| my.rtmark.net/gid.js?userId=sun1hyqykjte1waax5ktfyrzzx2sdenm | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=sun1hyqykjte1waax5ktfyrzzx2sdenm IP139.45.195.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash6be0eb01d0fb14c838fdee56a6094fab c2c0e0fe3d05014649933b837f19b538352fec55 d9d97ae96e26268b0bdfc58b328fb8a536f345ed6c83660de2a5b10542a3c95d
GET /gid.js?userId=sun1hyqykjte1waax5ktfyrzzx2sdenm HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=sun1hyqykjte1waax5ktfyrzzx2sdenm; expires=Sun, 04 May 2025 05:59:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/v-react-dom.production.min.js.c3329619.js | 104.21.44.8 | 200 OK | 57 kB |
URL GET HTTP/3manylucksurvey.top/js/v-react-dom.production.min.js.c3329619.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashc53e5e3d8c5ca5f1c4edbce65426edfc 36cc2e7e0b893d82bf5f457c7a62374019d0f7aa ed83bf6bc001bd6f841c76b67aedfd3bc02cb28fb5537a1d55804f5ad0515e39
GET /js/v-react-dom.production.min.js.c3329619.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=129359
etag: W/"662b7650-1f94f"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUuGlxLI0A2yQDehivVj98MrptVInBGjExZi3ndYPFy0pwy78FncxvqHsHcGEteuFunzKnF5cvfn2ekKVOo29QtfPbgr3vW6%2FbE8IubCw8lZwbx1nL%2ByKUQLbfH5rbLEZYsaSec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433e1b321bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-1.webp | 104.21.44.8 | 200 OK | 862 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-1.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x52, Scaling: [none]x[none], YUV color, decoders should clamp Hash384118eb5e49870ad443d90051c692cb 35a73704dcf55b3232f2e9cfc333ff2ecfdcc19f 1ae21006f04f15e16a8057644615cdf8a8a9b39db706f53ba9a925327a6a1635
GET /img/comments/person-sweep-1.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 862
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-35e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brxEm0W6dMfpu%2FYyk2cmmZeyW08goTIOX%2B7ZBjjentw%2Bzw7ATY%2FiMfbwlcYR3Fux9yVPI0%2BkWRYurSXQxUeH09Kl4e8Azm%2FMr0C5TUr1rhTRNBv2bHf07584WBDzryShcgviJNU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e64340fcc71bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-domparser.js.97173b2e.js | 104.21.44.8 | 200 OK | 1.3 kB |
URL GET HTTP/3manylucksurvey.top/js/v-domparser.js.97173b2e.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (1720), with no line terminators Hash52ca18eed5d7b4a88f79e075608522fb 8332ab1afc8d9c23d127cbc785fb41af81563732 ce352016d1e917abce6b5552ae2fdc941a8998300566b138d04383ae461f0a9d
GET /js/v-domparser.js.97173b2e.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-6b8"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LEyvMA0I8jqHJF7lOyjtHbRlp1PRmcXfSLsOublDWKlfdi4TQ6zrJ2k2D0Nbn0RWVMIO%2FbdtcZv9dV1LYrYXmPZHiA5Umm9o9AcGxwkLjs7vyrewvFjGrBPtyZwnOv%2BxirDw%2Fw0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643403c621bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-8.webp | 104.21.44.8 | 200 OK | 696 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-8.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash6a6742fef0cd1bd74f6da94e9fb833e1 ccaae2ff48574bbb04072b2efc5864b9177017a5 96bf5ed5aa8149269a215cf19a17889c762b8cddb2fe36229849c8379c2d4aa6
GET /img/comments/person-sweep-8.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 696
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-2b8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oxlvaDRMf6cH5VEDB8OlLkb%2Bj%2FvEKEo6II2xzl3BzkzMT5dFe8j%2FRehjwcOei%2BoAVypjXz97QFMc4BGOKN8JClwdDAZVBT4oKs4A0AJSyZLBI06OrNWb19coxAEwXNyS%2BX9v4NI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643410cd11bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/config/comments/en-sweep.json | 104.21.44.8 | 200 OK | 1.5 kB |
URL GET HTTP/3manylucksurvey.top/js/config/comments/en-sweep.json IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
Hash34fd116cfd6400f8aa25debb57f73719 10156ab51a9c0f1b1ec1f49c4993dfe25c2c609d 4ba9996bb189c0214098e767af678c6f9ecfc70edd78543b0ecc84e7793303c1
GET /js/config/comments/en-sweep.json HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/json
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-12f9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BM%2Bap4bisS8UCH%2BgCUgfdLlk7E6oySq%2BZbVVGDoGNvhGL1wsnqdYbTOWy9k8sTN4glb0UI5iJDgAamx0XXkITG4%2FYu159meiKTrSGoFXJDrQjn1AFag1Yqm3AQo4YeGLq8jcGOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643402c511bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-13.webp | 104.21.44.8 | 200 OK | 640 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-13.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash8532ec97225298a9c3ae5e393f62e462 fc26fa010830045fa91a16ac9b8c89c45bb35232 9c45568c99b7782b240341ba6729ecacc59d41a8ced9b9846ca4ac51e50c5320
GET /img/comments/person-sweep-13.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 640
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-280"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aLrXKoz7O6PXNRxSYcQrL88uZWYOvCa9rNr69pxCz5i3%2B7JnGXHMcQh8iyrjMR14PLucKVvGLcEH7Yc8tOV5sgQpikZjrpSpByc%2FX8kLfIecdaRq0RqtjpTYWL5x8hQmtO%2FtIDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643411cdc1bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/s-checkSessionStorageAvailable.ts.e8412d91.js | 104.21.44.8 | 200 OK | 2.3 kB |
URL GET HTTP/3manylucksurvey.top/js/s-checkSessionStorageAvailable.ts.e8412d91.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (330), with no line terminators Hasha1707fb484c103f2351843fcfb7028c4 43d3d0c0563335d6a9ba13a8920bdf7b70cea7bd bec32703d77fa5a512dd84399bdd43cb32735e483476e66d0eeb957a403c790c
GET /js/s-checkSessionStorageAvailable.ts.e8412d91.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-14a"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivP9cz%2FqzOWhCyaVsUgaUBCU9Ot%2FJuDB2qdydh3YhkOuiYuvDVIpafLArA%2F5vZ7o6RP0PjBKcjbAjcA0ZKdc2hkrmYldmeXD%2BweqUHkabaWcGisfrjZnd5NV63btYGO1bIMGoHc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433e0b2d1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/s-checkLocalStorageAvailable.ts.f2fef93d.js | 104.21.44.8 | 200 OK | 1.3 kB |
URL GET HTTP/3manylucksurvey.top/js/s-checkLocalStorageAvailable.ts.f2fef93d.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (330), with no line terminators Hashf23ca32d86f4a0e4179319172a667c74 a68d98bd989ff8804424b8b38f2104f5b562e4b4 0d92eabc50682ed456954a64fdfad12a54b3da489957e9e70479724f5503752f
GET /js/s-checkLocalStorageAvailable.ts.f2fef93d.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-14a"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bi3KqIhhtmaZBO4OD6NAtM3uhb7Rglzno0LhPSGSmC5JA9Wp8aqXKi9D8k1kzwwm3Aiog1iwr28m%2BvVwSZKjoxz2DZ59WzQlg75joiK8K7Bpgh4IXoYUXFGaUHn5WpDsH2FC%2FDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433e0b2f1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-constants.js.49317f47.js | 104.21.44.8 | 200 OK | 966 B |
URL GET HTTP/3manylucksurvey.top/js/v-constants.js.49317f47.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (600), with no line terminators Hash973e735a355fd5b10428c250e8fd7236 bd3fb14c90e2700400c69b15a84e317d52493bd9 16f1d5ca604ad59b9e5b484b1a0cf2d43eebda055ecee80ac847fbcc4437f0b2
GET /js/v-constants.js.49317f47.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-258"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L4Svk1OBKZPY9A%2Bi81mO3hs3tynPvr%2FPqMmxiCz3squMz%2FBTj3qghZZhvvtBLjyAuju%2Bm9tzVAFt3MXhhJN0PIycgDSamT81ytfdWvSAX7TbN%2BpWtzmbQBd33%2BvG30xaaiGKouw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643404c671bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 05:59:05 GMT
content-length: 0
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-12.webp | 104.21.44.8 | 200 OK | 668 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-12.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashc57b8a772545ee6e05fedb58c143beb1 6cb5aef79f86275a725cfdd406c7038b24d80aa9 03389ef007f0fd3486a5c71848fd2b67cc05341cf449bcdd34a81a1d4048b090
GET /img/comments/person-sweep-12.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 668
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-29c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oS0lSDRG%2Fy5E%2BqNrTmgUz83w2GeeKUwyronQWT2q0Dauvx5tRww0bPjIaQE6JW%2FiBoItmlxCAh28JB0YgjdGIFgmpL6T3Yf62riXV03iMz3R1BoUHkBwZrEfH7Eg11fT6IQMrtc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643411cdb1bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| offpichuan.com/track?offer_id=2755&z=4526262&request_var=2&variable2=1h2fgbikkscsc&oaid=sun1hyqykjte1waax5ktfyrzzx2sdenm | 139.45.197.237 | 200 OK | 182 B |
URL GET HTTP/2offpichuan.com/track?offer_id=2755&z=4526262&request_var=2&variable2=1h2fgbikkscsc&oaid=sun1hyqykjte1waax5ktfyrzzx2sdenm IP139.45.197.237:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerLet's Encrypt Subjectoffpichuan.com Fingerprint8B:DE:51:B7:81:9E:EA:DE:73:A4:3D:67:F9:5E:6F:7B:F4:D6:77:5A ValidityMon, 15 Apr 2024 21:54:27 GMT - Sun, 14 Jul 2024 21:54:26 GMT
Hash518fbbd5a95951cd6212498955368d69 f6b781a48dee7d09f5b29745c4ced1397642bbe1 f8c19e1cf3423fb386d154c3effb94bc2774d81de6af91588f731e2ce2b6a4f8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?offer_id=2755&z=4526262&request_var=2&variable2=1h2fgbikkscsc&oaid=sun1hyqykjte1waax5ktfyrzzx2sdenm HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/json
content-length: 182
x-trace-id: 40d673741cf15ae2a4b49d73345738f0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-14.webp | 104.21.44.8 | 200 OK | 626 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-14.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash7c494127025f1ec09a96c16bf0531a36 0c2f9302c41f99da9fb5eead2c364bdbdf435156 e6443a7cdcc5ee11ece88ce10824fd79851700e4bd3dc6259d1a816182b82e5b
GET /img/comments/person-sweep-14.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 626
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-272"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=myxp1aT7zfvtROCZAul79N4Q5D%2FKf6JLaa%2FYC%2Fr6l7oJCpopNSNfWcjTELB8swYQZl5UbvDIegksMyY8j9XAt1bRpnQ8E%2BjrrVuOfHbrgoUPxgiWoT5j%2BacO8UJoyoOBYpMve8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643411cdd1bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-15.webp | 104.21.44.8 | 200 OK | 576 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-15.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash6c0726564aa84c5f1161bd0051e0c5e0 6df7e7122e0d007e7ea187c3c35fbc869f8ef8e5 98ff0218f67c0bce5c834a0145c686f56d3a7ca1b948341a3181739da66883b2
GET /img/comments/person-sweep-15.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 576
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-240"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWDgYy%2BYWBFjQObMDwhDVZNO%2Fk%2Fm2VILRe0LW7Zg6PyaX9EXTDleJ9UHPo5gf8m6oDHkI5BrzkvmzmEajQvIUQLA%2BQ%2BXdjuZOpxfr9xbNH9FLTN2R4ndKkbrsvzW5cNnQeQ7HGs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643411cde1bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-2.webp | 104.21.44.8 | 200 OK | 538 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-2.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashe4d97f0d392aca4fa78b0928438d0168 55f713d8826a9a65e11fddf4c5fa4ea5939953b2 7058be64334990621fbc8cc06782aac5116c6e8a6d7700d892cb8b36f06c5866
GET /img/comments/person-sweep-2.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 538
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-21a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNjgbAsGLgY08tqDF%2BnhgKWFk4z2x1ob2bYkggu4r9Kkbt7pWfR5%2BxZMGIslyjiNzlNd%2BrgTt1FHH9ZNDAfEeOjin3RxhkhB1O%2Fz88O0mOg4nbv4rrxRA4Dt2TT6WIWpqV8uFPE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e64340fcc81bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-index.js.da9f7529.js | 104.21.44.8 | 200 OK | 14 kB |
URL GET HTTP/3manylucksurvey.top/js/v-index.js.da9f7529.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (40911) Hashf0c16b073e12930f7cbd321dd6f8f9b9 af74daaab1c8cb17152c3352d40ab89afea0b29d 9058ace69791e8a1eb5f9849c20a6dcd6e0f9018696ed0e563c3da7082aec861
GET /js/v-index.js.da9f7529.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-a01c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOspIF1AyiKVBDa%2FZD8BJ5EycUHXhUvoo%2BtidibSW6OeXlkGIvKSO%2Fkm7gdwynxu%2FwrN6JZXbYM%2FgCtgv4OB4%2FkmK7lK7yFgP%2FkBsIso30e7zj%2BOox7LcluKhcEpLgd4U2ZfQiQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433e0b2a1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-9.webp | 104.21.44.8 | 200 OK | 818 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-9.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hasha61b1f29004e5a54130bc57051a49c0d 7f60eef07e311b3598895343111d90282a002ea0 b3de11ad2ace70aa9786af4a9e65db774466fe25aca16e16dabdfa7ec76b0a53
GET /img/comments/person-sweep-9.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 818
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-332"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tSQkQ46%2BjgN7ydIZ50Oe1OF2pAwnybdVbbIXzua%2ByEEHnm8i0P9o9XPojCA9ZokqjMf0j7BT4p9GRuygAarUQf6GDmuFh%2Bn1OXwJRAwqSxyWOUp50MScoJlx7HxXbCgtKU0hGDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643410cd31bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-10.webp | 104.21.44.8 | 200 OK | 572 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-10.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash206819c13484a7a818f1e4499be3704e ada2f34308d6eaa0d004ed0c732e5a3aa7fda1db f4eed862cbcf8f9ce2bde63cf3e13e73ed3e58ac93ec4bb14301b248c4d58e1f
GET /img/comments/person-sweep-10.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 572
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-23c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZnGxDuZbeysxU9xBKPtmx9DIHQVin8vaPLmxw8BmW4KgbZ0bhD0jE0723wJSkaVmZ4CJUxF2SWv1CcMhG1S6yOrM%2FWfpNFv2494RmoxYA03XgOXKbnqI8nu9kmTL2Cke8roXcI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643410cd51bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-16.webp | 104.21.44.8 | 200 OK | 734 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-16.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash0e8c55db8fda61ba2565a293b72e36e1 ef9deaad0f8a71da57252bcf543ea369673d39ff 79b1a144ec7d571b7a155cd2852da72e89b2954affca1448001e3fed2227cb34
GET /img/comments/person-sweep-16.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 734
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-2de"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3d3OemgAGJEdqodETerUtK82PGJqQgL1Hrhfr5CvCGyGWH91luvMKc5QyhlOnGqItnENqtz1VCJSHiRjeXJkTPBEp9Cj0oAOtnPzZuFj%2F%2B%2BGA%2Bnj90gGc9XV%2FCmoVCg4baF0VdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643411ce01bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 722
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: d207d22c181091f45873dff5d5599edf
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/_each-land-config.3299fec3.js | 104.21.44.8 | 200 OK | 22 kB |
URL GET HTTP/3manylucksurvey.top/js/_each-land-config.3299fec3.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash0ba3468fb169d838d511e11b5b33eaef fb53785cd4dcc6e5cf0fcebfcafed46a3968cbe9 6de414b4180a6f11c4f5a9ba570d5e97ac8e596b1f9c1bb86872a11ecd416384
GET /js/_each-land-config.3299fec3.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72043
etag: W/"662b7651-1196b"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9H%2BJ4bbWTPNR2b5gkQg4fBUTvgGy%2FjovVPD%2BjBfM1Gl1PLY%2BosbGaGt9YSYjcbiOugTJp3%2Fxoc3DdnoN7lH7j4DWrb98wDo7hjglz8gMbSlOn6pKwbllnsSSageWMPlIsbz9Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433e1b311bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 05:59:05 GMT
content-length: 0
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/_rtc.f86a36d7.js | 104.21.44.8 | 200 OK | 6.2 kB |
URL GET HTTP/3manylucksurvey.top/js/_rtc.f86a36d7.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (12222), with no line terminators Hash128d6eec0793a7e02c314d2f6245f260 c9f09311c3f229b770f38d0cc69b422430f1c748 bf1606ac64db254cc565a094e7162a96f31f7e48ddece56fc92c654559e5abb8
GET /js/_rtc.f86a36d7.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-2fbe"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NznL%2FOywyKr%2FbUGpHt2VdNnOpq8piwEaH0WTBFsCyPISJi0CJkcd2ezmV4i7O55y2FADv9yxrGdciRNND81r9hylmIzLEseCQph4DBiAMEsL2Seqt2%2F%2F%2FK4myhg5kPdOyfwdDw8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433e0b291bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/config/sd/sd-2755-en.js?v=10 | 104.21.44.8 | 200 OK | 2.0 kB |
URL GET HTTP/3manylucksurvey.top/js/config/sd/sd-2755-en.js?v=10 IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (6124), with no line terminators Hashbd31942fdf7b7c72a6c515cb6ba97649 a435973c510b908086a8986ff9635c12e1b9f4a9 c54b10f926167c51201e86f32ca575b5a64880f9c3be43f7ebae2740f5ebf9cd
GET /js/config/sd/sd-2755-en.js?v=10 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-17ec"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FyME%2BbwSd8Z%2BEayXXvG1CuDaf%2Fdf3u6%2BXRPBwt7vOR5n6mWDfQYMUw7cpbnA8Tz9qepNuOk8LW1IGjU4wl71uaBBl%2FbaT1SBd21gN2H3j4tk8pJ6riiI3WF3OpXwgiuevG7UAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433f3bca1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 803
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 1d6247a8e5b537ef180733b722db1c8d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2573
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 3025772f2df60bbda88bc73b9b4f0e74
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ofklefkian.com/zone?&pub=0&zone_id=6163354&is_mobile=false&domain=manylucksurvey.top&var=4526262&ymid=2&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2ofklefkian.com/zone?&pub=0&zone_id=6163354&is_mobile=false&domain=manylucksurvey.top&var=4526262&ymid=2&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest IP139.45.197.251:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerLet's Encrypt Subjectofklefkian.com Fingerprint04:A9:FE:8D:C9:B9:EE:6F:3A:C4:29:EA:19:AD:C3:1D:7D:3E:14:02 ValiditySun, 14 Apr 2024 05:38:05 GMT - Sat, 13 Jul 2024 05:38:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6163354&is_mobile=false&domain=manylucksurvey.top&var=4526262&ymid=2&var_3=null&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest HTTP/1.1
Host: ofklefkian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 05:59:05 GMT
content-length: 0
x-trace-id: c1e9154159c238a55be15891c4a34db3
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/sweep/tokens10k.png | 104.21.44.8 | 200 OK | 82 kB |
URL GET HTTP/3manylucksurvey.top/img/sweep/tokens10k.png IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typePNG image data, 480 x 500, 8-bit colormap, non-interlaced Hash10337a4976db716ba3b8cad1f0f1f736 788015c74e561249cc5318fc178e564b68bce44d fef211dba7465da86e75019f78dcdf59af496394963b0bc6cc78b02286effe58
GET /img/sweep/tokens10k.png HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/png
content-length: 82163
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-140f3"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9lYh6gNpsFnRIzs17QRAdAB0XwjKNBPx9OgTx2neb9Fqhpi3Ogy9xWORPxjC4cYQG03vE4%2FIuzQTGu%2FrR%2FPjO6LxOvwj5QMjv4J%2FKbGAr16yzzbZr5Av3fXDf2vmpES%2F1D9RONU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643429d9e1bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=1e0f411d-120f-48f3-aded-c3a94f594942 | 37.48.68.71 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=1e0f411d-120f-48f3-aded-c3a94f594942 IP37.48.68.71:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=1e0f411d-120f-48f3-aded-c3a94f594942 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1454
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 04 May 2024 05:59:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://manylucksurvey.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| manylucksurvey.top/favicon.ico | 104.21.44.8 | 200 OK | 1.2 kB |
URL GET HTTP/3manylucksurvey.top/favicon.ico IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash668ba1a9fa1890ba16cb8adc28d3dad8 5e35223b2541265114eaf61b9da2556c812fea17 7746cf1b553433822522f2dc432f55fe64eee1f1cf823ef6adfde02e58e1d7e2
GET /favicon.ico HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/x-icon
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-47e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSkoeSv2onAFeGp%2BXHFqlY2tQy1obxLCXCqG7y9PNDtrQDjCUqPYuTkN5dsE0bi1PPCc25IXAKfRXyRgHwcOwO2xmID%2FrdPX6v9KKneZPBl8C530PVo3XyJ9317QpIoAN6qTK3Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643450ec21bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/pfe/current/micro.tag.min.js?z=6163354&sw=/sw/sw6163354.js&var=4526262&var_3=null&var_4=null&ymid=2&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 | 104.21.44.8 | 200 OK | 16 kB |
URL GET HTTP/3manylucksurvey.top/pfe/current/micro.tag.min.js?z=6163354&sw=/sw/sw6163354.js&var=4526262&var_3=null&var_4=null&ymid=2&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (27174), with no line terminators Hash75c26ccd65e96e912725399ff3ce66e9 d300939979d2048844dc5ac80c51ed8121126f4e c9db5c92934b273ad485c58710d6fbc2d580c2923a99bb456b18cb5e1465f5cf
GET /pfe/current/micro.tag.min.js?z=6163354&sw=/sw/sw6163354.js&var=4526262&var_3=null&var_4=null&ymid=2&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-6a26"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mx9VxEEUshPezmMOs%2BQinc%2Bx7SmnykvFXZA%2BdGZQ6AY8w1u2yWqp8513U0%2Bj3zRm5Nur2UGW%2Buqyj04uZINoYGUnu5urxcikBkT4ZvOHgTR8aUZkVBMPAFYsidafzP2sAvvdSPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433fec331bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-redux-toolkit.esm.js.fe3487ca.js | 104.21.44.8 | 200 OK | 11 kB |
URL GET HTTP/3manylucksurvey.top/js/v-redux-toolkit.esm.js.fe3487ca.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (11319), with no line terminators Hash5aa3676547abc9a38889c09e69ca968d d19ea919192e86f97c34c0a5959ad05c52299aec 21648e7ba668a077e403b6bd1a38f05d55d987737b959d57e3b3c53787107eb7
GET /js/v-redux-toolkit.esm.js.fe3487ca.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7652-2c37"
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRk8Xinu5bjr%2B4e79uN2pdkqxXPTifJbLFlp%2FU19E0eE15Ugq7PoBTsIkJRo1vdePust8dSiRuXxTjpaZU30LZFMCwrZYBtwvamvKPWlQHXhMbKTosUAMWC%2BYeo%2FTz7AAq%2FY5Vg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433e1b301bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/_core-survey.1b09882a.js | 104.21.44.8 | 200 OK | 170 kB |
URL GET HTTP/3manylucksurvey.top/js/_core-survey.1b09882a.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
Size170 kB (169673 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/_core-survey.1b09882a.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=169676
etag: W/"662b7651-296cc"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNU0h66SCW3Z%2BU91zSqlyigU47UoXMS3jsRJgtshCgIiqbDY4h8MXLpjSoiKqgdi13JoaziTp6RWT9eIGYE3NxsBbLILJzHid9IskB4RLtplEUO%2Bu9v3MQ5IHbKkaPp%2Bk7FR1is%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433e1b361bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-index.mjs.19622407.js | 104.21.44.8 | 200 OK | 35 kB |
URL GET HTTP/3manylucksurvey.top/js/v-index.mjs.19622407.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (35287), with no line terminators Hash1de1ec2d8e7940b88970d8fbce40ed6d 510aa24127fb8bc3578d9ca4628b2eea5a84ce01 b473156bef833bcfb2e84658093f1ebc1e64011dcba904e26ccb31f1cad8b762
GET /js/v-index.mjs.19622407.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-89d7"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lto8PnX1PZCRbW2tHDb1fBH5d6UutyMnMqjkM%2BSBLuJlpiCxBwGaH8qCo0Z45x4wQAQp%2Bk%2FhuwsRX5n2Oj6olqVXCMRZ2KlnplIOuLK6FUWYzl2cPCECG09VYFszkE7Kqx3DIMA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643403c591bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-utilities.js.d1112fc4.js | 104.21.44.8 | 200 OK | 2.6 kB |
URL GET HTTP/3manylucksurvey.top/js/v-utilities.js.d1112fc4.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (2645), with no line terminators Hash3f45699a0edf3555d230727e3e1ba866 f30b9f52153e77b9ce60a30ecb15f36657792908 1b312ac32a5c37ffe1c4bf861a048a76d807155fe494adf5dd356d067367f488
GET /js/v-utilities.js.d1112fc4.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-a11"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vnSmuICU2zzNN3aKnFvvC4sepHzT7O1GfbIEtUOEv0BDm19AdY%2BtigqnSmgU1XJ%2FoiPiBng9NUa46HD%2B4FQ0WUAuY0cZORUWTbnqmctUJ%2BdwasSXtHXn9FjTsJjMZy7%2Bv1mRq4A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643403c5f1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-html-to-dom.js.ff1ae7e0.js | 104.21.44.8 | 200 OK | 364 B |
URL GET HTTP/3manylucksurvey.top/js/v-html-to-dom.js.ff1ae7e0.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (373), with no line terminators Hash57f543d4f79657dc92755e2f2031da65 4884f924743049d7812b58958633a40f65e159b5 0fcc39a4a2b765b1ed92a6093fe6dc70e0a886914746f5af6fda6e3d1dc7417d
GET /js/v-html-to-dom.js.ff1ae7e0.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-16c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8cUa0XRv08CbLPdqqc27VUlOjkUmOsPUmnRzUXP%2FfbT8io2rzkIVm57PO%2BJi%2FI%2F%2BfM5i7xWjza9Oh4lOgFK9VFB0Vm4oFWBrQKeRRnR6q7DXsb2kgaJdmZi4JFAEsievENkxW1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643404c661bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-6.webp | 104.21.44.8 | 200 OK | 462 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-6.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashdfb961fdb848e75591268fde9c186902 2218e96a5c5081f5bef43fda74fd8f0cbb025003 4cf92de9b24fb1484bc1d97880c20589e113b9b1f065df1963e0648f3a38474d
GET /img/comments/person-sweep-6.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 462
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-1ce"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SIGpbgWnQaJLQ020SZiL0vhPEHljSkOHbhYdf3KoTa5BGN%2F4muPdYjF1lEiRvViMa6AOBu%2FPlky%2FOy561BuKYMSnMmaGAmoG%2Fne4xKXvZ78cDfMGZPNqAzrqYC2WU3Q0%2BlnO%2BIs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643410ccf1bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 175 B |
IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
File typeASCII text, with no line terminators Hash58b9e7b7a5bba692f1eb3a17dea233da 99f225203cc95e5a6dd6cc65464f96b743e4af3c 3ff6218296bfa7ca95d707fbafd46f919aa4a9858a307e5746aa5dde89875db5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 153
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/json; charset=utf-8
content-length: 175
x-trace-id: d585c015c73aeb49f157926b8d00d7d4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc | 104.21.44.8 | 200 OK | 7.9 kB |
URL User Request GET HTTP/2manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc IP104.21.44.8:443
CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeHTML document, ASCII text, with very long lines (8134), with no line terminators Hashf99d54c9ee3865f982d1099bdc61155f 83955028f7a58acbd0a2199f79ae501d6d3afa56 d122da6bad371a70444aede6db6ac774d49b2f913ef0c9b83a68dc38dfb48379
GET /sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: text/html
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xzmRdhhT8wfk%2Fx76KSWvQlMaMyDdx3xxaMKt2eXr2lwQ3HJEA%2BuEbZYRX%2B7zv9u5swuoTLPlNXAKB57vcVyrCEqEeMSu%2FovGIF%2BDprvrXrtxwQ3kWgUTBSl24vQFx6eaEOAjPM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433bbd3256c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/v-possibleStandardNamesOptimized.js.205abacb.js | 104.21.44.8 | 200 OK | 7.6 kB |
URL GET HTTP/3manylucksurvey.top/js/v-possibleStandardNamesOptimized.js.205abacb.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (7923), with no line terminators Hashf80cb2aef29b4a80d135d1a598ce1dfa 0653306df1fd8d8591f84661643825e41684d3f6 43c16ae11cea687efa4ca55dec516b23257c3fcb22c9d3541041f1816aaa7b5b
GET /js/v-possibleStandardNamesOptimized.js.205abacb.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-1d99"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rHYcoXtx9Boy4UUNvrYLBvsvQnofoD1Dp3AZlYhvsfplPodahML49GOWdiQh4FM1pMh84wRe5Y%2BLq4kl34YhpJYegySReeVdEdZVu%2BWuPadGnyh5SRidLjPaD3XDea2ntkNt%2FAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643403c5c1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/sweeps-survey.724f05c4.js | 104.21.44.8 | 200 OK | 5.8 kB |
URL GET HTTP/3manylucksurvey.top/js/sweeps-survey.724f05c4.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (6111), with no line terminators Hash8f7b854a31f40bf9be7af8ea81b5f176 bd2ea265c24d6147930a142b34527dcb4d55879e 0f7d320f1c7de2e4777cf2a8c99fb464188c4d196fb82c640f6d1b3d6f592cce
GET /js/sweeps-survey.724f05c4.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-16d0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qXFUUuwizXFwDTvc87ALp0iLf0lhFscubM9bjhmTkAzojCQ2rWpn6GMKPLf39LwYil6tOScoZGPGAZPZgzU157gLDZhn294tDj51OuPg7LJUS3CFNggRfQIwv%2B24auE94id20VE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433e1b371bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/sw/sw6163354.js?var=4526262&var_3=null&var_4=null&ymid=2&ab2_ttl=5184000000 | 104.21.44.8 | 200 OK | 1.3 kB |
URL GET HTTP/3manylucksurvey.top/sw/sw6163354.js?var=4526262&var_3=null&var_4=null&ymid=2&ab2_ttl=5184000000 IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (1381), with no line terminators Hash56e24b61a2bdcee6653266001d61811f 72daff35f0c76a0104611b4e1d7b3009ef07aa7d 02d38e897a9a6aa6f918839e1fba3a35956b800ff8e24e172e999ca202506ef7
GET /sw/sw6163354.js?var=4526262&var_3=null&var_4=null&ymid=2&ab2_ttl=5184000000 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-529"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1XqtGJ1GFq%2B1erQkMYz8YnVas%2BlmJXd8ciM7jjSLAxpIH5vFni%2F2at00iBxPE2GeGbiC9rzhnzeh6v0VR49kV%2Fv9AU%2BNPWyy2ZUPR2vGhfIxaqZ5Ri3hQMgqI5nFk43nMymhao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e64341ad211bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-3.webp | 104.21.44.8 | 200 OK | 582 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-3.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash8347ebfbfa18beba17d356a3dbacb100 f1d66a05e07953cea27fe277e72a495a8e3de2e7 318e494a7bcf7cb28173e54feebeb44ba93b4c17a423c7036d2fcac40e4db6cd
GET /img/comments/person-sweep-3.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 582
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-246"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hL7WGqFhWIQr73H9NII8cpFhh6OqdkwBInz5Be9gvqfu1ThgptkaW6lh8oekjDPqekbZqOH0iwpL5EGiTVa2TsMn3xflxIjB6yNSsDj8qRaDAgFRvlCvCYoP23nBmaAZJZ1dR9I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643410ccb1bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/css/sweeps-survey.f5ae42b0.css | 104.21.44.8 | 200 OK | 94 kB |
URL GET HTTP/3manylucksurvey.top/css/sweeps-survey.f5ae42b0.css IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (46760) Hash009115228eec8ac69e3edb47a94029a3 81b1db77707b34ba69f798116975d95a4fa72694 6e782711eee2ca7a37a5e8e22288f3ffe774bc2a7ba5a200fb4807213b1ab701
GET /css/sweeps-survey.f5ae42b0.css HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-16dfe"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GsURENPpnbpjIQwsLbjE6ig%2Fp4TslEKXGV56GX74xJvp8HbQR9a5AsB8QA5y8RY9z15B%2Fyej3DLEX%2FfRpQJ76u9okcj7rUPjpOHbpvxa5QAdTJL1zfMGCbHMhP%2FcJSR7gpGwnc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433e1b3e1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/css/SweepHeader.8e7220ee.css | 104.21.44.8 | 200 OK | 370 B |
URL GET HTTP/3manylucksurvey.top/css/SweepHeader.8e7220ee.css IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (371), with no line terminators Hash8886cb494486485bba50c48555e00391 e60d061452ad5c8d5a4a09e83591fc959d74eba3 def39210897ee7d5f49afef630fe6eaac980a81d905d2fd4785df53efb12b4f1
GET /css/SweepHeader.8e7220ee.css HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-172"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JiprzGRppCROijPAoXzP2U7xrVwQgWCQCNkfnFHW7RILmbS7FzpuWkZofrh2EWgdAamOXOXcZxS90KSd%2BQOwD9Z0xgxlOkP8haM9KOR1CX3HyMRY9vXLvX6aVDr0TtcHe23v3cw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643402c551bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-7.webp | 104.21.44.8 | 200 OK | 610 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-7.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hasheb52e160b8ea5a1e0de8b2453f46d642 4d28311b4ca822a0a74e318c9d1f54def088b509 2e9c67781abf2cfbabb240bfd08ca836658063849f3303b85027203eec1d37c5
GET /img/comments/person-sweep-7.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 610
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-262"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b4RKjlbn4EqjUDRA2DUOWUT4QtINcVpfSFA8rxeiNNJmFHhrRf1PejjcLhTyrCg7%2FpjXOMr7Eixy5DRm0wlntBagKQiDGXVFplkzisTKmV95J0bjOSW4Fk3zWgKcACf6OcUQ6AA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643410cd01bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/config/dict/cookie-consent-1.json?v=10 | 104.21.44.8 | 200 OK | 6.8 kB |
URL GET HTTP/3manylucksurvey.top/js/config/dict/cookie-consent-1.json?v=10 IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6009), with no line terminators Hash4b2ff958e811a50d2f641818590b443d 6abae297812bb55fad869e953e7fdf7469cbe1ae 9c77a5f3d0028d9ba122ed15728ee7b144619431f8302503a19c5785ddaa06b8
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/json
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-1a65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5YPBV5zvtpXgwA7WNzALPSQ9XvVxonxmSuER2iE5V4xZv04B9JQZcvmS%2BKD4H9qWuRaXWXJuOu21urfw8APAWcGkxFakG%2FLjWWF2oLYcFckhgTCoHHZPLOdSX5KCQUzPfoWqZgA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433f6bdd1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/SurveyContainer.e2959212.js | 104.21.44.8 | 200 OK | 57 kB |
URL GET HTTP/3manylucksurvey.top/js/SurveyContainer.e2959212.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (57003) Hash1716bf0d79004adf0eb2cdcd64159891 67852b096bcc8817fb0b9b98abf264e40a59310c 56cd17eb9def743ef4bc4909a6eacb77266b749181cfcaec4d478336b1c6ff21
GET /js/SurveyContainer.e2959212.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-defd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CXCBri3Wt1Q2cVdYpD8p%2FGnptxeBl2sV8w5MRIhm3A3h2kpFTtPxd9McdtRvNsX%2FgCupHFS1gd%2B5UQXnp1UOWmVR50eJlsl4%2FaHktWWa4nlWCs%2B7%2Bdkfgdo4QXTsPDrhG7k4zrs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643404c6a1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/s-storageService.js.bb9f7a22.js | 104.21.44.8 | 200 OK | 2.2 kB |
URL GET HTTP/3manylucksurvey.top/js/s-storageService.js.bb9f7a22.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (2216), with no line terminators Hash803fe057e4762b54a284184815cfb62e e748b6c77988934fe2b458b61a93e35f22cfecbc 0552fbab13dd0597298180b4d1c5e1a8a2ca66e121e3ab892f100366c8d45d3c
GET /js/s-storageService.js.bb9f7a22.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-87a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KesHL%2BUMc9vUElQvWaRAC9MxZGb15zq%2Fw%2FtgDDVGXvlmzOvBx%2FMj6uG35PJSx2c9iuwXwIYQ2PSbCnlVzKQ1gPB5PAICyM3Rxe36so%2FBJnWexszDgmRGq6OLbaQAgx4esoJdONA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433e0b2b1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/pfe/current/stattag.js | 104.21.44.8 | 200 OK | 19 kB |
URL GET HTTP/3manylucksurvey.top/pfe/current/stattag.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (19053), with no line terminators Hash3a74216e872211a9c770302bb7d4a63f 7e63556174a7d66eee407218e503ec0aae2c0f9e 03405209d89a927b81d53eb13968663069760776389c5400bb79d11bd9f78f78
GET /pfe/current/stattag.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7652-4a6d"
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oVLy1CIoT7E1%2FdWacOfwtplG8qpURU%2FJUGB%2FplGRNNyXEY5mSbC7lvWc9qPsw9Gnam3cKkIqZ2TLsdgxs0T04E8Bt8%2BqHpCWHYbGWQkfQ9sHbDhEEtLk3pN7DcZlim2VzW45ga8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643425d821bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| offpichuan.com/rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5426182&var=4526262&ymid=2&uid=sun1hyqykjte1waax5ktfyrzzx2sdenm | 139.45.197.237 | 200 OK | 3.3 kB |
URL GET HTTP/2offpichuan.com/rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5426182&var=4526262&ymid=2&uid=sun1hyqykjte1waax5ktfyrzzx2sdenm IP139.45.197.237:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerLet's Encrypt Subjectoffpichuan.com Fingerprint8B:DE:51:B7:81:9E:EA:DE:73:A4:3D:67:F9:5E:6F:7B:F4:D6:77:5A ValidityMon, 15 Apr 2024 21:54:27 GMT - Sun, 14 Jul 2024 21:54:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3360), with no line terminators Hash87b381b0bde292bfa7989724a189a2db 68896c95ca1f2401376e2e0b0ed458e18c5b9231 2429db2f31e5455f03fc8909235233cb1f882f4a086614bd8eccb5d0a9c9d547
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5426182&var=4526262&ymid=2&uid=sun1hyqykjte1waax5ktfyrzzx2sdenm HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
x-trace-id: a989615e4e7039abeb1a00624448db6b
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://manylucksurvey.top
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; expires=Sun, 04 May 2025 05:59:05 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-4.webp | 104.21.44.8 | 200 OK | 800 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-4.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashb1c95558f71bd6614c52433c225b6a28 7c903c12b48199ac1e1b3c8846baf12693b97a28 8e5987af9fd886b03617f6e4980035a877697b9ccdeb9f002c41baa1d6ee8912
GET /img/comments/person-sweep-4.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 800
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-320"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b63nDyaQX1%2F6Uy8MPBaY9r%2FjbuAA%2Firi74qdkHXM2XzD%2BvzdaTl3x5JAo7D3kY1p8h29vSJitZknfB41Jb7N34rqCmft3mQV%2BOpBcTpPN3vpr465mzQPdFIRX7%2FSZs10Uf2t%2FP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643410ccc1bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 0 B |
IP139.45.197.248:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://manylucksurvey.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 05:59:05 GMT
content-length: 0
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/css/_core-survey.d3ac2ee0.css | 104.21.44.8 | 200 OK | 83 B |
URL GET HTTP/3manylucksurvey.top/css/_core-survey.d3ac2ee0.css IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with no line terminators Hash30d726a40ffe74d794b282ca1795b44c b43155653a1b9cc8d257687df9a75e0f204db348 4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
GET /css/_core-survey.d3ac2ee0.css HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:04 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=84
etag: W/"662b7650-54"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hx1DokjkaY8%2Ftk9ViuStXCUk6i36Gs%2Bw6Hh1cjOVFEOnq4UwDDxJZ8XWZI1npdQZcK%2F9tEPDLRGIc81VauYAGcd3oSd3rwJ4LZUdDZcOKcwFOc%2B9UQUsGsVehJfXhoTH5BmHL04%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6433e1b3d1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-node.js.28d8082c.js | 104.21.44.8 | 200 OK | 6.3 kB |
URL GET HTTP/3manylucksurvey.top/js/v-node.js.28d8082c.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (6337), with no line terminators Hashb11cf8c1d8d8183e4d11a8f17a41189c 2f912e66ec3992d21e66e7c8e4ff40a2142a4d64 9e69f7af4cfb7fa8b5eb0d67ed8a36f5d23c276ba29b7209565faefab84b71ba
GET /js/v-node.js.28d8082c.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-186b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJMMd9DSt7LSf7MJ8mURGxQ%2BDscse2Ob0OsgvfvyZPtE7z%2BoaJ5yc7luVR9w8RTU%2FLoj0XPZd4RtPB1JACcX1IBGGhnmnsfkxNYpdgi0oJil5RPSb60cuias2t0c7uemm9VjUgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643403c5b1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-attributes-to-props.js.a2e7cd04.js | 104.21.44.8 | 200 OK | 702 B |
URL GET HTTP/3manylucksurvey.top/js/v-attributes-to-props.js.a2e7cd04.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeASCII text, with very long lines (718), with no line terminators Hash4f868b7a0330d32e1450766a54886355 4b5952301185e7b02e2cdcba80f4aea3de700c47 2435c4b396d0b35fca9f618a201479cdcd64e84d43a386eec071a4082d7a781f
GET /js/v-attributes-to-props.js.a2e7cd04.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-2be"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BbqWqyL8FhwmrZInMTw3g0kgUqeesKGd%2F5y11PHVDYKQJxksc32Xtjy29FVJ08VQNL6JXJTTbnWjHHcRWacLW1BugjJ7PScas0veuL7uqGbn0Wo%2FK58F0hdgZfjJH7BB8FjKqds%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643403c641bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-5.webp | 104.21.44.8 | 200 OK | 588 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-5.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash25e1107a0e365082ccd6093e0073f05c 7b0d3c741f2bbabbcac99f29bee8cf2f9eaa1841 935ec86b128c0bb7bfafc5915a46c0c3709c47b90509e26e4c994d8ef5587cf2
GET /img/comments/person-sweep-5.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 588
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-24c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQRDjogZ1pslYcppZtf6YIPfGKwmiUG%2FA0Ul5lOefoVlmjOj34Y6auovN5UwmhFz9sYsF81AIICRRBBQaAqZ5HCm9Nf31bROsiv68UICSDLxrN%2BjCuyE2HIgodvqPfY9v7AyYF8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643410cce1bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/img/comments/person-sweep-11.webp | 104.21.44.8 | 200 OK | 502 B |
URL GET HTTP/3manylucksurvey.top/img/comments/person-sweep-11.webp IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash7ec874233fc75e1ec8df712b7ebbd7d2 cc219fb2b7e6057a8303283023dd1aa09a082455 9bb6b14a5a503d3c52bc6fc2e7c236a90e7971ceb41cb99e5245fcfc39ef328b
GET /img/comments/person-sweep-11.webp HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: image/webp
content-length: 502
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-1f6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ve18xm%2FfQwKXbsg9%2ByfZSOPOZFz9QpdSXy8JduuRAffmU83GSdOEBI2bfHxW7CEvGTIVP1vJknA7qCQFeG9pO%2BDWrc8pYAaZ0El7OE3jIN24nDDpoQ5WPZVJS1xKg7Sy%2BU%2B5kw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643411cda1bfa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/v-dom-to-react.js.26fdf751.js | 104.21.44.8 | 200 OK | 1.1 kB |
URL GET HTTP/3manylucksurvey.top/js/v-dom-to-react.js.26fdf751.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (1101), with no line terminators Hash5693cb2629dd3231ce6fed788c41b150 872d71cae7dddc37389be6bae0fc4a5b611ec9c0 b312636bf1d349d818517865e89c22f8b9ef9e61d1805cf315e44241ccc05d26
GET /js/v-dom-to-react.js.26fdf751.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-43d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oRI%2FyKCAYnoEAFOIRtNI5FfiPSEd89SMDxKgNW8ip7zO64v1AJjjP0Bxu%2BppbNTPB1BTjccolqEdJRa8Brp9y6f0D0MI396J%2FwBgcwwYjKEJM0jGFP%2FsXDyvvMjMnTztxZB%2F%2Fd4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643403c631bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| manylucksurvey.top/js/SweepHeader.b279c2bf.js | 104.21.44.8 | 200 OK | 1.0 kB |
URL GET HTTP/3manylucksurvey.top/js/SweepHeader.b279c2bf.js IP104.21.44.8:443
Requested byhttps://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=2&ymid=1h2fgbikkscsc CertificateIssuerGoogle Trust Services LLC Subjectmanylucksurvey.top FingerprintAC:69:C8:E1:04:12:CB:C9:C1:1E:B9:A4:38:CF:5B:C5:36:50:CF:6C ValidityThu, 28 Mar 2024 03:03:06 GMT - Wed, 26 Jun 2024 03:03:05 GMT
File typeJavaScript source, ASCII text, with very long lines (1037), with no line terminators Hash2e626e379cd279ef9c48f14ab477b511 f2dd393696f57bf5b57f83df9e0dd5b7c5f529ef 8c1a40755ecf0c0d6fd8615a51af69a4867071ad92715cbeafdd16f061451627
GET /js/SweepHeader.b279c2bf.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=sun1hyqykjte1waax5ktfyrzzx2sdenm; syncedCookie=true; oaidts=1714802344; ID=sun1hyqykjte1waax5ktfyrzzx2sdenm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 05:59:05 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-3f1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EjtQMEZGttSj%2BHp9wfIWInSttiaVm6u0Cwc6LRgpr1ScKj%2F0NEfoE%2BKrNpgZ%2BWQTkDOOEdxCBz8oRH1GQUnv53WX2yTOwysF2BcDs3K8iHHrq4Rms4qAjSCK38IO4sSdU1jTPEI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e643403c571bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|