my.rtmark.net/gid.js?userId=eb23aec82149492008eb9d4fa8343651
139.45.195.8 65 B URL my.rtmark.net/gid.js?userId=eb23aec82149492008eb9d4fa8343651
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 74e57fb3c1831ffbc3ec78d78b7e28bf
49a0116e04ea06c8dc4887be1b62054f9c7b1ec2
427ca4a7755cea7f75040869fdb35676b47655e5084119f6efb2f0d404c8d63f
GET /gid.js?userId=eb23aec82149492008eb9d4fa8343651 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://uglootudsurvey.space
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=eb23aec82149492008eb9d4fa8343651; expires=Sat, 08 Jun 2024 21:55:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
uglootudsurvey.space/js/_each-land-config.dd500a50.js
104.21.14.156200 OK 20 kB URL GET HTTP/3 uglootudsurvey.space/js/_each-land-config.dd500a50.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash c98ee3b6c7bb751bed35f8b6ee04faa5
72010e94e1afe1d2a0ac1208dc22826acc6a3bf7
88cb1bc8f930978d9ddd833e6499f81c7652d6f6961706948c6a706ab78b10f5
Analyzer Verdict Alert quad9 Sinkholed
GET /js/_each-land-config.dd500a50.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: W/"64834724-11a2e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrdsgXrjpwAYoMBtv0mzAlTrZyVJU5uUag2g6xIdU3%2B1RzGoPwNWgLoUmInC1b6Wd6zrGpyK8UWRxDAsJ4JFoCGSOcuHCobhARp0ASGakrulFnAtbkgnwXFl52gn0HSL%2B4XxwfK3NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7c7c780b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/js/_each-land-config.dd500a50.js
104.21.14.156200 OK 20 kB URL GET HTTP/3 uglootudsurvey.space/js/_each-land-config.dd500a50.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash c98ee3b6c7bb751bed35f8b6ee04faa5
72010e94e1afe1d2a0ac1208dc22826acc6a3bf7
88cb1bc8f930978d9ddd833e6499f81c7652d6f6961706948c6a706ab78b10f5
Analyzer Verdict Alert quad9 Sinkholed
GET /js/_each-land-config.dd500a50.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-11a2e"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPfCYD7rOE%2FLrTerZ2x9x3nFE5hbujUl8qjoKcEKq1ajk9tilSasPDSARhqgvfywX9deA3H5NGbJM7GFdHawDyPSBbKE6xyTv4E4vh3PqDjXthIU7YKijaUrQkScBdKwSrnRJlJ8ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaee30b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/js/v-redux-toolkit.esm.js.03efe34c.js
104.21.14.156200 OK 10 kB URL GET HTTP/3 uglootudsurvey.space/js/v-redux-toolkit.esm.js.03efe34c.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (11317), with no line terminators
Hash c55580f803b0e57b59579d1ee3800602
9d3dbb94e683d9a67584aa9b8c8c1791aba031cd
fe70be35a5b43f970e31131c50d95c5f13a14dd38435844a2d051ca6460f9f45
Analyzer Verdict Alert quad9 Sinkholed
GET /js/v-redux-toolkit.esm.js.03efe34c.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: W/"64834724-2c35"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BRWRlx%2BgA%2Fm9%2BuN67hft3LrUr2scnXxBzC1cfO5TCpQuJ3aK%2FSnYwS2hF9rkpFBtgCDfGlgbxEfDrbavE3HODqa9Q8IvGZBj9MZVzawa%2FSYBHU%2FHugFW%2B7HXAWzC6hgnL1mhD%2BcYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7c7c740b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/js/s-storageService.js.2dc48dda.js
104.21.14.156200 OK 3.6 kB URL GET HTTP/3 uglootudsurvey.space/js/s-storageService.js.2dc48dda.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (2572), with no line terminators
Hash 2e9de7b6778ce3f6199aebfb661f9523
891c3fed1af8c7713e55934831bacd3a3b595e3f
1fa9bb8f2331f7b0dadd0d87aa97c1077cb70f5b2149816f931a5dddc65a8ab8
Analyzer Verdict Alert quad9 Sinkholed
GET /js/s-storageService.js.2dc48dda.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-a0c"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfFfgIMUv0Iv8FbdWidFg2FccCmdfXylgNfVvifnB7t05mLqhpgo0gP%2BQVyrZeRKdAmXbIJDABv2B6U1WmZSVoNtQxl0Jzl36%2FqNoBcA2N2S3toAFe65yk7lTZF6Fu1DSbf%2B6%2F0a9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaed40b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/person-6.jpg
104.21.14.156200 OK 4.4 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-6.jpg
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash be9ff88491a5bc0745579a3813eb2cbe
870f88a7fae9fdd928af33f47c5ffdddc6a4082b
698d413ddf6b2ec37acf0e982237d239bd912cb097e243cb355855ac2b8548d3
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-6.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 4392
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
vary: Accept-Encoding
etag: "64834723-1128"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdJvdfS%2FywzsLHrhftj0TTSnfIXFxoA7m77uCMLzYC0XkyDGRzPG4pET1CV5HLMfH94nNBJIB5yGSLCPUJ%2BC5PZbV1qnp1d4bqTaeJLtthYnvIHshEQhH00hMzrI7SMcnkF%2FURUdzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b9460b06-OSL
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/js/_core-survey.77d4e932.js
104.21.14.156200 OK 63 kB URL GET HTTP/3 uglootudsurvey.space/js/_core-survey.77d4e932.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 409558f16fef759beb18287cdcf9661b
800d365ae8a3cca134d6b4d0f2212874d01802ac
48a2b2a92b1d05f649b3894b8e62d1b79f856e9bc753eb623acf730d931d7129
Analyzer Verdict Alert quad9 Sinkholed
GET /js/_core-survey.77d4e932.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-35344"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5A2Fz9WDTG18S377pg0QYxbPzb1oOrDwrgxbAbcLmD24ifo41zEf%2Fv%2FwADoNSMfr2LBMJpdNBBRhesl5LVFT02pp%2BFyCJ9FywJuPGyRfDfrg8TZZq460rF7%2FEv9PCUFICT8kS0M9tA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7ebee90b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/css/_core-survey.26c0898c.css
104.21.14.156200 OK 7.5 kB URL GET HTTP/3 uglootudsurvey.space/css/_core-survey.26c0898c.css
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (3187), with no line terminators
Hash 2e6143d07cb0a0273cd0fded0cd7b430
4853285adf3a468cc8a42b1c6f17d8353cfef896
f2690b871425a66071365ba5be475a5089e8074dbdab7df95a71bbee62e2f5fb
Analyzer Verdict Alert quad9 Sinkholed
GET /css/_core-survey.26c0898c.css HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3194
etag: W/"64834724-c7a"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tF%2B4%2FQ8dYr2aR8v0XATMXeBn0HFtR67wrYJdyDL1gXt3LUe92Vf5H0qjODzdw8u3r3fPb4N8OFx3ZbDW8VHAfb0%2F64Kzyk%2BgNBbpesqh5EvJbxVbVxH6GCtY3UbJtZDCXAZWeN1Z%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7ebef50b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/js/v-redux-toolkit.esm.js.03efe34c.js
104.21.14.156200 OK 5.6 kB URL GET HTTP/3 uglootudsurvey.space/js/v-redux-toolkit.esm.js.03efe34c.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (11317), with no line terminators
Hash c55580f803b0e57b59579d1ee3800602
9d3dbb94e683d9a67584aa9b8c8c1791aba031cd
fe70be35a5b43f970e31131c50d95c5f13a14dd38435844a2d051ca6460f9f45
Analyzer Verdict Alert quad9 Sinkholed
GET /js/v-redux-toolkit.esm.js.03efe34c.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-2c35"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XV5hpR%2BnopHTpDphAPXpRdcIZZz14I8Jb4igfKo5o61yd26%2BXH08oWjNgRUXrFfKVKDUtD4qCl6Oemy9FdcYQ3TYBbC7vOI1x5nirLye%2B6UxP1Y9zOngxWCsEEQPl8316uhizHAR1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaedd0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/person-2.png
104.21.14.156200 OK 6.4 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-2.png
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 3e6eaea87b2891590972dd11373b09a3
f038c6e6306ca708defa2b601bf9477f0cf78a3d
15aadd2e7f4f83e79f35e760da382fb8b5045d2cf506f531bdc15b7b27f699a5
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-2.png HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/png
content-length: 6428
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-191c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMXGfcxnUuGtnhex%2F6dGS8rMiKI0PbB3gZ6p1FGNgRCJof0qJMeNrOWTZEKmQJr27FSDYv7pY7ERSdvjvGIN5YCs9i9t0gEpVunGbC%2FXN3JiaNLxfiuZ%2BygrHKzY2ptj1JDTCSqfYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b9380b06-OSL
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/person-9.jpg
104.21.14.156200 OK 5.2 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-9.jpg
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 529370f9fd3b0f4da6c81ca91a931155
1a4c3e0e7af1ce30dc2ca18d48b5fc3f1b40aad3
cdf1b8dcdce4e9b76157ce90e086ebafb100063eaeb091e97087d97f5d0fb50b
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-9.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 5190
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-1446"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSK7aX6nbq9CbFETtIbB7GvAm3XWWhoX0VaFwkMlM34PJeWQ6uks%2BcwW9k1wdANeFfYrMBacgwM77pqRVzqFkDzfJ4mfDgtGC%2FAX7CklC%2FWBSsXADPUX2fmCG%2Bon2AwzRQ8ec%2B8AVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80e96a0b06-OSL
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/finance-survey.html
104.21.14.156 6.4 kB URL uglootudsurvey.space/finance-survey.html
IP 104.21.14.156:0
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5197), with no line terminators
Hash 4572d942443569f667ec9d6023cd7146
43dcdc853af7e1dffa5db91f93f8b7fb3681cb31
fd24d5a9f8b8a70dfec0d1872ab77c86e1aeb6ce31965af7ba82eac0a8a86648
Analyzer Verdict Alert quad9 Sinkholed
GET /finance-survey.html HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: text/html
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFivFGbWW%2FTo9aoheUbyGKM%2BaFoJLD6I15IG79t%2BKJWqSbMPXypgZlZOR%2Bqo0j%2BixYHB18d6zORkCBaoNfLKNqfkfUbOw9KhLibvYEttPdSLVNXCmuRwrRb0WRH%2FdwqiZC6bgp0lOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e79e89d0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
uglootudsurvey.space/js/v-index.js.5a4fe8d3.js
104.21.14.156200 OK 21 kB URL GET HTTP/3 uglootudsurvey.space/js/v-index.js.5a4fe8d3.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (40320), with no line terminators
Hash 5e1fb58e3e5e39df751767413e29df19
9c7eb4025d83b6f335552487f3362c8b4b39d9a9
5d0fe290d0def0cbe0255e9be7fa45c03d7bcd0c2088f29da47eb467a6c57203
Analyzer Verdict Alert quad9 Sinkholed
GET /js/v-index.js.5a4fe8d3.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-9d80"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMciwcmTqoVE4NbiVqCvbuVts4DZhWd3nBKo2TIxjDcqjeStvYPQeKGzYjICl4PK%2F48U9unvhhQ6VZfjVrpCbHiiBEgrKrmzURMxJ%2Bd2ttCsvNQmpmQnrk%2FM%2BNRejdZ%2FUw7URx%2B1nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaed70b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/person-8.jpg
104.21.14.156200 OK 5.7 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-8.jpg
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash 6b10e71656e51e27520e854712b44f1c
f78b92dded977e9f275aba726453138155420bcf
64588485da7d470991fdba6c20a6d05c7ad39f92cca72769a95cbe3d873e8edc
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-8.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 5748
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-1674"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQunmlYJd9GFQrNRElGOWJ8frFXzBzd0eyzX5Mm9nvGEgDuzlrDptsyROtgbr7eot5z%2Bwyka%2ByvJY8DKx%2BkhzSIuscBCHZ8tcOvlyfPF7%2FcKtTcswW%2BqjeM035K064YY%2Fi%2FMo1Unzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b9440b06-OSL
alt-svc: h3=":443"; ma=86400
dortmark.net/sync-do
139.45.197.248200 OK 0 B IP 139.45.197.248:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectdortmark.net
Fingerprint2D:58:01:B8:69:29:6C:35:45:78:06:E6:15:E1:E3:B9:8B:47:F6:52
ValidityTue, 11 Apr 2023 11:46:30 GMT - Mon, 10 Jul 2023 11:46:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-do HTTP/1.1
Host: dortmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 21:55:30 GMT
content-length: 0
access-control-allow-origin: https://uglootudsurvey.space
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 6c61fb42405abc811f67aabeace702b2
0d41286eb5a6f7f82734de50e0fdbc7e752e3d8e
bd7a264bf9a25dd4e67665c894ea85fd985546fb75f9e69da4bbfb5ba2fabab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:55:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uglootudsurvey.space/js/survey.a8a53bd1.js
104.21.14.156200 OK 6.3 kB URL GET HTTP/3 uglootudsurvey.space/js/survey.a8a53bd1.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (5733), with no line terminators
Hash c7497cd1c2907d7ba8d42ab2aa709b5e
3e6fa4aa4affd6e22d7abedb724a3ae2906efbf1
ad9ef9d9c3d6079723f51d4879c544283a940fe543ec594c9f9730f068e78d31
Analyzer Verdict Alert quad9 Sinkholed
GET /js/survey.a8a53bd1.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-1665"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wo%2F6VkbnHYiVr9dsQTCOgsrrI9azARNqPA1vSenm%2BvDSmt7%2FAd8Y6KbfuiyM7tXUjXp9jNZs11K%2B7Lp63u4sTbSSKtPj5ye05zTO%2Fv%2FDUqFfXD%2FapmqMbDADzwyolQIy%2FUDH8wWoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7ebef60b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/person-10.jpg
104.21.14.156200 OK 6.2 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-10.jpg
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash 044ab37551bfe632f53b8f15d991f36e
77fdc6210608e5e36e1d36ac7fd867104cb20d9e
36adcb32026c016feaff678063911fcc9e7985e9f0c56bb1daa776f98964ef91
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-10.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 6178
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-1822"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B3WS%2BPGWNre1ajtsI62Av5%2Bj8%2BRyH66LcABPJ57t3q992gDwWCBb9NzS%2BfZQQN95ef%2FGPrU0GqnX6%2BWC%2FE3htujTtnLA1xyKgDm00nVLbhUdwuz3FsePCcGom1M3I9ZEhzIELLmpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80e96e0b06-OSL
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/person-13.jpg
104.21.14.156200 OK 3.2 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-13.jpg
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash a3364ed9e772ae6f696b814072001bf8
b8f34c657c31bf1e4d42b5d864b2519493d80e92
88f30b8552d0ab928d895390b337a0049405f3b1e8446631e606ba787e1205e1
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-13.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 3172
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-c64"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TToiUZMx%2BlCF957C73wKNQ3AEwlPm%2FIXQ4sGusP1Z1i5rivbcTF5mxpv%2BoHu7%2BcbusT98q%2BEvsacbXwDBsOnin9ggpymqxlnOhnzwCWU78eDGMVM9WLgcMf3ImmqHJyaQoi94k%2FvhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80e9750b06-OSL
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/person-12.jpeg
104.21.14.156200 OK 3.5 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-12.jpeg
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash c937339f4ba54ff7dc150b9865c29084
44206828ca23cbed303193bde1dfe47bdc532972
8e872daac17de58d352c9f4082e6e35af76a8b2138c142a8cf0fbacea195c73e
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-12.jpeg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 3519
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-dbf"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lu02ypRCcKrYFEypbdNCJRzjeFmq1UlUcfb72fFYWxTHL%2BMmZpQic9uzx%2FY7POTAm5%2F6Mqo9SHpnJ%2F%2BoeXVChMkq%2B3tuUrA9NtUtdjU6BcheA6ZJwGfXctT0mlsnH1h2N7Sfnoo39g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80e9770b06-OSL
alt-svc: h3=":443"; ma=86400
dortmark.net/sync-metrics
139.45.197.248200 OK 0 B URL OPTIONS HTTP/2 dortmark.net/sync-metrics
IP 139.45.197.248:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectdortmark.net
Fingerprint2D:58:01:B8:69:29:6C:35:45:78:06:E6:15:E1:E3:B9:8B:47:F6:52
ValidityTue, 11 Apr 2023 11:46:30 GMT - Mon, 10 Jul 2023 11:46:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-metrics HTTP/1.1
Host: dortmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 21:55:30 GMT
content-length: 0
access-control-allow-origin: https://uglootudsurvey.space
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
dortmark.net/sync-do
139.45.197.248200 OK 179 B IP 139.45.197.248:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectdortmark.net
Fingerprint2D:58:01:B8:69:29:6C:35:45:78:06:E6:15:E1:E3:B9:8B:47:F6:52
ValidityTue, 11 Apr 2023 11:46:30 GMT - Mon, 10 Jul 2023 11:46:29 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 081142aa1c9267422ee7fd25ac457579
cf8a223610da412aab4cc9aec68f6f304258b3ce
58084d495376ed2e41f026c352cabb187129c58109f2b15caeb1a539deb2cd19
POST /sync-do HTTP/1.1
Host: dortmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 163
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: application/json; charset=utf-8
content-length: 179
x-trace-id: c6e85f0dbc53e938a8ce35ecbe5f0601
access-control-allow-origin: https://uglootudsurvey.space
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
dortmark.net/sync-metrics
139.45.197.248200 OK 17 B URL OPTIONS HTTP/2 dortmark.net/sync-metrics
IP 139.45.197.248:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectdortmark.net
Fingerprint2D:58:01:B8:69:29:6C:35:45:78:06:E6:15:E1:E3:B9:8B:47:F6:52
ValidityTue, 11 Apr 2023 11:46:30 GMT - Mon, 10 Jul 2023 11:46:29 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: dortmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 99
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 91700af6fcb833fb322384991233cca0
access-control-allow-origin: https://uglootudsurvey.space
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:55:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (694)
Size 166 kB (166526 bytes)
Hash 43735f6c22399555891e8abf82e7410b
c877dbb7a2ab1492a796fd6339c035c5e823d0e5
07cf56e972b5898434ac9845ae9edf4cc697ef991f4be4e2232b926bc4d7ed98
GET /recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166526
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Jun 2023 14:01:27 GMT
expires: Sat, 08 Jun 2024 14:01:27 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 04 Jun 2023 14:00:37 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 28443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:55:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.15.101 471 B IP 104.18.15.101:0
Hash a786b64dcfe8ec30a5c3533c3e34e56c
86966bb07af72c834171b2b784a2a00322234f45
f716f873c7b6777ea6b2eff039d0810826e2ac0f889d0d3c26bf3c2aa4fee7b0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 21:55:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 05:19:53 GMT
Expires: Thu, 15 Jun 2023 05:19:52 GMT
Etag: "86966bb07af72c834171b2b784a2a00322234f45"
Cache-Control: max-age=458276,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d4c9e82c99d0b59-OSL
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
139.45.195.253200 OK 12 B URL POST HTTP/1.1 datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
IP 139.45.195.253:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerSectigo Limited
Subjectdatatechonert.com
Fingerprint6F:17:15:C2:7F:CC:16:6C:9D:C0:AD:C3:EE:DA:69:61:8C:77:0B:5B
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1336
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 09 Jun 2023 21:55:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://uglootudsurvey.space
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
uglootudsurvey.space/img/comments/person-5.jpg
104.21.14.156200 OK 4.3 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-5.jpg
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 21fd6ef6d69b527c02e92a8c23d28d52
5980b75edc23f7fa2f57fa257cb67c9efb86fa58
f37490dbef620959d7124e3de027c5b5c43a57dc90737163947a6725444051eb
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-5.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 4333
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
vary: Accept-Encoding
etag: "64834723-10ed"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXxcajdXVJSNNLYS2yjmllQPsZbwct71UiidgnnkhAjkDroZLpS0focs%2BYDrchVNG10%2F72S8RvY5fifRrdYTTEXfoouycKo7p35jJ4CtO4cquUw2L00f0BY6X3D7GbdlrfLyuKSQ5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b93e0b06-OSL
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/person-1.png
104.21.14.156200 OK 6.6 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-1.png
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 8f9a954bf05965bb41cf97a7ddb7a375
de9db936bbea75043e08a55d1f371678fca2270c
a787bd40650924a7bbc61d6ea0bbcaddae4b3129fd8028b68c3629210e41e26d
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-1.png HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/png
content-length: 6577
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-19b1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djukzTZNIVPjRF1rovTi1JFDC8sRnXZzaZaDIYyowqvJKs3NWj8V%2ByOPwES2kttnoSeG6n5RIme4wmbLbuEX4u8gXva%2BMlg3c5FMl7lfyu1RswxCGm4GBCtmSzQbet7rTTo39s0fiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b92d0b06-OSL
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/person-11.jpeg
104.21.14.156200 OK 4.2 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-11.jpeg
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 3924bdc784dc4947f52b779aa4d5a0aa
1e3f3fdd99490addd60014aa7327fe27c6bd5589
b3f882f57f9a213d85eb1c5c6a8a1451bd16dfcd9e4bd00e0a74584422dbd950
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-11.jpeg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 4175
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-104f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XOrx%2BPn4AmAvS8SSoxr2P2w%2BptFduNLDqQNfZeSOy68JADRIqB4lt9v%2FZI433IeihLaKX7t6C9bBmkWtnvl%2BkR3fHeqvc%2FXFITDQKI1A%2B2ucQhQcFENVotv1DeYnjWAV8EjJZ%2F3RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80e96f0b06-OSL
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/js/_is-browser-supported.d5013709.js
104.21.14.156200 OK 1.0 kB URL GET HTTP/3 uglootudsurvey.space/js/_is-browser-supported.d5013709.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (1102), with no line terminators
Hash 5eb35f09f0cb518908ce3d89cae032e6
bc4c0f92bbb3f014d5c1e1f1442facb4aa978204
e0278dc2a9171dc68dea59ab0e571efd5234974b783338cb82c3b4fe3076afda
Analyzer Verdict Alert quad9 Sinkholed
GET /js/_is-browser-supported.d5013709.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-3f7"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rFWKB8%2FwUUJYxXSU0nAIchAkWzennSpgC%2FJomoPK%2BwGRMbIzO3JLiV1rVXE%2FJkCookYep1hpHkidYK9%2B2reFmjbTqra7Ahkm58n6HQagDopI%2BwtlA3yDdG7QzA5FwEO%2BMJraExPTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaed10b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/icon-survey.svg
104.21.14.156200 OK 3.1 kB URL GET HTTP/3 uglootudsurvey.space/img/icon-survey.svg
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3164), with no line terminators
Hash be0098d1d8838c0172c3107086338256
924bedb900cfbbf46aee1acc68b09666d1cd08b0
cce75f9c57b1c4430adecff06f7575ac7316c3381477a841f557646d0ac6af8a
Analyzer Verdict Alert quad9 Sinkholed
GET /img/icon-survey.svg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: image/svg+xml
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: W/"64834724-c19"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUm7j13WxqFLxOfGF79t10BtGpPgC0OCv5BdRhLrBAPWSYVJfmlWCW%2FZZZ9h9BvdYg75PZcoyrRPusdomOfNvyRzQ8wRyjgl6jpWUvRxgsSSTlFaHw2ubMD4Z8dOAR%2FDM3PODQW2Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7f6fb00b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/js/config/dict/cookie-consent-1.json?v=10
104.21.14.156200 OK 6.8 kB URL GET HTTP/3 uglootudsurvey.space/js/config/dict/cookie-consent-1.json?v=10
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (6009), with no line terminators
Hash 4b2ff958e811a50d2f641818590b443d
6abae297812bb55fad869e953e7fdf7469cbe1ae
9c77a5f3d0028d9ba122ed15728ee7b144619431f8302503a19c5785ddaa06b8
Analyzer Verdict Alert quad9 Sinkholed
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/json
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
vary: Accept-Encoding
etag: W/"64834723-1a65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhUbDb6fNdEhHQeq12Mxt4UzrkIA5ewRioLA9moQGjDGoiS4BF4V3Z7%2FDM%2Bqun08ZLJdZc%2B0v158lZJWd9cY5vdGO1Bo6UpKHJNmF%2BsMKulJb8DC%2Buq2WopdTJ4g2j0CO%2B4Jm8wZCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7f8fee0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/js/v-immer.esm.mjs.cb4e4807.js
104.21.14.156200 OK 10 kB URL GET HTTP/3 uglootudsurvey.space/js/v-immer.esm.mjs.cb4e4807.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (10496), with no line terminators
Hash a35cfb8514c1353e1e9d1eae47e09e82
2b0e6f58956649df6006870d448dae48dfeac579
80179fc9be755b90e97e2de0f19912d8aadd3236a26a862b6f44cfe697a95fb1
Analyzer Verdict Alert quad9 Sinkholed
GET /js/v-immer.esm.mjs.cb4e4807.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834723-2900"
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kb1E0r5dfUv18JoM7WavD9x0aK6XR1wbsO7K5Pqw9adv6OixJVcJGWIAq9X%2F4BQmB%2BAXpCl93JT%2Ff8dKq8ZRGKThrmeUBEVc%2BmqJPZ1cPV0tu2Owxad%2FalD%2FF1ADtbixa8FvomlMkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaee20b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
my.rtmark.net/gid.js?userId=e88b5bbc4b5a1aac227288c4bd960e5a
139.45.195.8200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=e88b5bbc4b5a1aac227288c4bd960e5a
IP 139.45.195.8:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash db8165b1cc9c73241ad4923070fc4fc8
2f80c28838df610299a5a92bb96991ea9d31b914
5a0d27a79407260f1591f65fbecd662d07933577d4f64368fdddfed94b6ec239
GET /gid.js?userId=e88b5bbc4b5a1aac227288c4bd960e5a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://uglootudsurvey.space
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=eb23aec82149492008eb9d4fa8343651; expires=Sat, 08 Jun 2024 21:55:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
uglootudsurvey.space/js/config/data/sd-1203056.js?v=10
104.21.14.156200 OK 8.0 kB URL GET HTTP/3 uglootudsurvey.space/js/config/data/sd-1203056.js?v=10
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (8495), with no line terminators
Hash 12431367966944827c4c2ae11ca2109c
6d849c10d9d47ce67b7d51a5cd4fed0dc23136c2
f16757b712b32bc30731546035f271087fbec831338b54f6cac5c6f88b0425ac
Analyzer Verdict Alert quad9 Sinkholed
GET /js/config/data/sd-1203056.js?v=10 HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-1f36"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNeli%2BpYK0OkBf0bwJDX6ogMy5brC0xF4pFESVZ33V4Z6DlmImESxqjglG36Kgyda9OT7T4W68jHsYGElDVt4fQxlYkSbl42a4bbMjidgJR7IOMT7qszU7w5OB4OScuVsJdpPhaajQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7f6fbb0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/person-4.jpeg
104.21.14.156200 OK 2.7 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-4.jpeg
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 6cf64555e2de0ff8b5391081b648b89a
a32008bacf7f8cd3859eb86c6c8d36eeb15dbdf0
d4f513bf3a5691b900739cf79285d18ef09ef4b81eca648261b15a693d21818d
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-4.jpeg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 2709
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
vary: Accept-Encoding
etag: "64834723-a95"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32bXdBIR7JY3%2FjyAQt7JiU2NM9vM1hdcK4jfWgzR01fXbTc9Fw%2FhYxcuZrIxboMHSdPtKpfqQC8CdchsnNqfFlZ6WsGjSXt8%2BrAn6z7yjrxNlE%2B0O1A0C0HZAVQJm8t95BNYGTadzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b93b0b06-OSL
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/js/_rtc.ac975031.js
104.21.14.156200 OK 11 kB URL GET HTTP/3 uglootudsurvey.space/js/_rtc.ac975031.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (11189), with no line terminators
Hash 947357b088fadcacce60a443b015f9be
a1f1339ff23a581cc7ef37cf502cf71453aa3d2d
24ed11341d8fa8d4679665e6268020dd115667d8c27ccbe6eb54c015b6dadcd2
Analyzer Verdict Alert quad9 Sinkholed
GET /js/_rtc.ac975031.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-2bb5"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfJnm85ER3nh7RVgkXu30BJuyDgz9iKxc%2FP1bOWNyFMtj24oSRA5PMasCAfDVZaUlHDvTt7iEESeMARlrnHf%2FyA8GxG4VnseGgkA90vheyh7fnFFVCwRBC9aGPfYj83oYx604OlHFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaed30b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/js/v-react-dom.production.min.js.36d6f8aa.js
104.21.14.156200 OK 129 kB URL GET HTTP/3 uglootudsurvey.space/js/v-react-dom.production.min.js.36d6f8aa.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 129 kB (129259 bytes)
Hash 12a14e476144ad086e6c92f93a608771
bd935ddfd265040111dcec95a1df78c25a1b1440
3b3f96d223e89d327bda4caad2e3f83389b111fcfaaad537a6210e25222af74d
Analyzer Verdict Alert quad9 Sinkholed
GET /js/v-react-dom.production.min.js.36d6f8aa.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-1f8eb"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzr04vh6iZw0Lzre%2BxZEz3%2FVDwEABkmRD1gTHSjHoeX5%2BzC4pt5OJHiBSJDQ64SwLVBGqg4Kk6EbETOeJybMWZ9JmEN4Qysldy47ubSqvWnKOtXHEzdRkQks644m5R8pP4tklAp%2F9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaee70b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdntechone.com/stattag.js
188.114.96.1200 OK 18 kB URL GET HTTP/2 cdntechone.com/stattag.js
IP 188.114.96.1:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (17871)
Hash 0fdff67feab23cc69ecfb6800fc54cb7
eb84c650e6d27e290795207b1f37dd7b67f2aa06
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:53 GMT
etag: W/"646736c9-4859"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2971
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlizIYsU5BQHiWn2irhma2izCI1hqnIs5H4qci6yy2mILvydq5Vsug%2FpUeH%2B3YaFi8a%2FXQ6OPMVMXnKiLbdqnGcC2QwGv%2FhSg9QwJE%2BqnCxrutOXnFmLkJgSReqI2kxjnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4c9e803f74b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
uglootudsurvey.space/js/config/comments/en.json
104.21.14.156200 OK 4.5 kB URL GET HTTP/3 uglootudsurvey.space/js/config/comments/en.json
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type Unicode text, UTF-8 text, with very long lines (5176), with no line terminators
Hash 0f8a677240ca082b8875f3c8d3bf5c42
19641ee3e340098b44d1d248e7c1a99dd0daafdf
2f5cff997105c8b995ec55f36e2656e14e1676f23244471f6115bc1d04c821c1
Analyzer Verdict Alert quad9 Sinkholed
GET /js/config/comments/en.json HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/json
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: W/"64834724-11ad"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifipB8XRb087N1Z%2BwjiFfCb8PjMj9bMAiVtw8k%2Fn9GhAet6T3ASzp%2FqE2qSVVQiMWonFJJiIH7EfV8xMjJD6kfoKa4nfiyfe7ZVDC60ttsaRrjkqGI0Caf1upOuJZeo4feJPlJgV8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7fe85a0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
104.21.14.156200 OK 5.2 kB URL User Request GET HTTP/3 uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
IP 104.21.14.156:443
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5423), with no line terminators
Hash db4c608067d6b4c08cdf6957c2427362
f5fadeb991b3ecb6cd1b5f395eff149faac12015
85476dd413b3fe50098842bac62a7bcc39c8ab80ba87076ac88ac6ac86a2527e
Analyzer Verdict Alert quad9 Sinkholed
GET /finance-survey.html?utm_content=zd_public_v2 HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: text/html
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot6pPYXX%2Fc8WajTYi9CWQkyVaP7Etg23WJ05yjmEC0Vii%2BU9LUA2czm7WdhcmekYO%2FoinLgkBYAb%2Fkd3OQ%2FLpUns5X%2BpKedYz4PtHe15lH01SEaM468UAHUV1AqtKmyrW8Jty6l%2BVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7dbdf40b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/person-14.jpg
104.21.14.156200 OK 5.4 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-14.jpg
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 6012ff0d59aa6a34aaca1ea8f2fa88fc
ef59662c9b666106486039e9f1deb40fb4a8ff77
2c020310e91430067c7128425f14ac0ff1710aea5e67c144a8fceac46311182d
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-14.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 5392
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-1510"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKz7HEW2%2Fp1EQb17c6KMtJNtYv0WZXIR2Z7rqLG6rZXd6VwVw4SLUr42%2BDYQJXESHaRJAq64p%2FGxFRB3wwYMazyVf86GYlcauWNU3PQEtHuKq8NlOqj7yhNibBu0nhIm0w7zZX0JCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b9370b06-OSL
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/favicon.ico
104.21.14.156200 OK 1.2 kB URL GET HTTP/3 uglootudsurvey.space/favicon.ico
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 668ba1a9fa1890ba16cb8adc28d3dad8
5e35223b2541265114eaf61b9da2556c812fea17
7746cf1b553433822522f2dc432f55fe64eee1f1cf823ef6adfde02e58e1d7e2
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/x-icon
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: W/"64834724-47e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84V4KzcZCFdlu0eJM1KOyaFnDIYMMuw%2BpuK30RzpLTR1jEyakJcvC2t%2F7EOr0JgoqvoLqYN7HOhYY0ZhemABGZP7XNumjWWdMSH%2Bf2SWQHMw5QrcbyVuBCIV3bcIJsku7%2FWYDRecUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e82ec250b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/js/_global-config-sd.002b34e9.js
104.21.14.156200 OK 1.4 kB URL GET HTTP/3 uglootudsurvey.space/js/_global-config-sd.002b34e9.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (1450), with no line terminators
Hash 86ff3b66c53f099f3e0c062417f6aa18
18c8d7178caf8fae97722d1a985b1a2b3113a8b6
92852ebc30812881844a4a10716223cb0c19b7021d7c4d6af38692f4889b2724
Analyzer Verdict Alert quad9 Sinkholed
GET /js/_global-config-sd.002b34e9.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-594"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzT0NMMK3Fhjae%2FaeJdvQdVxGumEbhvKl9I2qxnOEsroWlqnGGKK0pViEuZi%2Fm%2ByxoOeVZb2sPMhk1N85kUO8jBUgFd8FhAvyXfXfVr2ixIY1ZvVDpQSv4oTkyAic4o0kooPsvRgUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaed20b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/js/v-index.mjs.ee4bcd4e.js
104.21.14.156200 OK 35 kB URL GET HTTP/3 uglootudsurvey.space/js/v-index.mjs.ee4bcd4e.js
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (35051), with no line terminators
Hash 581c20a8830d62654a35258d921ffaa9
a76b36628b3100e38df0da68b1a51f6552313027
90702e4fb3693a40b11178a9f7d6d09c718f0e028a45e5d36eb5bb191ef67dd7
Analyzer Verdict Alert quad9 Sinkholed
GET /js/v-index.mjs.ee4bcd4e.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-88eb"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVE2fPCI%2Fm3SgqcfKlUrlV%2FElGShryVb4cf%2Fgo95ZxxRjsZfD6MJ1TcTzhmfnhyF2vIy%2F1AwJfe06Rr%2BgX86TQMDlxYDLFlXV9COdN%2BMNpvsl9f9yGr2I6ZZZBmwcMP3BdDK2qprWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaee50b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/unnamed.jpg
104.21.14.156200 OK 1.4 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/unnamed.jpg
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 449aaf5a54e3fe3aa4f0f5875bede090
b2b897362626700277b7f8baca8b1f292d08b7e5
4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/unnamed.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 1378
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-562"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76fX0wQ03ioHznPK9qI5DPOL50DKErX%2Bqmrgxo2LB7uy8L2w0cXpFlt2caN%2F52CNLpk8kO70ecUVbDIRsHqa87FcH90NHJKsYZwNZE3keoGR1W%2FcJNy%2Bqd20Xj4FM6YEJe0vXRjxXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b92b0b06-OSL
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/css/survey.d131f88b.css
104.21.14.156200 OK 67 kB URL GET HTTP/3 uglootudsurvey.space/css/survey.d131f88b.css
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3d4dda6899aa1cc59db8c60183e3e4e6
835df21f73371534534fb0490f0a5e2e4b83dec0
5210b11a0cae9f500faf428ef7a0114bff65bb797241d8a8e7ad712111364723
Analyzer Verdict Alert quad9 Sinkholed
GET /css/survey.d131f88b.css HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=67096
etag: W/"64834724-10618"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teWkj1GytH3ZljYrf0buxhNmt5%2BsjcrSiTyYZT90%2BSWLJlE%2B7xvR6iAZ0EHPZoirs2NbASsS%2BJS0kiaRE9UiJ06MtYETbZJn7KCrekEBxv2F2HcJbhlJyHNxhMAKnsJtRKOhirSgVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7ebef80b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
uglootudsurvey.space/img/comments/person-3.png
104.21.14.156200 OK 7.4 kB URL GET HTTP/3 uglootudsurvey.space/img/comments/person-3.png
IP 104.21.14.156:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 2f62e53b6333bc904be22a37a1fd0ace
6e972fefcbe0193d9b28817c47c1ceab2a0235d1
9128194f1b1bf44435a3e80f994157b94a40a3365cd8f0794dcadb41a24c3b41
Analyzer Verdict Alert quad9 Sinkholed
GET /img/comments/person-3.png HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/png
content-length: 7368
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-1cc8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EG4yVUacjHfgTvOCaVaPTYSPDnbBlymbXQDCvYzFNFizNjXbSvrn1qV%2BfkIb%2B3aVC2pREYQGdOu915ctQqqQChH99kAzP8JipyHHbSOk8lUi1Ir1r0MleWaZRJ%2B49wDNEBuVveeaug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b9470b06-OSL
alt-svc: h3=":443"; ma=86400
www.google.com/recaptcha/api.js?render=explicit&hl=en
142.250.74.132200 OK 852 B URL GET HTTP/2 www.google.com/recaptcha/api.js?render=explicit&hl=en
IP 142.250.74.132:443
Requested by https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E
ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT
File type ASCII text, with very long lines (852), with no line terminators
Hash 36a5ebb2703c648a8c8e8498ffc050bc
dfff65a1fbaf687d2c279dc43882625190a2b155
fc626724d7a9b21841585f0d8957194d747a5bc4d9098e9e8704c3e3c919b002
GET /recaptcha/api.js?render=explicit&hl=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Fri, 09 Jun 2023 21:55:30 GMT
date: Fri, 09 Jun 2023 21:55:30 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2