Report - phythmspeters.com/d2455479-6abd-4e3a-a6b7-a1ead1a8c882

Report Overview

Submitted URL
phythmspeters.com/d2455479-6abd-4e3a-a6b7-a1ead1a8c882
IP
18.156.16.63
ASN
#16509 AMAZON-02
Submitted
2022-09-02 04:54:13
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	172.64.155.188
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	836 B	3.6 kB	139.45.195.8
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	7.1 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
ugyplysh.com	51119	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	909 B	1.6 kB	139.45.197.253
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.149.101.24
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	80 kB	93.158.134.119
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
topgiftssurvey.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	541 B	653 B	172.67.131.122
cdntechone.com	64371	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	313 B	849 B	172.67.160.61
phythmspeters.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	1.1 kB	18.156.16.63
itcleffaom.com	72236	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	890 B	1.7 kB	139.45.197.237
datatechonert.com	46154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	449 B	486 B	139.45.195.253
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	347 B	1.4 kB	104.18.21.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	47 kB	143.204.55.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-02	medium	phythmspeters.com/d2455479-6abd-4e3a-a6b7-a1ead1a8c882	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-01	medium	itcleffaom.com	Sinkholed
2022-09-01	medium	datatechonert.com	Sinkholed
2022-09-01	medium	itcleffaom.com	Sinkholed

JavaScript (16)

	URL	Size	First Seen	Last Seen
	topgiftssurvey.top/sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e&utm_medium=5034698&utm_content=zd_public_v2	102 B	2023-03-07	2023-03-07
Pretty URL topgiftssurvey.top/sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e&utm_medium=5034698&utm_content=zd_public_v2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:55 Last Seen2023-03-07 12:07:55 Times Seen1 Hash 830fbb83425df098bf80493a30d0959b 2a4e58965990ac45cc85540dc619c39ae7077c33 325b0d9af901ed6b21435a3a646dbdd3ea51847aa7e5f53348038ae34591dfd9 Loading...

	topgiftssurvey.top/sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e	41 B	2023-03-07	2023-12-22
Pretty URL topgiftssurvey.top/sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e IP 172.67.131.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2023-12-22 09:41:33 Times Seen2 Hash 01504f3c68447a2aa5812832546c30c8 1a2ed7673ad287643823432efed1bf698450ef5d 9e7863252dc4a2c1871dc34c7ab34f13dc738d6f38acbf9827ce17ddee3b336b Loading...

	topgiftssurvey.top/js/sweep.js	3.0 kB	2023-03-07	2023-03-17
Pretty URL topgiftssurvey.top/js/sweep.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2023-03-17 12:38:24 Times Seen1 Hash 343e144c66bb17b2fc978359ccc8f410 91182c6050e5fe8baaa272812c0d8c88f145ee28 bbe5fe322e7e9310751b93bbffde9baac018c29e7a6118aacea85cbd492f2ca8 Loading...

	topgiftssurvey.top/js/survey.js?v=9	302 kB	2023-03-07	2023-03-17
Pretty URL topgiftssurvey.top/js/survey.js?v=9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:35 Last Seen2023-03-17 09:44:37 Times Seen1 Hash 9a11190ceaf407431f2f9de0ca8dfde9 fd1ccdd9ecdff4507f05ee474872f8f4dceea3cb da53c4c7f97ad04c6e9f8f1356b078e492c82e95bd04433a1ede3924640cc307 Loading...

	topgiftssurvey.top/sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e	691 B	2023-03-07	2023-03-17
Pretty URL topgiftssurvey.top/sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e IP 172.67.131.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 12:47:09 Times Seen1 Hash 2ff28877c416e5dcf7a935999c880d30 5382310c60d9b1b336fbe35149f3c5568ad69fb1 51df4797be552dcb35d858cb74ea85c7f433a927e83fbd2284bf29265cfeabb6 Loading...

	topgiftssurvey.top/sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e	299 B	2023-03-07	2023-03-17
Pretty URL topgiftssurvey.top/sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e IP 172.67.131.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 12:47:09 Times Seen1 Hash 4ac3a170e95cf25fc7cdcfe3291ea883 b5d70359ce0282b8fd9fbc9ecea76d2abfcb22c8 08895f9798c0a57a3512dde6a58435246045ab84134efef0a3a0a8fd368f1fcc Loading...

	topgiftssurvey.top/js/data/sd-2755601.js	5.5 kB	2023-03-07	2023-03-17
Pretty URL topgiftssurvey.top/js/data/sd-2755601.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2023-03-17 10:38:23 Times Seen1 Hash ccc58e2b8290ff951449cf59eee4cedf 53baa299caa0a4d43b7edaf9867c0120ac41bf5b 94c168ef6390e1081e586f73ab72d25ce85af5a89efb6604afc8a8b2bf3f8552 Loading...

	mc.yandex.ru/metrika/tag.js	210 kB	2023-03-07	2023-06-09
Pretty URL mc.yandex.ru/metrika/tag.js IP 93.158.134.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-06-09 03:58:24 Times Seen15 Hash c55e9c553440071325733dd0021e9157 6e16274257eab27a3c38e759ba7200c9e0faff45 4325463d5c17aebbc147fb20c300203304a6d06cbe4d8bfbff402ef6a9a5c8cc Loading...

	topgiftssurvey.top/js/config.js?v=2	72 kB	2023-03-07	2023-03-17
Pretty URL topgiftssurvey.top/js/config.js?v=2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:35 Last Seen2023-03-17 09:44:38 Times Seen1 Hash 609dffbd5a5e5b7f49f35965334e3a83 bc9def91116c28207f4500b366d028b144ba1632 548fc2ba21b4eabe7b908c254608c977a85b23577c54b8281274a4bccc11d144 Loading...

	topgiftssurvey.top/sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e	1.2 kB	2023-03-07	2023-03-17
Pretty URL topgiftssurvey.top/sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e IP 172.67.131.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 12:47:09 Times Seen1 Hash 044a11279a05e0ef9b6584bf1c4d988a e61f516f8225749c690f88b65bf538ce76f72127 d9c0b345047ab550b72e65f7505039094c9697f62dd522182660f4d9c909bfad Loading...

	cdntechone.com/stattag.js	43 kB	2023-03-07	2023-03-17
Pretty URL cdntechone.com/stattag.js IP 172.67.160.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 12:47:09 Times Seen1 Hash ec71533d7696102b2e278e3a35c2da01 82f1c46094b38ff2656af0cda8f625dd9b9d2a26 ba25ceb996c4d0f021198f7192df75aa3f666fdfd73e61bccebffa4fb6ba1349 Loading...

	topgiftssurvey.top/pfe/current/micro.tag.min.js?z=4843177&sw=/sw/sw4843177.js&var=5034698&var_3=null&ymid=&cdn=1&ab2=0&domain=ugyplysh.com	145 kB	2023-03-07	2023-03-17
Pretty URL topgiftssurvey.top/pfe/current/micro.tag.min.js?z=4843177&sw=/sw/sw4843177.js&var=5034698&var_3=null&ymid=&cdn=1&ab2=0&domain=ugyplysh.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 12:47:09 Times Seen1 Hash 4a448911aef2339ba5e1763da2b3154b a9d34eb4afa31761d2ddedf24e2e138adfe1f9b8 9713ab0db84e267006598c2754d48c48e6025c4e5a599ac772e7fe2029ffedf4 Loading...

	topgiftssurvey.top/js/data/_global-config-sd.js?v=2	336 B	2023-03-07	2023-03-17
Pretty URL topgiftssurvey.top/js/data/_global-config-sd.js?v=2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 12:47:09 Times Seen1 Hash 41ac3aa106adb975e33061cd557163d2 c5ab77074f6e9e3a2ee751d4a19561ce5f5cb5c9 dc1c6a5f30e3a0636f35eb16ef9d91fc3c7f70d90af731e2a29d336b90fb2ebb Loading...

	topgiftssurvey.top/js/data/rtc.js?v=1	11 kB	2023-03-07	2023-03-17
Pretty URL topgiftssurvey.top/js/data/rtc.js?v=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 12:47:09 Times Seen1 Hash ab876d0964fb7c869591492a0c068f93 c1b9d2828a419c6966bfc2dad567996aa09fa80f d8e21a5fdcb464c61185f66b10a6405f01fe3a8cd639b599a5b3d2f6b5aae4c0 Loading...

		Size	First Seen	Last Seen
	#1 Eval - a9ebe957baddc35fb480f23d48f43fe2	79 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 12:07:55 Last Seen2023-03-07 12:07:55 Times Seen1 Hash a9ebe957baddc35fb480f23d48f43fe2 bc9f187dbe0a3bd2dc1aecf6a26c7f270fb49ecb 1c68a04f68a377ed7c9b4e7dcac5b45c4aad7a999e62c6bcb80fc5845cda9fb5 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (45)

URL IP Response Size

phythmspeters.com/d2455479-6abd-4e3a-a6b7-a1ead1a8c882

18.156.16.63

200

358 B

URL HTTP/1.1
phythmspeters.com/d2455479-6abd-4e3a-a6b7-a1ead1a8c882
IP
18.156.16.63:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document, ASCII text, with very long lines (358), with no line terminators
Size
358 B (358 bytes)
Hash
cde892db507d59597ec91ae6255cef89
385a1ac350d16b579b30ddaa2af1baa2533b8e7e
6f9379797d4dad89a161163f6440e13f16754f8e3976b333b64c06f5b83a41a1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /d2455479-6abd-4e3a-a6b7-a1ead1a8c882 HTTP/1.1
Host: phythmspeters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Server: nginx
Date: Fri, 02 Sep 2022 04:54:02 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: d2455479-6abd-4e3a-a6b7-a1ead1a8c882-v4=RvgkHH80S0T3SqzMtdDFf8yhDAEfKWfcrtzP5JWWibQ; Max-Age=86400; Expires=Sat, 03-Sep-2022 04:54:02 GMT; Domain=phythmspeters.com; Path=/; HttpOnly
cc-v4=m2CwvqSAct%2FytwdkyimbRoHS0msu%2BIdVNtMdX9qr5iG%2BhRCAf92fQqZI%2BPr8%2F1NKt6nQLS23xJzLOVgEx0p%2FwBmDahaLKmgB0D4Eqv2QcfsR9MiqA0dJatHM1YsSxLp%2FPvGVil3M2hxNtYiAXZvQAQ%3D%3D; Max-Age=31536000; Expires=Sat, 02-Sep-2023 04:54:02 GMT; Domain=phythmspeters.com; Path=/; HttpOnly

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 04:41:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: r63S7oUHOnLf-z3Su_X__-Uj4wVnC7aBdGwI-BTP1tyDRZ9QVPlOLQ==
Age: 743

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15446
Expires: Fri, 02 Sep 2022 09:11:28 GMT
Date: Fri, 02 Sep 2022 04:54:02 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UNURLvtNgkSJb9LdYYz0ZEpoNC5cmk82EIqhueoK-xxZKWnpy0LRiw==
age: 13125
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 04:54:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

45 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
data
Size
45 kB (44687 bytes)
Hash
923dc34e92d7cb3a06e873b6185432f3
cf0a71af63699d1216f5644cb2e4a149dd47d6b9
31b6746ce5bbc691e6206372356c6b6a675a23dc465d4aaf896ca6644e2d6d59

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 02 Sep 2022 04:38:16 GMT
Cache-Control: max-age=3600
Expires: Fri, 02 Sep 2022 05:11:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P910Wtq62sYY7L9oMzkPSgYrfBwbh4dhIhg6K6GVwWxpDu_BfAZxCA==
Age: 947

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b8245bef547b2fb0da17ff1bf95e853a
692365161efc099ddcc2badfaec095b70d2cd3f3
ba1b534fe4fa7a94eff52e5176b9182bdfa0e74622da7fbc53670a92845d5eab

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA1B534FE4FA7A94EFF52E5176B9182BDFA0E74622DA7FBC53670A92845D5EAB"
Last-Modified: Wed, 31 Aug 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12080
Expires: Fri, 02 Sep 2022 08:15:23 GMT
Date: Fri, 02 Sep 2022 04:54:03 GMT
Connection: keep-alive

itcleffaom.com/track?offer_id=2755&z=5034698&variable2=wtiv10rmronqecoi2ae5mtc2

139.45.197.237

200 OK

172 B

URL HTTP/2
itcleffaom.com/track?offer_id=2755&z=5034698&variable2=wtiv10rmronqecoi2ae5mtc2
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
172 B (172 bytes)
Hash
9bb683b03ef71a014395b7bf23254546
f52d1081501b1dd729999a6b5f86f0bcb4dba39d
ae22a71ab0b52e5c18e0c23f85d21c3761ed57c32442569e75db1f3c5cbc51f1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /track?offer_id=2755&z=5034698&variable2=wtiv10rmronqecoi2ae5mtc2 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 04:54:03 GMT
content-type: application/json
content-length: 172
x-trace-id: d2380fc835511b9ac4afcd70e2f50758
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
41ea586f0e66dcd46f50ab3938543b12
d7a3d6a40066652fc85cdaab9e613246b6af4aab
60b133ec87e89ec28689b760f6ce265eee0e935dca93f42543885a05f8b19a79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:54:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 18:25:21 GMT
Expires: Thu, 08 Sep 2022 18:25:20 GMT
Etag: "d7a3d6a40066652fc85cdaab9e613246b6af4aab"
Cache-Control: max-age=566476,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7443a53d1999b4f4-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6f7b5b3e601511a323146af3a8f1d13
e12b2b1a6f265981e398d8f7b6835d4126fc20c5
88b2a45b0d3b129b51990b422fd262e45732f6956052933ae91c501b0ee55dfe

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88B2A45B0D3B129B51990B422FD262E45732F6956052933AE91C501B0EE55DFE"
Last-Modified: Tue, 30 Aug 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18344
Expires: Fri, 02 Sep 2022 09:59:47 GMT
Date: Fri, 02 Sep 2022 04:54:03 GMT
Connection: keep-alive

my.rtmark.net/gid.js

139.45.195.8

200 OK

2.1 kB

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
data
Size
2.1 kB (2146 bytes)
Hash
4116c4ef3c4dd0f67f777b39c30bf74a
3dadc27582a8635db2ea4eeb55c153dbfcffe2d2
de7b680c948b91e8c0353a27718069652df0d25f23f6b3e29fc5ba5a8b9cd0e2

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 04:54:03 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2a65448c4ce947e0838180635fc745a9; expires=Sat, 02 Sep 2023 04:54:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=4843177&checkDuplicate=true&ymid=&var=5034698

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4843177&checkDuplicate=true&ymid=&var=5034698
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
402d24349a22bfd41d574475b1f5d023
162d071db6d94b2c4abbabbf326686106c75246f
e6e3417fd2263a02b6415cbfd1b3e8b82e1fe8615a22acf2313e5ba2bcb48afa

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=4843177&checkDuplicate=true&ymid=&var=5034698 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://topgiftssurvey.top
Connection: keep-alive
Cookie: ID=2a65448c4ce947e0838180635fc745a9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 04:54:03 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2a65448c4ce947e0838180635fc745a9; expires=Sat, 02 Sep 2023 04:54:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5325
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 04:54:03 GMT
Last-Modified: Fri, 02 Sep 2022 03:25:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

ugyplysh.com/zone?&pub=0&zone_id=4843177&is_mobile=false&domain=topgiftssurvey.top&var=5034698&ymid=&var_3=null&dsig=&action=settings

139.45.197.253

200 OK

733 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=4843177&is_mobile=false&domain=topgiftssurvey.top&var=5034698&ymid=&var_3=null&dsig=&action=settings
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (732)
Size
733 B (733 bytes)
Hash
32012316e396464068e8d2b887adb53f
44b0b25b7e69fe93b7eed561c342207d247b525a
b57b3cd1c1b1c5ee1f07e40c970f1704845c254452c59757e3fa6249aed2a4e8

HTTP Headers

GET /zone?&pub=0&zone_id=4843177&is_mobile=false&domain=topgiftssurvey.top&var=5034698&ymid=&var_3=null&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 04:54:01 GMT
content-type: application/json; charset=utf-8
content-length: 733
x-trace-id: d70416aa547282cd40aa705b206dd379
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=4843177&is_mobile=false&domain=topgiftssurvey.top&var=5034698&ymid=&var_3=null&dsig=&action=prerequest

139.45.197.253

200 OK

0 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=4843177&is_mobile=false&domain=topgiftssurvey.top&var=5034698&ymid=&var_3=null&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=4843177&is_mobile=false&domain=topgiftssurvey.top&var=5034698&ymid=&var_3=null&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 04:53:59 GMT
content-length: 0
x-trace-id: ffc6ebdbb0985d7b2919376f39a31853
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
da449a1c475295e2a845251410ad3e9c
63e202585d3374d5a60fa7e31fa6a42f1099b24d
ffcc2478da175d43604138ab6822814e865731b0c3dc1ed4f1014f13440f2394

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:54:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 01:33:15 GMT
Expires: Tue, 06 Sep 2022 01:33:14 GMT
Etag: "63e202585d3374d5a60fa7e31fa6a42f1099b24d"
Cache-Control: max-age=332950,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7443a53f5bd6b4f4-OSL

datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a

139.45.195.253

200 OK

12 B

URL HTTP/1.1
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
IP
139.45.195.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Origin: https://topgiftssurvey.top
Content-Length: 1673
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 02 Sep 2022 04:54:03 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://topgiftssurvey.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

push.services.mozilla.com/

54.149.101.24

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.101.24:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6fkGQPcsjYtMUSC+OQmXgQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uz4TSdS5zolMUTqlgiqPYb7cCZc=

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
5581bd3513f4e40e4d4ba7e2df4f5662
9d910cb54e90e7231b8076cff9e8d4651f3697b3
86de7775b9279a5ed3a6536ef9dfb54578751239ea2dcdd65d49e4f87ec3b5c8

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 04:54:03 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 06 Sep 2022 02:44:28 GMT
ETag: "9d910cb54e90e7231b8076cff9e8d4651f3697b3"
Last-Modified: Fri, 02 Sep 2022 02:44:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 701
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7443a541ebcdb506-OSL

mc.yandex.ru/metrika/tag.js

93.158.134.119

200 OK

72 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (681)
Size
72 kB (71985 bytes)
Hash
034d4604beaddff5783b9878fadfaee6
64d5e1e0dbbbd62d6a64349dd964763b7ab4cbea
f8a957ee3468693f465da61d899438a2b674369b80c9d5c9ffff1111a7091290

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 71985
date: Fri, 02 Sep 2022 04:54:03 GMT
access-control-allow-origin: *
etag: "630f3113-11931"
expires: Fri, 02 Sep 2022 05:54:03 GMT
last-modified: Wed, 31 Aug 2022 12:59:47 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 02 Sep 2022 04:54:04 GMT
access-control-allow-origin: *
etag: "630f3113-2b"
expires: Fri, 02 Sep 2022 05:54:04 GMT
accept-ranges: bytes
last-modified: Wed, 31 Aug 2022 12:59:47 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A198%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094443%3Ac%3A1%3Arn%3A849253091%3Arqn%3A1%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662094441855%3Ads%3A0%2C0%2C62%2C0%2C%2C0%2C%2C112%2C3%2C%2C%2C%2C323%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094443%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29

93.158.134.119

200 OK

400 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A198%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094443%3Ac%3A1%3Arn%3A849253091%3Arqn%3A1%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662094441855%3Ads%3A0%2C0%2C62%2C0%2C%2C0%2C%2C112%2C3%2C%2C%2C%2C323%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094443%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size
400 B (400 bytes)
Hash
53caeb91507ef83ebe3ee4c7b727a486
da8d11c5029739a3548e4830c1bb3aa1b6452d87
2eabed4ae91f15bad945ff2ac1032fde5157ecad1d5e2d10e9e558c94cd49d5a

HTTP Headers

GET /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A198%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094443%3Ac%3A1%3Arn%3A849253091%3Arqn%3A1%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662094441855%3Ads%3A0%2C0%2C62%2C0%2C%2C0%2C%2C112%2C3%2C%2C%2C%2C323%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094443%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 400
date: Fri, 02 Sep 2022 04:54:04 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Sep-2022 04:54:04 GMT
last-modified: Fri, 02-Sep-2022 04:54:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A824766500%3Arqn%3A3%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A824766500%3Arqn%3A3%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A824766500%3Arqn%3A3%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 77
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 02 Sep 2022 04:54:04 GMT
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Sep-2022 04:54:04 GMT
last-modified: Fri, 02-Sep-2022 04:54:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonStepChange&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A517971295%3Arqn%3A5%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonStepChange&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A517971295%3Arqn%3A5%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonStepChange&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A517971295%3Arqn%3A5%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 02 Sep 2022 04:54:04 GMT
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Sep-2022 04:54:04 GMT
last-modified: Fri, 02-Sep-2022 04:54:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A198%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094443%3Ac%3A1%3Arn%3A849253091%3Arqn%3A1%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662094441855%3Ads%3A0%2C0%2C62%2C0%2C%2C0%2C%2C112%2C3%2C%2C%2C%2C323%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094443%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)

93.158.134.119

302 Found

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A198%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094443%3Ac%3A1%3Arn%3A849253091%3Arqn%3A1%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662094441855%3Ads%3A0%2C0%2C62%2C0%2C%2C0%2C%2C112%2C3%2C%2C%2C%2C323%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094443%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A198%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094443%3Ac%3A1%3Arn%3A849253091%3Arqn%3A1%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662094441855%3Ads%3A0%2C0%2C62%2C0%2C%2C0%2C%2C112%2C3%2C%2C%2C%2C323%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094443%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A198%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094443%3Ac%3A1%3Arn%3A849253091%3Arqn%3A1%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662094441855%3Ads%3A0%2C0%2C62%2C0%2C%2C0%2C%2C112%2C3%2C%2C%2C%2C323%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094443%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 02 Sep 2022 04:54:04 GMT
access-control-allow-origin: https://topgiftssurvey.top
set-cookie: yandexuid=2692419231662094444; Expires=Sat, 02-Sep-2023 04:54:04 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2692419231662094444; Expires=Sat, 02-Sep-2023 04:54:04 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1962658961662094444; Path=/; SameSite=None; Secure
i=SZFC7mGxGc0GAp7NvwcRdoTqu4+me+VVb08FrQxJXcIYPzYm/0XFmK6zNYs5iEbqY+gBdODmNxCIY8kYcqeGcKm2+1g=; Expires=Mon, 30-Aug-2032 04:54:04 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1693630444.yrts.1662094444#1693630444.yrtsi.1662094444; Expires=Sat, 02-Sep-2023 04:54:04 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Sep-2022 04:54:04 GMT
last-modified: Fri, 02-Sep-2022 04:54:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonUnique&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A399171713%3Arqn%3A4%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonUnique&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A399171713%3Arqn%3A4%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonUnique&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A399171713%3Arqn%3A4%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 02 Sep 2022 04:54:04 GMT
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Sep-2022 04:54:04 GMT
last-modified: Fri, 02-Sep-2022 04:54:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A701342373%3Arqn%3A6%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A701342373%3Arqn%3A6%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A701342373%3Arqn%3A6%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 02 Sep 2022 04:54:04 GMT
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Sep-2022 04:54:04 GMT
last-modified: Fri, 02-Sep-2022 04:54:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A477008547%3Arqn%3A8%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A477008547%3Arqn%3A8%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A477008547%3Arqn%3A8%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 190
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 02 Sep 2022 04:54:04 GMT
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Sep-2022 04:54:04 GMT
last-modified: Fri, 02-Sep-2022 04:54:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A286920913%3Arqn%3A10%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(10)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A286920913%3Arqn%3A10%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(10)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A286920913%3Arqn%3A10%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(10)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 02 Sep 2022 04:54:04 GMT
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Sep-2022 04:54:04 GMT
last-modified: Fri, 02-Sep-2022 04:54:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A202080084%3Arqn%3A7%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A202080084%3Arqn%3A7%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A202080084%3Arqn%3A7%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 84
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 02 Sep 2022 04:54:04 GMT
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Sep-2022 04:54:04 GMT
last-modified: Fri, 02-Sep-2022 04:54:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A490558766%3Arqn%3A9%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A490558766%3Arqn%3A9%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Ftopgiftssurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ftopgiftssurvey.top%2Fsweeps-survey.html%3Fz%3D5034698%26offer_id%3D2755%26var%3D%26ymid%3Dwtiv10rmronqecoi2ae5mtc2%26var2%3D32818e11-dcbe-4f0b-acee-19f4087f898e%26utm_medium%3D5034698%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1662094444_5bbcca7eeb775370b34423762a894d031636cb7e490ae2baf684e41aa49e59ad&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A817232437919%3Ahid%3A149759227%3Az%3A0%3Ai%3A20220902045403%3Aet%3A1662094444%3Ac%3A1%3Arn%3A490558766%3Arqn%3A9%3Au%3A1662094443852760840%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662094441855%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662094444%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 84
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 02 Sep 2022 04:54:04 GMT
access-control-allow-origin: https://topgiftssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Sep-2022 04:54:04 GMT
last-modified: Fri, 02-Sep-2022 04:54:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10431
Expires: Fri, 02 Sep 2022 07:47:55 GMT
Date: Fri, 02 Sep 2022 04:54:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10431
Expires: Fri, 02 Sep 2022 07:47:55 GMT
Date: Fri, 02 Sep 2022 04:54:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10431
Expires: Fri, 02 Sep 2022 07:47:55 GMT
Date: Fri, 02 Sep 2022 04:54:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10431
Expires: Fri, 02 Sep 2022 07:47:55 GMT
Date: Fri, 02 Sep 2022 04:54:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10431
Expires: Fri, 02 Sep 2022 07:47:55 GMT
Date: Fri, 02 Sep 2022 04:54:04 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43d94e54-2c67-403b-b94b-ef5e36cb5e26.jpeg

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43d94e54-2c67-403b-b94b-ef5e36cb5e26.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7156 bytes)
Hash
14e82032ab44011167c9d2d9695a3198
d3fda6718ab89268e82bde16b06a96354fa3d57b
2f073e250e9956e82038d29df1de50df864e2c22e4604bbd78d1e62188ae9197

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43d94e54-2c67-403b-b94b-ef5e36cb5e26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7156
x-amzn-requestid: e2b38429-0492-4319-9c72-5a1619c78420
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMO2EKcoAMFrrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311272b-69d66f695cf1a07f0fae433c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kpPP3oOPJ0CPFcrn_69SQa_tDp3VGWYBSX2_LVD-wT0tUuQCUkQoAQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:17 GMT
age: 25187
etag: "d3fda6718ab89268e82bde16b06a96354fa3d57b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9642 bytes)
Hash
d0c1e7f6c9e17585905fdbe9ae4da50b
67192f5be476ac4dada66dc9fbe26469d62e2d78
21ca880b36bbb7791f8df2bf9830f11a960692123dd6dde5be42bda004dc428b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9642
x-amzn-requestid: 52c698d7-6419-4614-9c53-68a265266337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjbEvgoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-547a72850cce71da013383f5;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: I3pDTq3EeJJtzJFsAFaym7cV5nCrwFailDRzgA3QkAFOYj3xV43v2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "67192f5be476ac4dada66dc9fbe26469d62e2d78"
content-type: image/jpeg
age: 26198
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4448f0ed-ddec-4668-bd40-5fbe46656300.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6136 bytes)
Hash
0fe035175dde92a1aad136d9a9cf92fe
6d4394252bb2ba429cf050d1b8e6ab272f915a5d
d6f8887a2d25f62c35d5ea1a487b982bab32d281cd2d2267213cd5c60b2e1a80

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4448f0ed-ddec-4668-bd40-5fbe46656300.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6136
x-amzn-requestid: f1eabc71-e312-4081-8e8f-272917738523
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0GGv2IAMFfXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-69bd9f574a2d7a1e6c760e66;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AkUwWs2mrN060d3zmt7VVYagbwyWOLkiWuPYRvq28ZOIZ_6gB0DLBA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 08:02:28 GMT
age: 75096
etag: "6d4394252bb2ba429cf050d1b8e6ab272f915a5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10435 bytes)
Hash
955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
age: 26198
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e93c5d-fd27-4eb2-b92a-cb36c0a9dd5a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9960 bytes)
Hash
ab0ab1c19ba075fb2824d46c54df9f71
a914438297847f1de165c8ec8b67d4204cfb8aa0
603c5ab17b63559dedb5d0fb7df703406ea3f0c5af64f794ba19523b887f346f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e93c5d-fd27-4eb2-b92a-cb36c0a9dd5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9960
x-amzn-requestid: 50b32ec4-bc0d-4688-a57f-3a2be28296e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_EaxoAMFh0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-6e34c4b477bee94b43ac67ed;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m4O94k0M1ODXowQJCRLhRrkQuG2oW9BG88wvoKOwFSynVVvgzf3M9Q==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:12:19 GMT
age: 24105
etag: "a914438297847f1de165c8ec8b67d4204cfb8aa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe107ad28-65a4-4da6-acf9-ccb14d8503cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10489 bytes)
Hash
e22c8145b541b1fbc277f2f76fd91d2a
ec84f7d5c5202df3bd716e19ceb9b0283cfff714
32dbfeaac6960253057fe4d24ad7d782d4e398a49b188c0af357dd924bf0c9c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe107ad28-65a4-4da6-acf9-ccb14d8503cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10489
x-amzn-requestid: 9ddf3d6f-b4d1-4d5f-a84d-cfdb3bcbd80c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLx_HKqoAMFzCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112672-7de601b74dcc23070611db09;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:38:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p8UoOZXko5kHqr_GvEy2q1W9hSuLkA-Xp2KG9tO7S4pmyz_Dl4s-DA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:12:19 GMT
age: 24105
etag: "ec84f7d5c5202df3bd716e19ceb9b0283cfff714"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

itcleffaom.com/rotate?zz=4599387;4599749;4702124&var=5034698&uid=2a65448c4ce947e0838180635fc745a9

139.45.197.237

200 OK

0 B

URL HTTP/2
itcleffaom.com/rotate?zz=4599387;4599749;4702124&var=5034698&uid=2a65448c4ce947e0838180635fc745a9
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /rotate?zz=4599387;4599749;4702124&var=5034698&uid=2a65448c4ce947e0838180635fc745a9 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://topgiftssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 04:54:03 GMT
content-type: application/javascript
x-trace-id: e1d994f05f40884e23314de980fd911c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://topgiftssurvey.top
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=1536a1da08b04c04a85f2d48bd7e593d; expires=Sat, 02 Sep 2023 04:54:03 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

topgiftssurvey.top/sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e

172.67.131.122

200 OK

0 B

URL HTTP/2
topgiftssurvey.top/sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e
IP
172.67.131.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sweeps-survey.html?z=5034698&offer_id=2755&var=&ymid=wtiv10rmronqecoi2ae5mtc2&var2=32818e11-dcbe-4f0b-acee-19f4087f898e HTTP/1.1
Host: topgiftssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Sep 2022 04:54:02 GMT
content-type: text/html
last-modified: Thu, 01 Sep 2022 11:54:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fN%2FDFHM6t7NKJTCf6UUDrqu3xCk9ZCvI8tP4tSbcLgZJchT%2BZZLTSn2CYDYhgOEF8MX766cH6KCe%2FG9zr1BDfD6ANTKZhC3Lk1fhajuVd%2BUvYE%2Bnmd73BxIgAyT9FL3Y%2FNspqw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7443a539be4cb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdntechone.com/stattag.js

172.67.160.61

200 OK

0 B

URL HTTP/2
cdntechone.com/stattag.js
IP
172.67.160.61:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Sep 2022 04:54:03 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:17:49 GMT
etag: W/"62ebe31d-a8fa"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 652
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AK7xDJ%2F7nbevZ0Y5fyw8frQR%2Fr6PYf0%2BkqF6eqRZG8XoHXzC5R%2FckiAMte2tHuV59XW1UJixFXEjo40vXt6KA%2FqLFUodJZQBmhV%2FGjczZ1ZSJnBCLohcEpPt2sdzm%2BqyoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7443a53d38bd0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations