adleadpro.scaletrk.com/click
3.66.76.143301 Moved Permanently 134 B URL HTTP/1.1 adleadpro.scaletrk.com/click
IP 3.66.76.143:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /click HTTP/1.1
Host: adleadpro.scaletrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 04 Nov 2022 16:13:03 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://adleadpro.scaletrk.com:443/click
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b7be8442ec1e518ccc80739495f6d047
7a9d24b9d4046262c7753c49afaf9c19f4840626
b93410a9d62da3f219796d753b61a0f730cc272c13596724aa9d20efba298b44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B93410A9D62DA3F219796D753B61A0F730CC272C13596724AA9D20EFBA298B44"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9785
Expires: Fri, 04 Nov 2022 18:56:08 GMT
Date: Fri, 04 Nov 2022 16:13:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cd02b32dbc8416dcb10b468af2166c33
503a9c4cabdb19dfde769f5e2d3ef919c818c364
46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6355
Cache-Control: max-age=155037
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 16:13:03 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 11:17:00 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cd02b32dbc8416dcb10b468af2166c33
503a9c4cabdb19dfde769f5e2d3ef919c818c364
46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4445
Cache-Control: max-age=153127
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 16:13:03 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 10:45:10 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6394
Expires: Fri, 04 Nov 2022 17:59:37 GMT
Date: Fri, 04 Nov 2022 16:13:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qvRcyfRFHZKl7zZIMHTWHh22jpnvfrwud/6R/ELOe9hZHA8x0BgXiUmKUefYCWhVPYHA3VGsHUo=
x-amz-request-id: 3ATE9MCN8E8RBKKE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 04 Nov 2022 16:09:39 GMT
age: 204
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 04 Nov 2022 16:13:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 367167ce6d834e939248e44b95e8ecdb
0fdc10e1d30b87f234863d7e6d97338d9c648417
17e68622fc9b496272a1fa80c06fd5296ead954bc20f99dd0f5786a2d31f624e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122111
Date: Fri, 04 Nov 2022 16:13:03 GMT
Etag: "63646447-1d7"
Expires: Sun, 06 Nov 2022 02:08:14 GMT
Last-Modified: Fri, 04 Nov 2022 01:00:55 GMT
Server: ECS (dcb/7F5E)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XSrDDlHEHGz5770f0eBEK5LLI0B0abugDUZipgux5h4dDaxNQ-SKpA==
Age: 4039
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 42a0adacced30df52cf7cad3e200036d
f7b4114defc61f806dbb74fd228bca155d52362a
e4928481739a2a75dce86c03b355c6dff507426e8d851cba5ca8537b1be87c20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5741
Cache-Control: max-age=149364
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 16:13:04 GMT
Etag: "6364c817-1d7"
Expires: Sun, 06 Nov 2022 09:42:28 GMT
Last-Modified: Fri, 04 Nov 2022 08:06:47 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0d296a679cf9c102af48cb338cf289df
62c31bcd8d84bbfe7899c1876be68027507b4154
0a2f0a2e874f79a2cc3de202a8cbe40e1a6177448c62eba85b393523a180787c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=168093
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 16:13:04 GMT
Etag: "636527ad-117"
Expires: Sun, 06 Nov 2022 14:54:37 GMT
Last-Modified: Fri, 04 Nov 2022 14:54:37 GMT
Server: nginx
Content-Length: 279
push.services.mozilla.com/
35.162.52.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.52.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kY6M4wQ9SN24D0KKsFk6xQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tSav8xEwLJDTNPOUXgv3Cuhsi4Y=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0d296a679cf9c102af48cb338cf289df
62c31bcd8d84bbfe7899c1876be68027507b4154
0a2f0a2e874f79a2cc3de202a8cbe40e1a6177448c62eba85b393523a180787c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=168093
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 16:13:04 GMT
Etag: "636527ad-117"
Expires: Sun, 06 Nov 2022 14:54:37 GMT
Last-Modified: Fri, 04 Nov 2022 14:54:37 GMT
Server: nginx
Content-Length: 279
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 47c0c289f3309aee37ff4acb38f6ab22
a935096ab4e8a56057cb2d9c366a6eb9b4fa9535
e099f5d8462f09cfd27f001bbc5f75271f9805b87a5b8165fb488cd95e9ec732
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 16:13:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 17:36:45 GMT
Expires: Thu, 10 Nov 2022 17:36:44 GMT
Etag: "a935096ab4e8a56057cb2d9c366a6eb9b4fa9535"
Cache-Control: max-age=522819,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 764ea288eda7b4f4-OSL
track.mk300.site/sl?id=621e76c0d9b88bb313742260&pid=54&sub1=pub88071e9c8c9e47f5b6773a8f6889da83&sub2=f6e5048b_7
35.204.70.16302 Found 0 B URL HTTP/2 track.mk300.site/sl?id=621e76c0d9b88bb313742260&pid=54&sub1=pub88071e9c8c9e47f5b6773a8f6889da83&sub2=f6e5048b_7
IP 35.204.70.16:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=621e76c0d9b88bb313742260&pid=54&sub1=pub88071e9c8c9e47f5b6773a8f6889da83&sub2=f6e5048b_7 HTTP/1.1
Host: track.mk300.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fast.fangthatsack.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 04 Nov 2022 16:13:04 GMT
content-length: 0
location: https://1d6ca649521.99tcoffers.com/?p=8287&media_type=mainstream&transaction_id=63653a102681870001471c68
x-adjust-use-original-forwarded-for: 1
referer:
referrer-policy: no-referrer
set-cookie: afclick=63653a102681870001471c68; expires=Sat, 04 Nov 2023 16:13:04 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 36b93a5b5a090d55a08e9495b8f7fa52
810b2de39069cd721f1777b4c6d549fb7d71af89
d9ea51fb3146b24eacddb102449ffdfb69a15e6a08d4c4ce47fd2493a334759f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9EA51FB3146B24EACDDB102449FFDFB69A15E6A08D4C4CE47FD2493A334759F"
Last-Modified: Fri, 04 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 04 Nov 2022 22:13:05 GMT
Date: Fri, 04 Nov 2022 16:13:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12730
Expires: Fri, 04 Nov 2022 19:45:15 GMT
Date: Fri, 04 Nov 2022 16:13:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12730
Expires: Fri, 04 Nov 2022 19:45:15 GMT
Date: Fri, 04 Nov 2022 16:13:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12730
Expires: Fri, 04 Nov 2022 19:45:15 GMT
Date: Fri, 04 Nov 2022 16:13:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12730
Expires: Fri, 04 Nov 2022 19:45:15 GMT
Date: Fri, 04 Nov 2022 16:13:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa936c143-4ac1-4c0f-a7c9-35638fe066ce.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa936c143-4ac1-4c0f-a7c9-35638fe066ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e2c2868516a60c335361ccef89c6090
b71b29860aca017ac124fb4037cec5dc3101474e
3ac5d5410a9d31317c2f31fe3e08cdb188e26bfffce5275b85cce986f2841d22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa936c143-4ac1-4c0f-a7c9-35638fe066ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3559
x-amzn-requestid: 63f00dbe-834f-4fbb-91c0-5e5378dc48aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0SvEOaIAMFRBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63643411-43380b3457de631756afdb81;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hit7lhSIgTngtNcj0qlMHVtdtjSdfA6-lP8QBAyhVJfqyS-PaMHNkw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 22:00:51 GMT
etag: "b71b29860aca017ac124fb4037cec5dc3101474e"
content-type: image/jpeg
age: 65534
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ae2b8d827fb2c8bef64febcd36f1645
f7705fcd2d91ce90c58e79324cce1e3abba6c1c8
2dc55e97ef3a85fccb104b80161a8bac16b12d37527c336563677432584c7ad5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11421
x-amzn-requestid: 8436166b-f342-44e9-9a31-e25dcaa7b85c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a2gEOEYRIAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f46e7-0616a6b95503fffd4f597509;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 03:54:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: g3OtcJnT2JfzIAvUjoLvC8pOzfwGFQ-M0cH4uwNSVcr2T9jYgCihTw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 23:36:56 GMT
age: 59769
etag: "f7705fcd2d91ce90c58e79324cce1e3abba6c1c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08eaa5d0-649d-4568-ac8b-ca60d91ab718.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08eaa5d0-649d-4568-ac8b-ca60d91ab718.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a763d44e05fa357713a41ab1388974a
d4d2ee1aa9beb5bbd19aaaf590c8a0832fb180cd
f351b7e90e5435af071892b62af3ac591bc553281b3ea63b1ae067a3d03f572d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08eaa5d0-649d-4568-ac8b-ca60d91ab718.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7703
x-amzn-requestid: 4f835957-6df6-4001-9c34-ed9749000b46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0RpFGwoAMF0-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364340a-3f7b7dd36cb07d057b64ec2f;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:06 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DknsakNef7SUQhERTPiLozTDA4tl1OEdE8ohicMEfVGvwaLwPX8d_Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:54:49 GMT
age: 65896
etag: "d4d2ee1aa9beb5bbd19aaaf590c8a0832fb180cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98808735-da09-4166-b898-eee474b2aed2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98808735-da09-4166-b898-eee474b2aed2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c472942cb4b85610a3e83edf7527f923
8191eb019b21bed2b9f53c755e1c24d08dc70760
0dc7f9902567b0130c1c34b6e356b8239f8e6c83e1d38ac9b74588270000279c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98808735-da09-4166-b898-eee474b2aed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10810
x-amzn-requestid: 85c9096f-2671-4f0e-94a3-607254d036d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC057E5yIAMFcXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364350c-3c93b6e56e6141a63d1285eb;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:39:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: i3Kso77aQ6Qt3z3KH189niLwWzWFJz7Y0aMQngNRahdqlMAo76WksQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:52:42 GMT
age: 66023
etag: "8191eb019b21bed2b9f53c755e1c24d08dc70760"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cdc7f46-586b-486f-968f-5fe03bbb41a9.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cdc7f46-586b-486f-968f-5fe03bbb41a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae1ac87f2e6534322ba259d6e06fcaa5
c721a00ae618e6ed997e102fa3d977ef830cac05
2f4cab8b925f6a79ed96b08edc00f04186d33ed9cfd4ba565884a931e83ae408
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cdc7f46-586b-486f-968f-5fe03bbb41a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7601
x-amzn-requestid: bec1a71e-c5bd-4332-ac60-18b49304a5a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a275aEHYoAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f736f-1b36c60a43415790430fbecf;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 07:04:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MORvkZWLXGvSFYxjnSiYJluJY302y_FTvACRUrEvo7vLYkheyEcE1g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 07:18:27 GMT
age: 32078
etag: "c721a00ae618e6ed997e102fa3d977ef830cac05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca6c7517d7015fbc35fa290c1c2d6afd
594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c
a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OI-hzSDTy-vFSFOZxI98XT8VZmnpFlU_cobzCTkrn4T5NuH8cqybMg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:52:32 GMT
age: 66033
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 511cba33b2cff54a452c7e6594a9353b
5fab2fe26af113aa2e4c92c5e69ba5970bbe6ee6
ad0482700535bc5abb71093a43a8ad68f73d5c0bbd88451d114ec1094bc8a81c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD0482700535BC5ABB71093A43A8AD68F73D5C0BBD88451D114EC1094BC8A81C"
Last-Modified: Thu, 03 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6160
Expires: Fri, 04 Nov 2022 17:55:45 GMT
Date: Fri, 04 Nov 2022 16:13:05 GMT
Connection: keep-alive
getsurv2youu.com/link?z=5339054&var=8287&ymid=5wsqz5dp13e2ki3o693uo40kg,16592299,5,8287
139.45.197.239302 Found 0 B URL HTTP/2 getsurv2youu.com/link?z=5339054&var=8287&ymid=5wsqz5dp13e2ki3o693uo40kg,16592299,5,8287
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /link?z=5339054&var=8287&ymid=5wsqz5dp13e2ki3o693uo40kg,16592299,5,8287 HTTP/1.1
Host: getsurv2youu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 04 Nov 2022 16:13:05 GMT
content-length: 0
location: https://tberjonk.com/link?z=3956710&var=5339054
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: a5c66b9760342d9f802910f0deb6f3f3
link: <https://tberjonk.com>; rel="dns-prefetch preconnect"
referrer-policy: no-referrer
set-cookie: OAID=34aa365c5e2341df954d25820840a3a8; expires=Sat, 04 Nov 2023 16:13:05 GMT
oaidts=1667578385; expires=Sat, 04 Nov 2023 16:13:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e94bdd03923c940b324366f555fa2447
fe1b8c12374ac518ae03e24d599d293c3ae284f3
82fbca52cf7ed9ee6056823cba46e696d0ea6c596f1fbb5f945ab62d30ec50e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82FBCA52CF7ED9EE6056823CBA46E696D0EA6C596F1FBB5F945AB62D30EC50E4"
Last-Modified: Fri, 04 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3994
Expires: Fri, 04 Nov 2022 17:19:39 GMT
Date: Fri, 04 Nov 2022 16:13:05 GMT
Connection: keep-alive
tberjonk.com/link?z=3956710&var=5339054
139.45.197.238302 Found 0 B URL HTTP/2 tberjonk.com/link?z=3956710&var=5339054
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /link?z=3956710&var=5339054 HTTP/1.1
Host: tberjonk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 04 Nov 2022 16:13:05 GMT
content-length: 0
location: https://dollarsurvey180.space/survey.html?offer_id=1916&geo=NO&oaid=872e3125b94a4589a1e36d7423a6aef9&s=612430638903201826&z=3956710&var=5339054&testinapp&autoexit_86400=3953544&abtest=10101
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 34f1e30c3ab919cf32fa5f28b23532db
link: <https://dollarsurvey180.space>; rel="dns-prefetch preconnect"
referrer-policy: no-referrer
set-cookie: OAID=872e3125b94a4589a1e36d7423a6aef9; expires=Sat, 04 Nov 2023 16:13:05 GMT
oaidts=1667578385; expires=Sat, 04 Nov 2023 16:13:05 GMT
OXCCLK=4105106.1; expires=Sat, 04 Nov 2023 16:13:05 GMT
allcnt=1; expires=Sat, 04 Nov 2023 16:13:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 95d8121db87b8d7f579f68b59d6caf18
b68a8312c81f42e5802f5d8b78128045b767e198
28b1c1f6c366d59556b4b94c89cd71483f85dbc26866c3b1f063e96b45a4932b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "28B1C1F6C366D59556B4B94C89CD71483F85DBC26866C3B1F063E96B45A4932B"
Last-Modified: Thu, 03 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17039
Expires: Fri, 04 Nov 2022 20:57:04 GMT
Date: Fri, 04 Nov 2022 16:13:05 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 95d8121db87b8d7f579f68b59d6caf18
b68a8312c81f42e5802f5d8b78128045b767e198
28b1c1f6c366d59556b4b94c89cd71483f85dbc26866c3b1f063e96b45a4932b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "28B1C1F6C366D59556B4B94C89CD71483F85DBC26866C3B1F063E96B45A4932B"
Last-Modified: Thu, 03 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17039
Expires: Fri, 04 Nov 2022 20:57:04 GMT
Date: Fri, 04 Nov 2022 16:13:05 GMT
Connection: keep-alive
dollarsurvey180.space/css/style.css?v=1
172.67.194.212200 OK 6.4 kB URL HTTP/2 dollarsurvey180.space/css/style.css?v=1
IP 172.67.194.212:0
File type ASCII text, with very long lines (40797), with no line terminators
Hash 14da8192efa7a12bcf500cead19ca9ee
341bf89070b3bd8b25d467ab5f9fce91a0bd288a
7915176889403ac4497a61e9a4df8007de55c5f6b639dc892db1862de07f4d00
GET /css/style.css?v=1 HTTP/1.1
Host: dollarsurvey180.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=40801
etag: W/"6364bc4b-9f61"
last-modified: Fri, 04 Nov 2022 07:16:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 1086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKhtRGYAHUBbAUFRZkiXvTsRmRpnzxXYNZudcq8tmZv%2BwEK3zNrIsK%2FF32EnaA4eGnY5FtcZqFWTrEsvAxGwnQ8u4ki54X%2BAmQ5dDvRN5Oc145silPyE%2BaMr5AWX2sbOU6E9fNds%2BKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764ea28fe9b1fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8ab3e3b58303d8e61f754b57bce34acd
7d79b92649d1503295cd41d4217c2625251b0b78
b6cef53f5a839be76ce2eca31cec56ff1e5717e16d4f3681de4a1033fdfe0ca4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6203
Cache-Control: max-age=117410
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 16:13:06 GMT
Etag: "63644979-117"
Expires: Sun, 06 Nov 2022 00:49:56 GMT
Last-Modified: Thu, 03 Nov 2022 23:06:33 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
cdntechone.com/stattag.js
172.67.149.153200 OK 5.5 kB URL HTTP/2 cdntechone.com/stattag.js
IP 172.67.149.153:0
File type ASCII text, with very long lines (12983), with no line terminators
Hash fc3b3d7a3e9cd186fffbdad99194dee3
dbcf1f9bb27d6a201c8415c9c24e99f9f06b3d2f
938a0bcfa70de31ee0fd71d6855f04c888fbd83314e6b5a85041426ef7790336
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:06 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:52 GMT
etag: W/"634eb2c0-32b7"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3043
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7eNCCDksvZ7e8wiAXJvsBEK8XCM7hZkgWjS%2FIRjLgX6%2FZ5UKmznqAemlGEFL7EW2K0w5UfOKqbY52cURwsZOixqiOYwlX6ERWjpl7FvtT36g80inLScavqHeNef39PLvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 764ea2922b33b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dollarsurvey180.space/css/finance-many.css?v=1
172.67.194.212200 OK 3.0 kB URL HTTP/2 dollarsurvey180.space/css/finance-many.css?v=1
IP 172.67.194.212:0
File type ASCII text, with very long lines (16079), with no line terminators
Hash 94f2c98953f28977d24be69264eca2db
770ef590230ce6c7c25d073aa4094c26ac481d9e
69131f73b1db7d484083f7a63e701d275552bf86c0580da3ec670ac63c2413b5
Analyzer Verdict Alert fortinet Phishing
GET /css/finance-many.css?v=1 HTTP/1.1
Host: dollarsurvey180.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=16082
etag: W/"6364bc4b-3ed2"
last-modified: Fri, 04 Nov 2022 07:16:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 1086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJvL%2B8iJ2vSyjNI%2FlP6uiyCt%2FwYPmPjndUMUDTMV8uPrvSCiFg70fqHb2Asy9oTZV4CbmCC9cerAswl6RfggFt5maS6htgtpPi3ujLrPkJ%2BwMZ8hjpwkUcS47%2FeSBtfG87WUFph0wdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764ea28fe9b4fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dollarsurvey180.space/js/data/_global-config-sd.js?v=5
172.67.194.212200 OK 1.9 kB URL HTTP/2 dollarsurvey180.space/js/data/_global-config-sd.js?v=5
IP 172.67.194.212:0
File type ASCII text, with very long lines (370), with no line terminators
Hash 4b29ab8abb5e7940e41000053d6696c8
fce25990ce95c3cef0a36a31789602cc5535f0ee
38df31fa911b9b37e3d13d9e2ef7311f79c83c8598eea2593d137118332f2dc0
GET /js/data/_global-config-sd.js?v=5 HTTP/1.1
Host: dollarsurvey180.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=683
etag: W/"6364bc4b-2ab"
last-modified: Fri, 04 Nov 2022 07:16:27 GMT
cache-control: max-age=1800
cf-cache-status: HIT
age: 1086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFYfPCtxxjy9gw9KPoyxQ4pwWzR8bAEar4Z4IUd9kabdK7xAlvQC7P67hg8G4GfEYHZETuzbx6AEJ1eG3EPzo5HayBVWzFtYRFtrJBIpWE8UemULsPIRq%2BV%2BYkPm7E5Rx%2FCleQU3TtY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 764ea28fe9a9fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dollarsurvey180.space/js/survey.js?v=16
172.67.194.212200 OK 100 kB URL HTTP/2 dollarsurvey180.space/js/survey.js?v=16
IP 172.67.194.212:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 100 kB (100454 bytes)
Hash ecb81936935d3fca6633fffdaf3964de
b4e069ec1dd6af795d4006e8ba3a91c1fc41fcea
be6fbbda10bf6162fbba89f5a08044210741d4ff303b07b90778a367adcce98f
Analyzer Verdict Alert fortinet Phishing
GET /js/survey.js?v=16 HTTP/1.1
Host: dollarsurvey180.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:05 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6364bc4b-4be7b"
last-modified: Fri, 04 Nov 2022 07:16:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 1086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9R5tNajHvvvaEFWHYPw6MME0eVEmNChFBtR9w2X3j0J%2FHkIoSeHhWzzcA0E4%2FxOtB0fo8KQCWuFsWTMU%2FaYTFji8SPQW3CH1wgDkxyh%2F6NS%2BB7XS6blXtogc0HE4sHYOIlu7NlOREYI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764ea28fe9b7fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dollarsurvey180.space/survey.html?offer_id=1916&geo=NO&oaid=872e3125b94a4589a1e36d7423a6aef9&s=612430638903201826&z=3956710&var=5339054&testinapp&autoexit_86400=3953544&abtest=10101
172.67.194.212200 OK 6.3 kB URL HTTP/2 dollarsurvey180.space/survey.html?offer_id=1916&geo=NO&oaid=872e3125b94a4589a1e36d7423a6aef9&s=612430638903201826&z=3956710&var=5339054&testinapp&autoexit_86400=3953544&abtest=10101
IP 172.67.194.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2129)
Hash 7ac35400c6baeed0d2a76624c104c087
f70095842eca472ef26fcbd867d0fa5578ba0a69
0ffcd68e256080368562581642fb0e85dd30a477d7d78b584e0971987e70a225
GET /survey.html?offer_id=1916&geo=NO&oaid=872e3125b94a4589a1e36d7423a6aef9&s=612430638903201826&z=3956710&var=5339054&testinapp&autoexit_86400=3953544&abtest=10101 HTTP/1.1
Host: dollarsurvey180.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:05 GMT
content-type: text/html
last-modified: Fri, 04 Nov 2022 07:16:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkt2Ta%2FTJpkp0Ik%2FzncE4xGeWHCmnCRdvNVOcTusMUL5hNCzsQU7wptRtKeQGwW%2B%2FFob81WXZkzqaQ%2FNJAgInBkY6px1mLokbj%2F3UkEu9QEFayWTD%2FPJP1Bv98dkgwVzlgbsLNpTQTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764ea28f5920fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 6bb9990fc521832208f25ccf5261b719
be8acfb80dfc034d5cbd7dabb318ea8853762c10
677f03256dacdc519c12971fd422fe1afa0ecca3864f4e8f7aa0bed4eecd9c38
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73397
date: Fri, 04 Nov 2022 16:13:06 GMT
access-control-allow-origin: *
etag: "63575841-11eb5"
expires: Fri, 04 Nov 2022 17:13:06 GMT
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81f59c184b96e6e7842833c19267d5ab
1a7b581f3f55f30869f896c8caea8f47768d267c
4c6da45424c8585bebf02f95a3fb159d5ce654358946085d3e10646cda65c575
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C6DA45424C8585BEBF02F95A3FB159D5CE654358946085D3E10646CDA65C575"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6366
Expires: Fri, 04 Nov 2022 17:59:12 GMT
Date: Fri, 04 Nov 2022 16:13:06 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7f353273a2311052dae4195a7aa906a7
34b058d2aec290f7a178dcd6bd7e7ca26625939f
97fffc633d9461377f1b369e432773b2dc0e64e4e8b858e204ddaa17cfbe4249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 16:13:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 13:33:18 GMT
Expires: Fri, 11 Nov 2022 13:33:17 GMT
Etag: "34b058d2aec290f7a178dcd6bd7e7ca26625939f"
Cache-Control: max-age=594610,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 764ea293aad1b4f4-OSL
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1120
Origin: https://dollarsurvey180.space
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 04 Nov 2022 16:13:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://dollarsurvey180.space
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 04 Nov 2022 16:13:06 GMT
access-control-allow-origin: *
etag: "63575841-2b"
expires: Fri, 04 Nov 2022 17:13:06 GMT
accept-ranges: bytes
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A148%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A138892682%3Arqn%3A1%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C64%2C0%2C%2C0%2C%2C76%2C1%2C%2C%2C%2C239%3Ans%3A1667578384910%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A148%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A138892682%3Arqn%3A1%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C64%2C0%2C%2C0%2C%2C76%2C1%2C%2C%2C%2C239%3Ans%3A1667578384910%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash af34310031c26e15aed43044850f0a5e
b5f0165827bc470b35c1eb8859ffe6717b417d27
2f0c259fb1ddd002fd75241161c4053a735902dd237dabe50af60cc0d5c809d8
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A148%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A138892682%3Arqn%3A1%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C64%2C0%2C%2C0%2C%2C76%2C1%2C%2C%2C%2C239%3Ans%3A1667578384910%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dollarsurvey180.space
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A148%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A138892682%3Arqn%3A1%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C64%2C0%2C%2C0%2C%2C76%2C1%2C%2C%2C%2C239%3Ans%3A1667578384910%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 04 Nov 2022 16:13:06 GMT
access-control-allow-origin: https://dollarsurvey180.space
set-cookie: yandexuid=1185960391667578386; Expires=Sat, 04-Nov-2023 16:13:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1185960391667578386; Expires=Sat, 04-Nov-2023 16:13:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1368565951667578386; Path=/; SameSite=None; Secure
i=4qtFYqwtqQ/Wig5rMnmVZBUXg5J3di+IonWOnwhdPWu23Slk3fFIf/unMp4SaubgQklH81dGOrAiAcdze+3hk0Sbncg=; Expires=Mon, 01-Nov-2032 16:13:01 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699114386.yrts.1667578386#1699114386.yrtsi.1667578386; Expires=Sat, 04-Nov-2023 16:13:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 16:13:06 GMT
last-modified: Fri, 04-Nov-2022 16:13:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonSurveyStart&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A525234952%3Arqn%3A2%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C949%2C949%2C1%2C%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonSurveyStart&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A525234952%3Arqn%3A2%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C949%2C949%2C1%2C%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonSurveyStart&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A525234952%3Arqn%3A2%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C949%2C949%2C1%2C%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 77
Origin: https://dollarsurvey180.space
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 04 Nov 2022 16:13:07 GMT
access-control-allow-origin: https://dollarsurvey180.space
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 16:13:07 GMT
last-modified: Fri, 04-Nov-2022 16:13:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonStepChange&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A872688548%3Arqn%3A5%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonStepChange&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A872688548%3Arqn%3A5%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonStepChange&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A872688548%3Arqn%3A5%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://dollarsurvey180.space
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 04 Nov 2022 16:13:07 GMT
access-control-allow-origin: https://dollarsurvey180.space
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 16:13:07 GMT
last-modified: Fri, 04-Nov-2022 16:13:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonAdexCall&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A480997667%3Arqn%3A3%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonAdexCall&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A480997667%3Arqn%3A3%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonAdexCall&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A480997667%3Arqn%3A3%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://dollarsurvey180.space
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 04 Nov 2022 16:13:07 GMT
access-control-allow-origin: https://dollarsurvey180.space
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 16:13:07 GMT
last-modified: Fri, 04-Nov-2022 16:13:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonNotificationPermission&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A1021376679%3Arqn%3A6%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonNotificationPermission&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A1021376679%3Arqn%3A6%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonNotificationPermission&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A1021376679%3Arqn%3A6%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Origin: https://dollarsurvey180.space
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 04 Nov 2022 16:13:07 GMT
access-control-allow-origin: https://dollarsurvey180.space
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 16:13:07 GMT
last-modified: Fri, 04-Nov-2022 16:13:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonUnique&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A658528582%3Arqn%3A4%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonUnique&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A658528582%3Arqn%3A4%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonUnique&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A658528582%3Arqn%3A4%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://dollarsurvey180.space
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 04 Nov 2022 16:13:07 GMT
access-control-allow-origin: https://dollarsurvey180.space
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 16:13:07 GMT
last-modified: Fri, 04-Nov-2022 16:13:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonAdexLoad&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A174440460%3Arqn%3A7%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonAdexLoad&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A174440460%3Arqn%3A7%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonAdexLoad&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A174440460%3Arqn%3A7%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://dollarsurvey180.space
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 04 Nov 2022 16:13:07 GMT
access-control-allow-origin: https://dollarsurvey180.space
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 16:13:07 GMT
last-modified: Fri, 04-Nov-2022 16:13:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A565068727%3Arqn%3A8%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A565068727%3Arqn%3A8%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A565068727%3Arqn%3A8%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://dollarsurvey180.space
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 04 Nov 2022 16:13:07 GMT
access-control-allow-origin: https://dollarsurvey180.space
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 16:13:07 GMT
last-modified: Fri, 04-Nov-2022 16:13:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonGetIppRotate&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A248574591%3Arqn%3A9%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonGetIppRotate&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A248574591%3Arqn%3A9%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey180.space%2FonGetIppRotate&page-ref=https%3A%2F%2Fdollarsurvey180.space%2Fsurvey.html%3Foffer_id%3D1916%26geo%3DNO%26oaid%3D872e3125b94a4589a1e36d7423a6aef9%26s%3D612430638903201826%26z%3D3956710%26var%3D5339054%26testinapp%3D%26autoexit_86400%3D3953544%26abtest%3D10101%26utm_campaign%3D5339054%26utm_medium%3D3956710%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1667578386_5d4b2b86985f7402800dffcc68ca95743bc73e3bc24624cc99ba21d3075ef77c&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1353511613066%3Ahid%3A682461630%3Az%3A0%3Ai%3A20221104161305%3Aet%3A1667578386%3Ac%3A1%3Arn%3A248574591%3Arqn%3A9%3Au%3A16675783868262125%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1667578384910%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667578386%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202022%3F&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 500
Origin: https://dollarsurvey180.space
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 04 Nov 2022 16:13:07 GMT
access-control-allow-origin: https://dollarsurvey180.space
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 04-Nov-2022 16:13:07 GMT
last-modified: Fri, 04-Nov-2022 16:13:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ded4f704f9e9a6049baee157957c611
b8ab59ad9124462021fa450951700107257846c3
d3ff2baef7a03f5c3be279926d4a042e373d85b282a7601f75da2490c3f681d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3FF2BAEF7A03F5C3BE279926D4A042E373D85B282A7601F75DA2490C3F681D3"
Last-Modified: Fri, 04 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11968
Expires: Fri, 04 Nov 2022 19:32:40 GMT
Date: Fri, 04 Nov 2022 16:13:12 GMT
Connection: keep-alive
adleadpro.scaletrk.com/click?o=6483&a=7
18.194.62.185302 Found 0 B URL HTTP/2 adleadpro.scaletrk.com/click?o=6483&a=7
IP 18.194.62.185:0
GET /click?o=6483&a=7 HTTP/1.1
Host: adleadpro.scaletrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
date: Fri, 04 Nov 2022 16:13:04 GMT
content-type: text/html; charset=UTF-8
location: https://fast.fangthatsack.com/rc/9176aa60f5?affclick=15cc97f887323cb9891bb76aebd3098f&pubid=7
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-4559912e7a94a9c32b09d894f2bc3c82=unique; expires=Sun, 04-Dec-2022 16:13:03 GMT; Max-Age=2592000; path=/; secure; SameSite=None
o_4559912e7a94a9c32b09d894f2bc3c82=c6d435ea-d927-493f-9337-024f4a819bf1; expires=Fri, 11-Nov-2022 16:13:04 GMT; Max-Age=604800; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
fast.fangthatsack.com/rc/9176aa60f5?affclick=15cc97f887323cb9891bb76aebd3098f&pubid=7
104.21.57.236200 OK 0 B URL HTTP/2 fast.fangthatsack.com/rc/9176aa60f5?affclick=15cc97f887323cb9891bb76aebd3098f&pubid=7
IP 104.21.57.236:0
GET /rc/9176aa60f5?affclick=15cc97f887323cb9891bb76aebd3098f&pubid=7 HTTP/1.1
Host: fast.fangthatsack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:04 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=pLDlfTz65RKpshnU8URXDJ9ZQNF951Kb3KiMbWG6M4GQBBYiyBX+kjc2EJQyzNgEsK8kVw9r/f4JDn682lTfNVt3ozubq5kjlh9gRJJCo74V4kylDbSCRct804OH; Expires=Fri, 11 Nov 2022 16:13:04 GMT; Path=/
AWSALBCORS=pLDlfTz65RKpshnU8URXDJ9ZQNF951Kb3KiMbWG6M4GQBBYiyBX+kjc2EJQyzNgEsK8kVw9r/f4JDn682lTfNVt3ozubq5kjlh9gRJJCo74V4kylDbSCRct804OH; Expires=Fri, 11 Nov 2022 16:13:04 GMT; Path=/; SameSite=None
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLCCIDyRZOEtgyog6wkArA%2BB831An1TR3vB7nBIPUYdnFUSv0Z%2BAvzYp7tbWu%2F9pgijDdxvhfiixZah0R4zaQMnjQiAps9YewAxgjs8WN7XWiNZZOcoBQG5V8lM2YnmbZKuXB8R%2BJKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764ea285b9140af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dollarsurvey180.space/js/binom-pixel.js
172.67.194.212200 OK 0 B URL HTTP/2 dollarsurvey180.space/js/binom-pixel.js
IP 172.67.194.212:0
Analyzer Verdict Alert fortinet Phishing
GET /js/binom-pixel.js HTTP/1.1
Host: dollarsurvey180.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:05 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6364bc4b-4de"
last-modified: Fri, 04 Nov 2022 07:16:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 1086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4RuQF8P%2BTbF6flvcpN9cCZBI6fa5O1VQEFYg4EpZNABiQ7T2yGFx3l%2BsxndYCS3owW%2FFqb2UlVRdzjp5rwODRwyAZxvZKzhVx4%2BjEo0UbHpJNlVlLHipXOpidg%2FQ3xbMu%2BqPWA5psg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764ea28fe9bafac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adleadpro.scaletrk.com/click
18.194.62.185302 Found 0 B URL HTTP/2 adleadpro.scaletrk.com/click
IP 18.194.62.185:0
GET /click HTTP/1.1
Host: adleadpro.scaletrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 04 Nov 2022 16:13:03 GMT
content-type: text/html; charset=UTF-8
location: https://adleadpro.scaletrk.com/click?o=6483&a=7
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
X-Firefox-Spdy: h2
dollarsurvey180.space/js/config.js?v=10
172.67.194.212200 OK 0 B URL HTTP/2 dollarsurvey180.space/js/config.js?v=10
IP 172.67.194.212:0
Analyzer Verdict Alert fortinet Phishing
GET /js/config.js?v=10 HTTP/1.1
Host: dollarsurvey180.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:05 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6364bc4a-1135f"
last-modified: Fri, 04 Nov 2022 07:16:26 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 1086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6xvLSMIzi%2BTs%2F35YHK0z6w01%2B4szFMYBQ9xBfrVtyB9hos9bycQWzJQSKta%2BLlU1lU1o50ExboPvF4jU%2Fst6vj6blWhWZiJcTfySEt%2BY%2BPJHFmZ1a3ytp2SVZ7q1fqlyslO9Ky%2Fwlg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764ea28fe9aefac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dollarsurvey180.space/css/survey.css?v=2
172.67.194.212200 OK 0 B URL HTTP/2 dollarsurvey180.space/css/survey.css?v=2
IP 172.67.194.212:0
Analyzer Verdict Alert fortinet Phishing
GET /css/survey.css?v=2 HTTP/1.1
Host: dollarsurvey180.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=19835
etag: W/"6364bc4b-4d7b"
last-modified: Fri, 04 Nov 2022 07:16:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 1086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nJMU%2FHrSd93Kvk1%2BOWjUnyPYquBWamhQK%2BbTH7%2B221V0m0GZuQgcGgsqsHXQMSCi3moleEQ2q4qV3TyM4TyHAZoICA9OeYSgQhEPOceSoQo3jxMnShaDoJj5zkNR4pTRaGkCJsQlFA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764ea28fe9affac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1d6ca649521.99tcoffers.com/?p=8287&media_type=mainstream&transaction_id=63653a102681870001471c68
94.237.103.119200 OK 0 B URL HTTP/2 1d6ca649521.99tcoffers.com/?p=8287&media_type=mainstream&transaction_id=63653a102681870001471c68
IP 94.237.103.119:0
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=8287&media_type=mainstream&transaction_id=63653a102681870001471c68 HTTP/1.1
Host: 1d6ca649521.99tcoffers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: rts-trck=1; expires=Fri, 04-Nov-2022 16:23:05 GMT; Max-Age=600; path=/; domain=1d6ca649521.99tcoffers.com
t-uuid=5wsqz5dp84jp2llflx14wkoc8; expires=Thu, 04-Nov-2032 16:13:05 GMT; Max-Age=315619200; path=/; domain=.99tcoffers.com
rts-trck=1; expires=Fri, 04-Nov-2022 16:23:05 GMT; Max-Age=600; path=/; domain=1d6ca649521.99tcoffers.com
traffic-back=ok; expires=Fri, 04-Nov-2022 16:13:35 GMT; Max-Age=30; path=/; domain=.99tcoffers.com
last-modified: Fri, 4 Nov 2022 16:13:05 GMT
expires: Fri, 4 Nov 2022 16:13:05 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow
content-encoding: gzip
X-Firefox-Spdy: h2
dollarsurvey180.space/js/data/rtc.js?v=2
172.67.194.212200 OK 0 B URL HTTP/2 dollarsurvey180.space/js/data/rtc.js?v=2
IP 172.67.194.212:0
Analyzer Verdict Alert fortinet Phishing
GET /js/data/rtc.js?v=2 HTTP/1.1
Host: dollarsurvey180.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=14949
etag: W/"6364bc4b-3a65"
last-modified: Fri, 04 Nov 2022 07:16:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 1086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUDsxj%2B9jr6TZs8ZTU4%2Bj7Wa%2FUL3sLu27v7Do2pGetWuu8v3RrMVNCYSvT5xWmax66xWz7nuYroR8SRYv%2BQk6GsyG%2BDIxJo46ApyzaCwTk4yWIqXX%2Bde%2B67R68AEoY359cGPsSt7VyU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764ea28fe9acfac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
itcleffaom.com/rotate?zz=4292527;4326653;5128285;4949467;5381241;5381316;5381339;5381332;5381307;5381330&var=3956710&ymid=5339054&ab2r=10101&uid=e023263815994a578b1f88b77f3daecf
139.45.197.237200 OK 0 B URL HTTP/2 itcleffaom.com/rotate?zz=4292527;4326653;5128285;4949467;5381241;5381316;5381339;5381332;5381307;5381330&var=3956710&ymid=5339054&ab2r=10101&uid=e023263815994a578b1f88b77f3daecf
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /rotate?zz=4292527;4326653;5128285;4949467;5381241;5381316;5381339;5381332;5381307;5381330&var=3956710&ymid=5339054&ab2r=10101&uid=e023263815994a578b1f88b77f3daecf HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dollarsurvey180.space
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 04 Nov 2022 16:13:06 GMT
content-type: application/javascript
x-trace-id: 708476e99dbe2786c04425c7b0d14996
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://dollarsurvey180.space
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=e023263815994a578b1f88b77f3daecf; expires=Sat, 04 Nov 2023 16:13:06 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.addlnk.com/redirect.css
104.21.74.141200 OK 0 B URL HTTP/2 cdn.addlnk.com/redirect.css
IP 104.21.74.141:0
GET /redirect.css HTTP/1.1
Host: cdn.addlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fast.fangthatsack.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:04 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1680
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
x-amz-id-2: BUW6rlWHZvzQnvJHp4gBkVRIGc8DfdhWdOpgruWqMqu7ownlHIapox/IYSueiBqz+QseNtzP+2A=
x-amz-request-id: KYXF7EGSHW20KRRM
cf-cache-status: HIT
age: 1803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHEjvPhp4utaC9dhJKHX3Nwe5Pf6dBlrqKZxEbuFJ%2BIr1PiRounxxN1UxXANTrhMg9TBPSnGSUbSEIKQLHpVHRe%2F1exUiODhY1wpYp4tWi7VkjxbY5ZhcMtTFdM1F1F%2F2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 764ea2875d18b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dollarsurvey180.space/js/survey-site.js
172.67.194.212200 OK 0 B URL HTTP/2 dollarsurvey180.space/js/survey-site.js
IP 172.67.194.212:0
Analyzer Verdict Alert fortinet Phishing
GET /js/survey-site.js HTTP/1.1
Host: dollarsurvey180.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 16:13:05 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6364bc4b-121d"
last-modified: Fri, 04 Nov 2022 07:16:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 1086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJas%2BNFBuJOQa%2FyI%2F0PEeTWoxIK%2FOhf7wyQYL7QEh8dT7Tu6%2F%2BJGiTlwWCyVSB9BDiu52rfHz6LfB54GMIPUuXDg6OnWLGWCHNXb9cbVrAAMHy5FH5ZiHotn5gDwAePOvx88mnR0DHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764ea28fe9b6fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2