2BTdFVBP5V4Aa8sW3VN%2BpKogHRDaquyxQImVZlTOEjODMpg%2Bx5sQzwKxHUMlynnnv8C2g6Lkri%2BLZBkEmbFOI0UBTD30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0ad9ed37128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/pfe/current/micro.tag.min.js?z=6163354&sw=/sw/sw6163354.js&var=4526262&var_3=null&var_4=null&ymid=2&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 | 172.67.192.143 | 200 OK | 27 kB |
URL GET HTTP/3manylucksurvey.top/pfe/current/micro.tag.min.js?z=6163354&sw=/sw/sw6163354.js&var=4526262&var_3=null&var_4=null&ymid=2&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 IP172.67.192.143:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (27174), with no line terminators Hash75c26ccd65e96e912725399ff3ce66e9 d300939979d2048844dc5ac80c51ed8121126f4e c9db5c92934b273ad485c58710d6fbc2d580c2923a99bb456b18cb5e1465f5cf
GET /pfe/current/micro.tag.min.js?z=6163354&sw=/sw/sw6163354.js&var=4526262&var_3=null&var_4=null&ymid=2&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 04:57:10 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-6a26"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDJFxrKVbuDeJZD3qNiUFBBlPv50oGD6CcD58xEdg%2B6jzgZrkA%2BS9XZcwBorRET2KKwSna1TeWFm0moVp432oJgResUD38urJFNFuTV%2F0fQ6X0o3djqdsbM4UClLP%2B7%2BlrBGbdo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fea0afd8407128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| offpichuan.com/rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5426182&var=4526262&ymid=2&uid=swe9azpz5bmreo236e7gnu2v7za034a0 | 139.45.197.237 | 200 OK | 2.8 kB |
URL GET HTTP/2offpichuan.com/rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5426182&var=4526262&ymid=2&uid=swe9azpz5bmreo236e7gnu2v7za034a0 IP139.45.197.237:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=3c00b5skqs48k CertificateIssuerLet's Encrypt Subjectoffpichuan.com Fingerprint8B:DE:51:B7:81:9E:EA:DE:73:A4:3D:67:F9:5E:6F:7B:F4:D6:77:5A ValidityMon, 15 Apr 2024 21:54:27 GMT - Sun, 14 Jul 2024 21:54:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2868), with no line terminators Hash5beba852f9aa9c71061efbab876a1899 10cb6dfc0bc6056bf8a7c71292c4eb3a777eaec2 a90f06b0649156f2a7efc1f6a78e771288322c8e6399649c290494c19bb01383
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5426182&var=4526262&ymid=2&uid=swe9azpz5bmreo236e7gnu2v7za034a0 HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 04:57:11 GMT
content-type: application/javascript
x-trace-id: 901b565138ec68d798da18eae956c7ac
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
vary: Origin
access-control-allow-origin: https://manylucksurvey.top
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=swe9azpz5bmreo236e7gnu2v7za034a0; expires=Wed, 07 May 2025 04:57:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|