GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
 143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 14:13:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dtv3mG_8-NxyvRTKmkY8C51_iSxUpmi9OoFOv32FYjiezqtTZUrdXg==
Age: 1756
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9196
Expires: Tue, 20 Sep 2022 17:15:41 GMT
Date: Tue, 20 Sep 2022 14:42:25 GMT
Connection: keep-alive
|
GET /?ye=82062 HTTP/1.1
Host: rassid.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
162.0.232.30
HTTP/1.1 301 Moved Permanently
content-type: text/html
keep-alive: timeout=5, max=100
content-length: 707
date: Tue, 20 Sep 2022 14:42:25 GMT
server: LiteSpeed
location: https://rassid.site/?ye=82062
x-turbo-charged-by: LiteSpeed
|
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qFtQ0N3oHzHmoZZwoPpkujsIotb1Ed-UotWbjIysqRKnks-bKPR3gw==
age: 36432
X-Firefox-Spdy: h2
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Tue, 20 Sep 2022 14:42:25 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 14:03:22 GMT
Expires: Tue, 20 Sep 2022 14:28:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dePnRV5RKxfcxZFNVt-LKld1ou9f53jcncsz9xMveutHSQFUeMivkQ==
Age: 2343
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 4091
Cache-Control: max-age=153150
Date: Tue, 20 Sep 2022 14:42:26 GMT
Etag: "63297495-1d7"
Expires: Thu, 22 Sep 2022 09:14:56 GMT
Last-Modified: Tue, 20 Sep 2022 08:06:45 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
|
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Hy+If4Jh4SVoGMVU9k1brw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
search
44.242.32.27
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jvH39H2BdfCq6WzsxX4/wXT18Yc=
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5324
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 14:42:26 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5324
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 14:42:26 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5324
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 14:42:26 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5324
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 14:42:26 GMT
Connection: keep-alive
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:43 GMT
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
age: 59563
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:44 GMT
age: 59562
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 10:06:02 GMT
age: 16584
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -VBFetQNkmIiWeJtW5IOheaPLdDHM9iKhiGPzVcA3_KQk7Qha5VrXg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:14:25 GMT
age: 59281
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2kU9PLuzusMR04mNUdwbU6-120ESVhYJtNaIixERO68Vo9jEfP3JWg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:04:47 GMT
age: 59859
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oJyChyEdTbGx6oQCRy6IVMS8qU22LupFYn6FOii3p4BUVFyKnssQ7Q==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:05:54 GMT
age: 59792
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:42:26 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 02:20:05 GMT
Expires: Sun, 25 Sep 2022 02:20:04 GMT
Etag: "a7342faf49d8af0f7e3a3ec13769c1f3487bb8df"
Cache-Control: max-age=386857,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db53df5e8a0afa-OSL
|
GET /?ye=82062 HTTP/1.1
Host: rassid.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
search
162.0.232.30
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
location: https://2get.site/25gb/?else
content-length: 0
date: Tue, 20 Sep 2022 14:42:27 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:42:27 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:28:09 GMT
Expires: Tue, 27 Sep 2022 04:28:08 GMT
Etag: "731e43ec713a718a6816b8d06850ede4bf000190"
Cache-Control: max-age=567340,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db53eb49670afa-OSL
|
GET /25gb/?else HTTP/1.1
Host: 2get.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
search
162.0.232.30
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
content-length: 438
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 14:42:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
GET /pc/ HTTP/1.1
Host: arabs4.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
 92.205.12.81
HTTP/1.1 200 OK
Content-Type: text/html
Date: Tue, 20 Sep 2022 14:42:28 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 26 Aug 2022 20:50:22 GMT
ETag: "c63c23-da-5e72b100b171b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 145
Keep-Alive: timeout=5
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:42:29 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 12:50:31 GMT
Expires: Mon, 26 Sep 2022 12:50:30 GMT
Etag: "84aaf9399d73e2cf8bd577e7526f635f69e34043"
Cache-Control: max-age=511080,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db53f439eb0afa-OSL
|
GET /click?pid=1309&offer_id=73824&sub1=Cdb7f41da49b9e&sub5=2476&sub6=http%3A%2F%2Farabs4.net%2F&sub7=http%3A%2F%2Farabs4.net%2F HTTP/1.1
Host: run.storkmobi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
 34.90.81.51
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 14:42:29 GMT
content-length: 0
location: https://theluckerssurvey.top/finance-survey.html?z=4493500&offer_id=2897&var=1309_2476&ymid=6329d155c4af280001f225cb
referer:
referrer-policy: no-referrer
set-cookie: afclick=6329d155c4af280001f225cb; expires=Wed, 20 Sep 2023 14:42:29 GMT; secure; SameSite=None
afoffers={"73824":1663684949}; expires=Wed, 20 Sep 2023 14:42:29 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 344
ETag: "9EBAF15BFB074850CC91226E3595A19C0CDA0CEEAE2FC97BB49F49EA05CF6E94"
Last-Modified: Tue, 20 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4015
Expires: Tue, 20 Sep 2022 15:49:24 GMT
Date: Tue, 20 Sep 2022 14:42:29 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 344
ETag: "9EBAF15BFB074850CC91226E3595A19C0CDA0CEEAE2FC97BB49F49EA05CF6E94"
Last-Modified: Tue, 20 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4015
Expires: Tue, 20 Sep 2022 15:49:24 GMT
Date: Tue, 20 Sep 2022 14:42:29 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:42:30 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 06:25:21 GMT
Expires: Mon, 26 Sep 2022 06:25:20 GMT
Etag: "72219bfe4412de462135af38de924431a60cd5f5"
Cache-Control: max-age=487969,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db53f8ce1b0afa-OSL
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:42:30 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 06:25:21 GMT
Expires: Mon, 26 Sep 2022 06:25:20 GMT
Etag: "72219bfe4412de462135af38de924431a60cd5f5"
Cache-Control: max-age=487969,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db53f9c80eb50b-OSL
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "339289A3811C6A4ED49FF4F76977C595716CBF8B3A8B7531FDE0A3CE1EA4A603"
Last-Modified: Mon, 19 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18989
Expires: Tue, 20 Sep 2022 19:58:59 GMT
Date: Tue, 20 Sep 2022 14:42:30 GMT
Connection: keep-alive
|
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theluckerssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: nginx
date: Tue, 20 Sep 2022 14:42:30 GMT
content-length: 65
access-control-allow-origin: https://theluckerssurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=985b7bee22cc4800964af20c3b3d8d6e; expires=Wed, 20 Sep 2023 14:42:30 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
GET /track?offer_id=2897&z=4493500&request_var=1309_2476&variable2=6329d155c4af280001f225cb HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theluckerssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
139.45.197.237
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Tue, 20 Sep 2022 14:42:30 GMT
content-length: 172
x-trace-id: 2a3f45947c22013b52a6105bd1ef97f2
access-control-allow-origin: https://theluckerssurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:42:30 GMT
Content-Length: 939
Connection: keep-alive
Expires: Sat, 24 Sep 2022 12:42:47 GMT
ETag: "3b9f490f1e1c5d463944ddbb28aa833c82c3e90f"
Last-Modified: Tue, 20 Sep 2022 12:42:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3471
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db53fbccf80b55-OSL
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:42:30 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 01:33:16 GMT
Expires: Tue, 27 Sep 2022 01:33:15 GMT
Etag: "429f1063b9f685a79d430b35e7ff21cd421c1900"
Cache-Control: max-age=556844,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db53fbd8d30afa-OSL
|
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Origin: https://theluckerssurvey.top
Content-Length: 1673
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
139.45.195.253
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Server: nginx/1.19.10
Date: Tue, 20 Sep 2022 14:42:30 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://theluckerssurvey.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
 77.88.21.119
HTTP/2 200 OK
content-type: application/javascript
content-length: 72206
date: Tue, 20 Sep 2022 14:42:30 GMT
access-control-allow-origin: *
etag: "63295b76-11a0e"
expires: Tue, 20 Sep 2022 15:42:30 GMT
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
77.88.21.119
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Tue, 20 Sep 2022 14:42:30 GMT
access-control-allow-origin: *
etag: "63295b76-2b"
expires: Tue, 20 Sep 2022 15:42:30 GMT
accept-ranges: bytes
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Ftheluckerssurvey.top%2Ffinance-survey.html%3Fz%3D4493500%26offer_id%3D2897%26var%3D1309_2476%26ymid%3D6329d155c4af280001f225cb%26utm_campaign%3D1309_2476%26utm_medium%3D4493500%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A169%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A662077089418%3Ahid%3A873431857%3Az%3A0%3Ai%3A20220920144230%3Aet%3A1663684951%3Ac%3A1%3Arn%3A908182094%3Arqn%3A1%3Au%3A1663684951971154030%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C63%2C0%2C%2C0%2C%2C96%2C2%2C%2C%2C%2C258%3Ans%3A1663684949773%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663684951%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theluckerssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
77.88.21.119
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Ftheluckerssurvey.top%2Ffinance-survey.html%3Fz%3D4493500%26offer_id%3D2897%26var%3D1309_2476%26ymid%3D6329d155c4af280001f225cb%26utm_campaign%3D1309_2476%26utm_medium%3D4493500%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A169%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A662077089418%3Ahid%3A873431857%3Az%3A0%3Ai%3A20220920144230%3Aet%3A1663684951%3Ac%3A1%3Arn%3A908182094%3Arqn%3A1%3Au%3A1663684951971154030%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C63%2C0%2C%2C0%2C%2C96%2C2%2C%2C%2C%2C258%3Ans%3A1663684949773%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663684951%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 20 Sep 2022 14:42:30 GMT
access-control-allow-origin: https://theluckerssurvey.top
set-cookie: yandexuid=2408985241663684950; Expires=Wed, 20-Sep-2023 14:42:30 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2408985241663684950; Expires=Wed, 20-Sep-2023 14:42:30 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1900968851663684950; Path=/; SameSite=None; Secure
i=gRMmMPTNqBCz/FO6psOHz2zki0hA7hSRh/KVL5T6bYZq8pTR9cd4aDlZUD874IY+bxxOTJIaWWXhUPn7XkI8JqF3dgc=; Expires=Fri, 17-Sep-2032 14:42:30 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695220950.yrts.1663684950#1695220950.yrtsi.1663684950; Expires=Wed, 20-Sep-2023 14:42:30 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 14:42:30 GMT
last-modified: Tue, 20-Sep-2022 14:42:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
POST /watch/66423859/1?page-url=goal%3A%2F%2Ftheluckerssurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Ftheluckerssurvey.top%2Ffinance-survey.html%3Fz%3D4493500%26offer_id%3D2897%26var%3D1309_2476%26ymid%3D6329d155c4af280001f225cb%26utm_campaign%3D1309_2476%26utm_medium%3D4493500%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1663684950_2eec020a263a3b1bc9c2c2d58e1899afa4ec2fcd56eca882264d14a560f0d5f1&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A662077089418%3Ahid%3A873431857%3Az%3A0%3Ai%3A20220920144231%3Aet%3A1663684951%3Ac%3A1%3Arn%3A685487223%3Arqn%3A2%3Au%3A1663684951971154030%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1049%2C1049%2C0%2C%3Ans%3A1663684949773%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663684951%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 77
Origin: https://theluckerssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
77.88.21.119
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Tue, 20 Sep 2022 14:42:31 GMT
access-control-allow-origin: https://theluckerssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 14:42:31 GMT
last-modified: Tue, 20-Sep-2022 14:42:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
POST /watch/66423859/1?page-url=goal%3A%2F%2Ftheluckerssurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Ftheluckerssurvey.top%2Ffinance-survey.html%3Fz%3D4493500%26offer_id%3D2897%26var%3D1309_2476%26ymid%3D6329d155c4af280001f225cb%26utm_campaign%3D1309_2476%26utm_medium%3D4493500%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1663684950_2eec020a263a3b1bc9c2c2d58e1899afa4ec2fcd56eca882264d14a560f0d5f1&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A662077089418%3Ahid%3A873431857%3Az%3A0%3Ai%3A20220920144231%3Aet%3A1663684951%3Ac%3A1%3Arn%3A528171624%3Arqn%3A3%3Au%3A1663684951971154030%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663684949773%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663684951%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://theluckerssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
77.88.21.119
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Tue, 20 Sep 2022 14:42:31 GMT
access-control-allow-origin: https://theluckerssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 14:42:31 GMT
last-modified: Tue, 20-Sep-2022 14:42:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
POST /watch/66423859/1?page-url=goal%3A%2F%2Ftheluckerssurvey.top%2FonStepChange&page-ref=https%3A%2F%2Ftheluckerssurvey.top%2Ffinance-survey.html%3Fz%3D4493500%26offer_id%3D2897%26var%3D1309_2476%26ymid%3D6329d155c4af280001f225cb%26utm_campaign%3D1309_2476%26utm_medium%3D4493500%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1663684950_2eec020a263a3b1bc9c2c2d58e1899afa4ec2fcd56eca882264d14a560f0d5f1&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A662077089418%3Ahid%3A873431857%3Az%3A0%3Ai%3A20220920144231%3Aet%3A1663684951%3Ac%3A1%3Arn%3A688895453%3Arqn%3A5%3Au%3A1663684951971154030%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663684949773%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663684951%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://theluckerssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
77.88.21.119
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Tue, 20 Sep 2022 14:42:31 GMT
access-control-allow-origin: https://theluckerssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 14:42:31 GMT
last-modified: Tue, 20-Sep-2022 14:42:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
POST /watch/66423859/1?page-url=goal%3A%2F%2Ftheluckerssurvey.top%2FonUnique&page-ref=https%3A%2F%2Ftheluckerssurvey.top%2Ffinance-survey.html%3Fz%3D4493500%26offer_id%3D2897%26var%3D1309_2476%26ymid%3D6329d155c4af280001f225cb%26utm_campaign%3D1309_2476%26utm_medium%3D4493500%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1663684950_2eec020a263a3b1bc9c2c2d58e1899afa4ec2fcd56eca882264d14a560f0d5f1&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A662077089418%3Ahid%3A873431857%3Az%3A0%3Ai%3A20220920144231%3Aet%3A1663684951%3Ac%3A1%3Arn%3A354988275%3Arqn%3A4%3Au%3A1663684951971154030%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663684949773%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663684951%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://theluckerssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
77.88.21.119
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Tue, 20 Sep 2022 14:42:31 GMT
access-control-allow-origin: https://theluckerssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 14:42:31 GMT
last-modified: Tue, 20-Sep-2022 14:42:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
POST /watch/66423859/1?page-url=goal%3A%2F%2Ftheluckerssurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Ftheluckerssurvey.top%2Ffinance-survey.html%3Fz%3D4493500%26offer_id%3D2897%26var%3D1309_2476%26ymid%3D6329d155c4af280001f225cb%26utm_campaign%3D1309_2476%26utm_medium%3D4493500%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1663684950_2eec020a263a3b1bc9c2c2d58e1899afa4ec2fcd56eca882264d14a560f0d5f1&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A662077089418%3Ahid%3A873431857%3Az%3A0%3Ai%3A20220920144231%3Aet%3A1663684951%3Ac%3A1%3Arn%3A881192871%3Arqn%3A6%3Au%3A1663684951971154030%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663684949773%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663684951%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://theluckerssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
77.88.21.119
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Tue, 20 Sep 2022 14:42:31 GMT
access-control-allow-origin: https://theluckerssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 14:42:31 GMT
last-modified: Tue, 20-Sep-2022 14:42:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
POST /watch/66423859/1?page-url=goal%3A%2F%2Ftheluckerssurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Ftheluckerssurvey.top%2Ffinance-survey.html%3Fz%3D4493500%26offer_id%3D2897%26var%3D1309_2476%26ymid%3D6329d155c4af280001f225cb%26utm_campaign%3D1309_2476%26utm_medium%3D4493500%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1663684950_2eec020a263a3b1bc9c2c2d58e1899afa4ec2fcd56eca882264d14a560f0d5f1&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A662077089418%3Ahid%3A873431857%3Az%3A0%3Ai%3A20220920144231%3Aet%3A1663684951%3Ac%3A1%3Arn%3A800687637%3Arqn%3A7%3Au%3A1663684951971154030%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663684949773%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663684951%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Origin: https://theluckerssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
77.88.21.119
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Tue, 20 Sep 2022 14:42:31 GMT
access-control-allow-origin: https://theluckerssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 14:42:31 GMT
last-modified: Tue, 20-Sep-2022 14:42:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
POST /watch/66423859/1?page-url=goal%3A%2F%2Ftheluckerssurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Ftheluckerssurvey.top%2Ffinance-survey.html%3Fz%3D4493500%26offer_id%3D2897%26var%3D1309_2476%26ymid%3D6329d155c4af280001f225cb%26utm_campaign%3D1309_2476%26utm_medium%3D4493500%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1663684950_2eec020a263a3b1bc9c2c2d58e1899afa4ec2fcd56eca882264d14a560f0d5f1&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A662077089418%3Ahid%3A873431857%3Az%3A0%3Ai%3A20220920144231%3Aet%3A1663684951%3Ac%3A1%3Arn%3A760129006%3Arqn%3A8%3Au%3A1663684951971154030%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1663684949773%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663684951%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 190
Origin: https://theluckerssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
77.88.21.119
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Tue, 20 Sep 2022 14:42:31 GMT
access-control-allow-origin: https://theluckerssurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 14:42:31 GMT
last-modified: Tue, 20-Sep-2022 14:42:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
GET /js/data/_global-config-sd.js?v=2 HTTP/1.1
Host: theluckerssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.21.62.197
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 20 Sep 2022 14:42:29 GMT
cf-bgj: minify
cf-polished: origSize=643
etag: W/"6329aee0-283"
last-modified: Tue, 20 Sep 2022 12:15:28 GMT
cache-control: max-age=1800
cf-cache-status: HIT
age: 512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fyj1c4txjblSv1m5C7LWVhSL1wnAYD5K65k8t1R54yrutYfD8Xb6FS7knlHSpkr4Hzv%2FhK%2BRZmFolP8%2BszMg0Dj%2F67JxBO9ulTYubRvJf9SZXTljqCX5%2FIZ3QpkO3TMaCTvsfMRYgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74db53f75a53b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf62dac-1ffa-4daa-b23e-b3be303c9660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 5827
x-amzn-requestid: 9a4bb6fa-13e5-4271-a5be-c551a570a5d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugoqHKbIAMF9WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e16a-53ccce5d5ab40afc1d0901af;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: m_-3SrgDfwcLY1kI5UKd2rrKapa8I3AwVwi-le2zWh40lt-GfIbNIw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:08:56 GMT
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
age: 59617
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /js/config.js?v=4 HTTP/1.1
Host: theluckerssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.21.62.197
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 20 Sep 2022 14:42:29 GMT
cf-bgj: minify
etag: W/"6329aedf-1017d"
last-modified: Tue, 20 Sep 2022 12:15:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 3526
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2F3VGYAj2GGbyjwsChcAQ4Rhv%2BL6csxFi0xR29RfKPLepvM7PMe24FFzdwO5Cr7Z1qjPAtOiFiAHSeFHI4hfeAY9IWSwwm7QT0e%2Fuu7v5FxZrxIJmvKGu8o1qwXNFKze53V5sn%2FK4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74db53f75a57b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /o/2476/53263332?s1= HTTP/1.1
Host: smrturl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://arabs4.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
104.21.76.170
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 14:42:28 GMT
x-powered-by: PHP/7.4.11
set-cookie: dynamo_v_id=Vdb18efe9437b7; expires=Wed, 21-Sep-2022 14:42:28 GMT; Max-Age=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMBRMgc1KFVEvZ%2FDUHabhsgC7KQmfTh2ymUwLSfpT%2BANbRF4Tpx5EmrrsBGQ7pGgxYnigTUovaUL4ZCKSJYN%2BLIEI12DKwxtJs%2Bg5%2FpoSS8cZLrqgKinKVY7RUB8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74db53ee5803fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /css/survey.css?v=1 HTTP/1.1
Host: theluckerssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.21.62.197
HTTP/2 200 OK
content-type: text/css
date: Tue, 20 Sep 2022 14:42:29 GMT
cf-bgj: minify
cf-polished: origSize=19835
etag: W/"6329aee1-4d7b"
last-modified: Tue, 20 Sep 2022 12:15:29 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 3526
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1arluxZRv1KCMbEHwYY9APGnZ65DBTnXcqLZJZsdEtaE6nW%2FqBpEz5mVGzkvVInLq872o4GCNK%2B1XZ2019mT5I8iwyq0pTj6l3mx6auul3ALqAeZGUsDoH4wEQrwYc7Fp9kZnXTLpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74db53f76a6ab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /img/icon-survey.svg HTTP/1.1
Host: theluckerssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.21.62.197
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 20 Sep 2022 14:42:29 GMT
last-modified: Tue, 20 Sep 2022 12:15:29 GMT
etag: W/"6329aee1-c26"
cache-control: max-age=1800
cf-cache-status: HIT
age: 512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhcKgpZKPL8nLJXQHzD4yD2G4ARCmH6FOIZL%2B72inqs4c9X8IOHEe5tfm0inLOYoT2vRhAA2Ouiv8M6mXs4SMFaIHFXtVyBOQ0JMqgAvUqIqPkbEPAk4Yw%2FA0nHGeAu2jIMQHQnZBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74db53f76a6eb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
 188.114.96.1
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 20 Sep 2022 14:42:30 GMT
last-modified: Thu, 04 Aug 2022 15:17:49 GMT
etag: W/"62ebe31d-a8fa"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhZjpRx8%2F0SwWPvI3UISeog88%2FRgLbri0kN544iUdxBnQ985EQHvSZbxJTFSWxDuzcDM23zTgSvqkmHllS%2FDni%2BHdeP0LS10JXmkMUpEuvUNlKUHklq9QolfTfU7AGHGqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74db53f9ee9bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /js/data/rtc.js?v=1 HTTP/1.1
Host: theluckerssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.21.62.197
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 20 Sep 2022 14:42:29 GMT
cf-bgj: minify
cf-polished: origSize=15077
etag: W/"6329aee0-3ae5"
last-modified: Tue, 20 Sep 2022 12:15:28 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUQdlltZNqJgQb5%2FE5zMY2zRZuQ2sTbqRb9lTZblfUhdSvL637ufZOxdYIU8wwc1yUNhZeTHFRoDydFzhY%2BkfaQ07ljg55FK29GZAFwT4wui%2BcOXaLmfFsQwy7udpRq5H09pYYUbHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74db53f75a54b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /js/binom-pixel.js HTTP/1.1
Host: theluckerssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.21.62.197
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 20 Sep 2022 14:42:29 GMT
cf-bgj: minify
etag: W/"6329aee1-4a3"
last-modified: Tue, 20 Sep 2022 12:15:29 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGB1WXzntcNAcNnpOZd8pxm8DXs6%2FEMQUnLRO67rDtNsyuYIzxb8YS8Dm2jnX7%2FZBES%2FO9Vb7Wyg%2FhBSKA3%2BZfaetdfNRQx9ns5ZVJDuRY7vHNiQ2Y3wxU1gYXL5FqHbjN75ywNfPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74db53f76a74b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /js/survey.js?v=11 HTTP/1.1
Host: theluckerssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.21.62.197
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 20 Sep 2022 14:42:29 GMT
cf-bgj: minify
cf-polished: origSize=300215
etag: W/"6329aee0-494b7"
last-modified: Tue, 20 Sep 2022 12:15:28 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 3526
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ls0xbxM0ag22ySQZGP4PfKwG2yjIAZTXpELZuoIPoNCphi1CGLmJlkPC5hUGh4oiPWOHphiJub5jOE%2FtlaGiOWQyJLd28fj%2Fk1u2%2BmC6AjxNNir97VtvxKq%2Fsu3jPBsv8jpHt4Faw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74db53f76a73b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /rotate?zz=4292527;4326652;5128285;4949467;5381242;5381316&var=4493500&ymid=1309_2476&uid=985b7bee22cc4800964af20c3b3d8d6e HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theluckerssurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 20 Sep 2022 14:42:30 GMT
x-trace-id: 63864697afabd837e71754375b2a04e7
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://theluckerssurvey.top
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=985b7bee22cc4800964af20c3b3d8d6e; expires=Wed, 20 Sep 2023 14:42:30 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /finance-survey.html?z=4493500&offer_id=2897&var=1309_2476&ymid=6329d155c4af280001f225cb HTTP/1.1
Host: theluckerssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
104.21.62.197
HTTP/2 200 OK
content-type: text/html
date: Tue, 20 Sep 2022 14:42:29 GMT
last-modified: Tue, 20 Sep 2022 12:15:27 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cj%2Bc0kCZp5HI5F0jqMJnVM3D7a5TMsqjozntrpXbUeKBQoX4Eqb2BSLfUP4BPv4AP8DHnW3zzHaJBkkyMYSmHKWnapDLs288%2BChlO%2F%2FkWH2jYyca4rEMFpl%2BzfddGz%2ByMXEM7KYM8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74db53f6a996b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /js/survey-site.js HTTP/1.1
Host: theluckerssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.21.62.197
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 20 Sep 2022 14:42:29 GMT
cf-bgj: minify
etag: W/"6329aee0-edd"
last-modified: Tue, 20 Sep 2022 12:15:28 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ml%2BTf8NPGDoGG5GT7kMO%2FFXYM3CTEfrFcQYNCRCT8cTANwThJ3qLyxHbqNyHwrt5wkTtS7%2BRn2a%2Bpbj3I02o3S0B6XjAVn%2BHLOfR5Eb5rzsAoPkCjriqDrh%2B1M6nc%2FNF%2BVzjB3XjDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74db53f76a71b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /css/style.css?v=1 HTTP/1.1
Host: theluckerssurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.21.62.197
HTTP/2 200 OK
content-type: text/css
date: Tue, 20 Sep 2022 14:42:29 GMT
cf-bgj: minify
cf-polished: origSize=40801
etag: W/"6329aee1-9f61"
last-modified: Tue, 20 Sep 2022 12:15:29 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BojYU3Jkr4W6cESLjagHuoKhjBSfFmuSj0Mtq2L7ccyGL7onLyWWG7He4x3BWD68fOS5ZdqwqdsSf06J4sS1bBXUe%2F26VV9QRCN%2FMdNcebjpTb%2BIcw8VPuEWDPOfmXKsYFTXPaCNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74db53f76a6cb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
31.170.164.241
104.21.66.9
3.70.16.242