Report - gggtrenks.com/link?z=5996995&var=92609a37-318c-432e-8ab9-dada050cf6d5&ymid=w83ijj93h3l00m5pijrs2jga

Report Overview

Submitted URL
gggtrenks.com/link?z=5996995&var=92609a37-318c-432e-8ab9-dada050cf6d5&ymid=w83ijj93h3l00m5pijrs2jga
IP
139.45.197.239
ASN
#9002 RETN Limited
Submitted
2023-06-02 22:14:02
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
trebghoru.com	unknown	2022-12-06	2022-12-06	2023-06-02	496 B	1.1 kB	139.45.196.64
my.rtmark.net	9054	2014-10-29	2015-02-04	2023-06-02	1.3 kB	2.2 kB	139.45.195.8
cdntechone.com	64371	2021-12-24	2021-12-24	2023-06-02	366 B	8.1 kB	104.21.29.183
www.google.com	7	1997-09-15	2015-05-10	2023-05-29	396 B	1.4 kB	216.58.211.4
offpichuan.com	unknown	2023-03-30	2023-03-31	2023-06-02	504 B	5.5 kB	139.45.197.237
gggtrenks.com	unknown	2022-10-17	2022-10-17	2023-06-02	555 B	889 B	139.45.197.239
erailsiwsurvey.top	unknown	2023-05-19	2023-05-20	2023-06-02	19 kB	691 kB	104.21.55.218
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-02	666 B	1.4 kB	142.250.74.131
dortmark.net	unknown	2023-04-06	2023-04-11	2023-06-02	465 B	829 B	139.45.197.248
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-06-02	450 B	167 kB	142.250.74.35
datatechonert.com	46154	2021-12-24	2021-12-24	2023-06-02	504 B	488 B	37.48.68.71
laugoust.com	unknown	2022-07-22	2022-07-22	2023-06-02	500 B	378 B	139.45.197.250

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-02 22:13:42	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	cdntechone.com/stattag.js	18 kB	2023-05-22	2023-09-07
Pretty URL cdntechone.com/stattag.js IP 104.21.29.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 16:28:01 Last Seen2023-09-07 08:45:40 Times Seen4488 Hash 0fdff67feab23cc69ecfb6800fc54cb7 eb84c650e6d27e290795207b1f37dd7b67f2aa06 456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378 Loading...

	erailsiwsurvey.top/js/_rtc.692696d0.js	11 kB	2023-06-01	2023-06-09
Pretty URL erailsiwsurvey.top/js/_rtc.692696d0.js IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 18:59:55 Last Seen2023-06-09 10:29:32 Times Seen270 Hash 769aca51bf83343eb2ac227aedcd4ff3 2a193572dec77357bdbcc9d02e629afb942fe61b 7110ad0251bd71ba0caa74c691d850c8e3ea55d53d6195408d21d4777e2cf293 Loading...

	erailsiwsurvey.top/js/_core-survey.2e2c57dd.js	230 kB	2023-06-01	2023-06-05
Pretty URL erailsiwsurvey.top/js/_core-survey.2e2c57dd.js IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 18:59:55 Last Seen2023-06-05 09:32:57 Times Seen100 Hash be86e00ba46dab7402d0ace8686065be 5f58e84f51a9ff552c80c671f81a403da97f63e2 6c44ac8fd678d9536dae941998d4f93acdfea708f71e065baf0ea595ac7cea0e Loading...

	erailsiwsurvey.top/js/survey.36a8ba6b.js	5.4 kB	2023-06-01	2023-06-05
Pretty URL erailsiwsurvey.top/js/survey.36a8ba6b.js IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 18:59:55 Last Seen2023-06-05 05:23:20 Times Seen72 Hash 6ab7c487e6ed70d2f7241a5bf22a69f4 aea57164a36967cc918348e3117662c883c0ef10 8b44578bb3662e18c2c7a6972b9efedb7daeeaa4a87695dd5c912b1ccd897a9a Loading...

	www.google.com/recaptcha/api.js?render=explicit&hl=en	852 B	2023-05-26	2023-06-03
Pretty URL www.google.com/recaptcha/api.js?render=explicit&hl=en IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-26 00:38:59 Last Seen2023-06-03 07:03:55 Times Seen712 Hash 6eb227f49545693ff09e7e868952f4af dc2cfcf4a5d33b127c8c5d18dbe577c1e690dfa9 0a22aef6916a4504fc4c1b3f83cf9ad8dec879e875888b7598ee8edde393d86d Loading...

	erailsiwsurvey.top/js/_global-config-sd.2d740028.js	1.4 kB	2023-06-01	2023-06-09
Pretty URL erailsiwsurvey.top/js/_global-config-sd.2d740028.js IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 18:59:55 Last Seen2023-06-09 10:29:32 Times Seen196 Hash 15cb25fb388b6ce841d68c478a48f0c9 cc2ada5f0d6b7fa5d79c487315e08f36f14918ad 09c4db6fcdedb3623e653fb0660b495d4fe28db67ca358fabfbec1c8fe297ca9 Loading...

	www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js	417 kB	2023-05-25	2023-12-01
Pretty URL www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-25 23:34:05 Last Seen2023-12-01 20:53:29 Times Seen14311 Hash 95a32a4d8f8be968bc15d6ab9b9491d1 fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015 a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981 Loading...

	erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2	947 B	2023-04-05	2023-06-07
Pretty URL erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 07:30:31 Last Seen2023-06-07 14:52:41 Times Seen1528 Hash d1e72beb1dee97272ab297ff00092f77 902a8f9ce932b41cf9b3b6b6d29af0e2cfc035a8 f755101aed96ff79400ade91a689b64b11ae1851d2c410eea9bfea1dc1d194ff Loading...

	erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2	805 B	2023-06-01	2023-06-05
Pretty URL erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 18:59:55 Last Seen2023-06-05 09:32:57 Times Seen67 Hash 4cfd5df7e4276f7acfdf6e4240048c9e 400624ea54a3c6650c37ecfe28ab3ddabb666098 33e2102513ef1a8c4b74f5f32b36f6f97e15c45b4be6e14f229dd080061adafe Loading...

	erailsiwsurvey.top/js/v-index.js.a18034f4.js	40 kB	2023-06-01	2023-06-06
Pretty URL erailsiwsurvey.top/js/v-index.js.a18034f4.js IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 18:59:55 Last Seen2023-06-06 16:34:10 Times Seen168 Hash 3698267f8797b04e520279c94f8e0805 6d3badcf82c2faa17f61efdc44beff2267fa84e4 fe3a9cbf06b7238b24211ed6af8cf947aa8fcfbd0d6a81601993639a48431f20 Loading...

	erailsiwsurvey.top/js/v-immer.esm.mjs.28802142.js	10 kB	2023-06-01	2023-06-09
Pretty URL erailsiwsurvey.top/js/v-immer.esm.mjs.28802142.js IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 18:59:55 Last Seen2023-06-09 10:29:32 Times Seen274 Hash 18f8b1a5408bb552103bab2a9e5cba70 72ba4dd83f4e85a45017492cd8ceedceabcc7587 1fce72cc05122f77f6dfd7ddb9fd43853cc9ee2d3cda9478afafcd48388e122d Loading...

	erailsiwsurvey.top/js/v-redux-toolkit.esm.js.b2bedd2f.js	11 kB	2023-06-01	2023-06-09
Pretty URL erailsiwsurvey.top/js/v-redux-toolkit.esm.js.b2bedd2f.js IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 18:59:55 Last Seen2023-06-09 10:29:32 Times Seen270 Hash ac9121dfc38a96f9146a7121ce322045 06ccd82f9b12b0e28763513da15d61fce4b9197b 2994e8f29a919a18deb772d218fe3fb77e45df892ae6512d448f8d862e2b3a71 Loading...

	erailsiwsurvey.top/js/config/data/sd-1779001.js?v=10	7.1 kB	2023-04-28	2023-08-02
Pretty URL erailsiwsurvey.top/js/config/data/sd-1779001.js?v=10 IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-28 17:56:15 Last Seen2023-08-02 20:28:30 Times Seen492 Hash d0895c16e97f4fa5d6c7703b741a4a5e 8a3c26b1a516b4716799ab6e806bf063ba016651 11e8791573303e203816d632bda1b06fbb360ef05f7c303260e451428093fe2a Loading...

	erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2	41 B	2023-03-07	2024-04-18
Pretty URL erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:03 Last Seen2024-04-18 08:06:08 Times Seen7132 Hash 2ec370ca0eaf3069dce13df24243d863 64c1919bbb18a6d851d1b7772f830320b8ab5cc1 6a31a3a39783d09cc53dd9e9baeb4a4fa49be602eef90f6bbb9f78af02688064 Loading...

	erailsiwsurvey.top/js/_each-land-config.c1df2b79.js	72 kB	2023-06-01	2023-06-05
Pretty URL erailsiwsurvey.top/js/_each-land-config.c1df2b79.js IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 18:59:55 Last Seen2023-06-05 09:32:57 Times Seen140 Hash 6b75c51d58a8ab1832c0c5167c09e04a 3e201ff870f80d120522c2f58a9f4eec0c4eecb2 7790285885c82a7264b458e8c364358aacff59c0e7aff4e60776a5704cea3a36 Loading...

	erailsiwsurvey.top/pfe/current/micro.tag.min.js?z=4842423&sw=/sw/sw4842423.js&var=3956710&var_3=688622749352206570&var_4=null&ymid=5996995&cdn=1&domain=laugoust.com&ab2_ttl=5184000000	42 kB	2023-05-31	2023-06-09
Pretty URL erailsiwsurvey.top/pfe/current/micro.tag.min.js?z=4842423&sw=/sw/sw4842423.js&var=3956710&var_3=688622749352206570&var_4=null&ymid=5996995&cdn=1&domain=laugoust.com&ab2_ttl=5184000000 IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 10:08:00 Last Seen2023-06-09 08:35:07 Times Seen213 Hash e2c1209fa034e82830b27b2c7e00a7dc 0a3057e56de2d45bee9443afba1823ce0629f199 ea6ad99d1789576a76dcb7c3d970a1fb9c81b4b0c493eafc64023b85686a2bcd Loading...

	erailsiwsurvey.top/js/_is-browser-supported.c49ec082.js	1.0 kB	2023-05-15	2023-06-05
Pretty URL erailsiwsurvey.top/js/_is-browser-supported.c49ec082.js IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-15 14:50:40 Last Seen2023-06-05 10:27:16 Times Seen2068 Hash 68e1a61f2550d6589e5ae1830fd2d3db aeefce07be8a0ea5485c7463a8a368806c55e059 a0b2b72ecb2738d1f49c83d11a844bc96965537fb634ed8d1c8c3dd95f4ef0b1 Loading...

	erailsiwsurvey.top/js/v-react-dom.production.min.js.708dd72a.js	129 kB	2023-06-01	2023-06-09
Pretty URL erailsiwsurvey.top/js/v-react-dom.production.min.js.708dd72a.js IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 18:59:55 Last Seen2023-06-09 10:29:32 Times Seen272 Hash bf59e2beec56bd492cd1247c25672598 4af373f2ad8d7a2bda18232ab4740abdea6ecb7c 04853b2a6175aa975ebe4d756699da4d7a9a156fef4895cf65b53c8fdf6c1389 Loading...

	erailsiwsurvey.top/js/v-index.mjs.7a6f6513.js	35 kB	2023-06-01	2023-06-06
Pretty URL erailsiwsurvey.top/js/v-index.mjs.7a6f6513.js IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 18:59:55 Last Seen2023-06-06 16:34:10 Times Seen169 Hash 9f7ddd785647e7de7ff506bbe6ec7ca7 b04873210640ef785259fb4405f01c5e6f96d5a2 10338634d2cfa9fec434ea07a265687bf552d382e11b107d7afe649c05ac5627 Loading...

	erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2	250 B	2023-04-11	2024-04-18
Pretty URL erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-11 14:49:40 Last Seen2024-04-18 10:59:02 Times Seen11146 Hash 9d9b48d49f88bc3e71b52a408295effa ca122790003cf5d50f71165ed81d120d8a91199e e7427cfeefd59822deeb50274e744da9ce4173ab34ba825aff2d79f1dbc7be76 Loading...

	erailsiwsurvey.top/js/s-storageService.js.2dc48dda.js	2.6 kB	2023-04-19	2023-06-20
Pretty URL erailsiwsurvey.top/js/s-storageService.js.2dc48dda.js IP 104.21.55.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-19 14:33:19 Last Seen2023-06-20 08:31:53 Times Seen579 Hash 2e9de7b6778ce3f6199aebfb661f9523 891c3fed1af8c7713e55934831bacd3a3b595e3f 1fa9bb8f2331f7b0dadd0d87aa97c1077cb70f5b2149816f931a5dddc65a8ab8 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5531a5834816222280f20d1ef9e95f69	4 B	2023-03-12	2024-01-28
Pretty Observations First Seen2023-03-12 12:17:15 Last Seen2024-01-28 13:22:54 Times Seen21116 Hash 5531a5834816222280f20d1ef9e95f69 445cd2fd3273962bdf09425109a2d09f7170e837 d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f Loading...

HTTP Transactions (56)

	URL	IP	Response	Size
	gggtrenks.com/link?z=5996995&var=92609a37-318c-432e-8ab9-dada050cf6d5&ymid=w83ijj93h3l00m5pijrs2jga	139.45.197.239		0 B
URL gggtrenks.com/link?z=5996995&var=92609a37-318c-432e-8ab9-dada050cf6d5&ymid=w83ijj93h3l00m5pijrs2jga IP 139.45.197.239:0 ASN #9002 RETN Limited File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /link?z=5996995&var=92609a37-318c-432e-8ab9-dada050cf6d5&ymid=w83ijj93h3l00m5pijrs2jga HTTP/1.1 Host: gggtrenks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: nginx date: Fri, 02 Jun 2023 22:13:42 GMT content-length: 0 location: https://trebghoru.com/link?z=3956710&var=5996995 access-control-allow-credentials: true access-control-allow-origin: access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding pragma: no-cache cache-control: no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT x-trace-id: 66f5ace35adcc065582e8fad8bc0b6ec link: <https://trebghoru.com>; rel="dns-prefetch preconnect" referrer-policy: no-referrer set-cookie: OAID=c0a15043ff4a4217881eb8c50a06dfe4; expires=Sat, 01 Jun 2024 22:13:42 GMT oaidts=1685744022; expires=Sat, 01 Jun 2024 22:13:42 GMT strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: * X-Firefox-Spdy: h2

	trebghoru.com/link?z=3956710&var=5996995	139.45.196.64		0 B
URL trebghoru.com/link?z=3956710&var=5996995 IP 139.45.196.64:0 ASN #9002 RETN Limited File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /link?z=3956710&var=5996995 HTTP/1.1 Host: trebghoru.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found server: nginx date: Fri, 02 Jun 2023 22:13:42 GMT content-length: 0 location: https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp&autoexit_86400=3953544 access-control-allow-credentials: true access-control-allow-origin: access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding pragma: no-cache cache-control: no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT x-trace-id: 91aa8b4f907ca20545a8cbeb9bbaf0f1 link: <https://erailsiwsurvey.top>; rel="dns-prefetch preconnect" referrer-policy: no-referrer set-cookie: OAID=15673b4b4d414d468b67a3852a16a90e; expires=Sat, 01 Jun 2024 22:13:42 GMT oaidts=1685744022; expires=Sat, 01 Jun 2024 22:13:42 GMT OXCCLK=4105106.1; expires=Sat, 01 Jun 2024 22:13:42 GMT allcnt=1; expires=Sat, 01 Jun 2024 22:13:42 GMT strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: * X-Firefox-Spdy: h2

	erailsiwsurvey.top/js/_each-land-config.c1df2b79.js	104.21.55.218	200 OK	20 kB
URL GET HTTP/3 erailsiwsurvey.top/js/_each-land-config.c1df2b79.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 20 kB (19540 bytes) Hash 6b75c51d58a8ab1832c0c5167c09e04a 3e201ff870f80d120522c2f58a9f4eec0c4eecb2 7790285885c82a7264b458e8c364358aacff59c0e7aff4e60776a5704cea3a36 HTTP Headers `GET /js/_each-land-config.c1df2b79.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-11824" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgdXUpY2jNyICuqY4HMOovtg0zPfW3Ogymfudj3MioM%2Bl68eC26YpaVWlW1MCAjLjo%2FwzuNVSm2I3aiEgixzNaJHh08rF6dzHhpcIjA3qlxRGc8618Js5zQmfgef%2BhxBacYm5lY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b9148d6b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	my.rtmark.net/gid.js?	139.45.195.8	200 OK	65 B
URL GET HTTP/2 my.rtmark.net/gid.js? IP 139.45.195.8:443 ASN #9002 RETN Limited Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerLet's Encrypt Subjectrtmark.net Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80 ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT File type JSON data\012- , ASCII text Size 65 B (65 bytes) Hash 7da3e2868cf76c121b21d7d3a0a656ef 5fbaf0376418160ac0b195913f8244f144aa2909 2d4862e830ba943bee0f81702a0dd255587adb40ffc738b70907673f5870a127 HTTP Headers `GET /gid.js? HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://erailsiwsurvey.top DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/json; charset=utf-8 content-length: 65 access-control-allow-origin: https://erailsiwsurvey.top access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=a376fb947e9f4a04a8660dc00d759df6; expires=Sat, 01 Jun 2024 22:13:43 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2

	my.rtmark.net/gid.js?	139.45.195.8	200 OK	65 B
URL GET HTTP/2 my.rtmark.net/gid.js? IP 139.45.195.8:443 ASN #9002 RETN Limited Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerLet's Encrypt Subjectrtmark.net Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80 ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT File type JSON data\012- , ASCII text Size 65 B (65 bytes) Hash 7da3e2868cf76c121b21d7d3a0a656ef 5fbaf0376418160ac0b195913f8244f144aa2909 2d4862e830ba943bee0f81702a0dd255587adb40ffc738b70907673f5870a127 HTTP Headers `GET /gid.js? HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://erailsiwsurvey.top DNT: 1 Connection: keep-alive Cookie: ID=a376fb947e9f4a04a8660dc00d759df6 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/json; charset=utf-8 content-length: 65 access-control-allow-origin: https://erailsiwsurvey.top access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=a376fb947e9f4a04a8660dc00d759df6; expires=Sat, 01 Jun 2024 22:13:43 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2

	erailsiwsurvey.top/img/icon-survey.svg	104.21.55.218	200 OK	4.2 kB
URL GET HTTP/3 erailsiwsurvey.top/img/icon-survey.svg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1080) Size 4.2 kB (4196 bytes) Hash 9612f51aebfc959fbe20466738ad7a35 40018ba48bd4ed13c219ceb9efdeccac7902ff4f a35df0cc8723374ad7b9b6a99e7b07b23a32783d0ae1897fbf8dbc6e6ffe11d6 HTTP Headers `GET /img/icon-survey.svg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: image/svg+xml last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: W/"6478a1ef-c19" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZssM4vCdFeFMfTFF%2BboUimQp2Zgjmb%2BBOxOHtjBS6LS6zT%2BMFvNEl4gWmS5HuxToG%2BNzZsgH9pMgusO6UUG5YgArkIEuxCmQ6JsLGQP4xf3JqbzsssdvDRqzwDdNM32V8e1WVPg%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b93fc64b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/js/config/data/sd-1779001.js?v=10	104.21.55.218	200 OK	2.0 kB
URL GET HTTP/3 erailsiwsurvey.top/js/config/data/sd-1779001.js?v=10 IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (7118), with no line terminators Size 2.0 kB (2034 bytes) Hash d0895c16e97f4fa5d6c7703b741a4a5e 8a3c26b1a516b4716799ab6e806bf063ba016651 11e8791573303e203816d632bda1b06fbb360ef05f7c303260e451428093fe2a HTTP Headers `GET /js/config/data/sd-1779001.js?v=10 HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-1bce" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 6187 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bb06NWV43vl0OtEnNtffYC5%2Bv1BrAf6z3GcRfceH%2Bn4yL13tsytF0WMSIBEaZCnScfUtkZO%2BlND4CjzMrvUBTW43C56C4MUNFKTowpsl9K6qDigxE4csEb7T7exUpmkMTLXVE6s%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b940c73b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/pfe/current/micro.tag.min.js?z=4842423&sw=/sw/sw4842423.js&var=3956710&var_3=688622749352206570&var_4=null&ymid=5996995&cdn=1&domain=laugoust.com&ab2_ttl=5184000000	104.21.55.218	200 OK	14 kB
URL GET HTTP/3 erailsiwsurvey.top/pfe/current/micro.tag.min.js?z=4842423&sw=/sw/sw4842423.js&var=3956710&var_3=688622749352206570&var_4=null&ymid=5996995&cdn=1&domain=laugoust.com&ab2_ttl=5184000000 IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type C source, ASCII text, with very long lines (42367), with no line terminators Size 14 kB (14073 bytes) Hash e2c1209fa034e82830b27b2c7e00a7dc 0a3057e56de2d45bee9443afba1823ce0629f199 ea6ad99d1789576a76dcb7c3d970a1fb9c81b4b0c493eafc64023b85686a2bcd HTTP Headers GET /pfe/current/micro.tag.min.js?z=4842423&sw=/sw/sw4842423.js&var=3956710&var_3=688622749352206570&var_4=null&ymid=5996995&cdn=1&domain=laugoust.com&ab2_ttl=5184000000 HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript last-modified: Thu, 01 Jun 2023 13:49:36 GMT vary: Accept-Encoding etag: W/"6478a1f0-a57f" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N415sxzFV%2FVmJJ7thEBTKz7FKtgxBpombewXvKjdPUneQvwcP7dRbQbuQcqHozpVJ9KcGZy%2BfSFPbF5nW0TAxksoPrpjI0Tpu70%2FJALMnzmIDCal6dsl89zI5A%2FrC1cfWTtZOj4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b946cceb4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash fb4f137ffaa414632ee6d79358ca7663 738174c00230645a31d26ab956eaed98f1c7eb44 8820e77977fcf5b5ff317aa91f5792369e4241204d3b2e8cc41a3cfa8e4b476d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 02 Jun 2023 22:13:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	dortmark.net/sync?userId=c7c5ce45aeb1e27e6a6e80acf02f4e58&partition=finance&duration=5184000	139.45.197.248	200 OK	45 B
URL GET HTTP/2 dortmark.net/sync?userId=c7c5ce45aeb1e27e6a6e80acf02f4e58&partition=finance&duration=5184000 IP 139.45.197.248:443 ASN #9002 RETN Limited Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerLet's Encrypt Subjectdortmark.net Fingerprint2D:58:01:B8:69:29:6C:35:45:78:06:E6:15:E1:E3:B9:8B:47:F6:52 ValidityTue, 11 Apr 2023 11:46:30 GMT - Mon, 10 Jul 2023 11:46:29 GMT File type JSON data\012- , ASCII text, with no line terminators Size 45 B (45 bytes) Hash 05315d3d9e588ffa51ff54c5803d024c 908c5931ba95c6d656ea21a892ba4adadd7fac94 dbb4861567a0389e5a8348b5c7a35611ff7712ae4a463f0309b43fe267d65811 HTTP Headers `GET /sync?userId=c7c5ce45aeb1e27e6a6e80acf02f4e58&partition=finance&duration=5184000 HTTP/1.1 Host: dortmark.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://erailsiwsurvey.top DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/json; charset=utf-8 content-length: 45 x-trace-id: 3d718dde3a8d1a52e99b8886aae083a6 access-control-allow-origin: https://erailsiwsurvey.top access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding pragma: no-cache cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 expires: Tue, 11 Jan 1994 10:00:00 GMT set-cookie: finance_ID=c7c5ce45aeb1e27e6a6e80acf02f4e58; expires=Fri, 02 Jun 2023 23:13:43 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2

	erailsiwsurvey.top/img/comments/unnamed.jpg	104.21.55.218	200 OK	1.4 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/unnamed.jpg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Size 1.4 kB (1378 bytes) Hash 449aaf5a54e3fe3aa4f0f5875bede090 b2b897362626700277b7f8baca8b1f292d08b7e5 4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59 HTTP Headers `GET /img/comments/unnamed.jpg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/jpeg content-length: 1378 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-562" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3698 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBh6Yxt7eADyd1Hqkx07WeS0kfNgLkG9S5GmFnTyHCbSUQj1rxpwPi2NMQE5oh%2FHaHZ1Tif%2FwJ%2FPBkDfiwQFd4AKtzN3%2BTIS5qTw1qDsarulEbryJTHs5%2BagFMsQRLwW9Ebs%2BHo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b960ea4b4ff-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-1.png	104.21.55.218	200 OK	6.6 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-1.png IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data Size 6.6 kB (6577 bytes) Hash 8f9a954bf05965bb41cf97a7ddb7a375 de9db936bbea75043e08a55d1f371678fca2270c a787bd40650924a7bbc61d6ea0bbcaddae4b3129fd8028b68c3629210e41e26d HTTP Headers `GET /img/comments/person-1.png HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/png content-length: 6577 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-19b1" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3698 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1krRb1ykj9FFqOezY8bIeXJIn44yqDJj2QRb2hEcI5Teq2bUlUIb1iW9Czup3xAr%2BtIFO6G%2BWa9hbqZp168yIVSN%2FXnQcTtdbAsD00bcthDpNYxbpNhOEdQVc1RS3irRLNWM14M%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b962ecab4ff-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/css/survey.2bfeef83.css	104.21.55.218	200 OK	11 kB
URL GET HTTP/3 erailsiwsurvey.top/css/survey.2bfeef83.css IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 11 kB (11362 bytes) Hash ba8ddbfa60d2feec516710cd5de1746d 9ddfc2f60deda512e71fa888c546c4300e3a530e 04ea2783c47b74e28c9583983c12e1ea4ac25e5ab50f0270829687607a03a782 HTTP Headers `GET /css/survey.2bfeef83.css HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: text/css cf-bgj: minify cf-polished: origSize=66591 etag: W/"6478a1ef-1041f" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaL9DNYsMNZJXFtd8kG7Aso5hUfw5euzyvKyi%2FZpz7S4sBBy0EvyJpGc%2F1O3xjdT5phmNMuTEBF6sQ3Rmi7r6SQRDEKuibu%2FSUtwHFjAFXd8nyjHJxBge4KQQjtOi1gOXT%2BpCRU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b933b9db4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-14.jpg	104.21.55.218		5.4 kB
URL GET erailsiwsurvey.top/img/comments/person-14.jpg IP 104.21.55.218:0 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Size 5.4 kB (5392 bytes) Hash 6012ff0d59aa6a34aaca1ea8f2fa88fc ef59662c9b666106486039e9f1deb40fb4a8ff77 2c020310e91430067c7128425f14ac0ff1710aea5e67c144a8fceac46311182d HTTP Headers `GET /img/comments/person-14.jpg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/jpeg content-length: 5392 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-1510" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3698 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUmYlUqvVkTHfvWM4%2Bzvzs9VySEcZJKxQRVEBvwSj34e%2B3UD%2BxDMxRJhICc1dsU%2FV4kVImXFdqGhl%2B8yczcVEckRZDgJ3VSrnlUKY3ellfGUmWrFWZaohsnPU2nLJlsuGlckfD4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b971939b51b-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-4.jpeg	104.21.55.218	200 OK	2.7 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-4.jpeg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Size 2.7 kB (2709 bytes) Hash 6cf64555e2de0ff8b5391081b648b89a a32008bacf7f8cd3859eb86c6c8d36eeb15dbdf0 d4f513bf3a5691b900739cf79285d18ef09ef4b81eca648261b15a693d21818d HTTP Headers `GET /img/comments/person-4.jpeg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/jpeg content-length: 2709 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-a95" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3698 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5704gQQ%2BaWrHSEU9i%2B3%2FptZIAU7cftYzoCYliKnXkDkJEOBJaN8r%2F8V4PUIYePwJS6H7mfot0vjn%2BNKPk9XMvpqKqVSnjiS41FZY3sJpZfdnozLLN8iRpuhS5fA07QEyoUAqZc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b971940b51b-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/js/_global-config-sd.2d740028.js	104.21.55.218	200 OK	5.1 kB
URL GET HTTP/3 erailsiwsurvey.top/js/_global-config-sd.2d740028.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (1410), with no line terminators Size 5.1 kB (5128 bytes) Hash 15cb25fb388b6ce841d68c478a48f0c9 cc2ada5f0d6b7fa5d79c487315e08f36f14918ad 09c4db6fcdedb3623e653fb0660b495d4fe28db67ca358fabfbec1c8fe297ca9 HTTP Headers `GET /js/_global-config-sd.2d740028.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-582" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGorRziPsKvZtbOYJlx45kcYd5k%2BDvUBJ7JnojUmPKCeV0UMY6KZgzdih1%2FuPsl7x%2B8IYRpI4u3twjXlPWvHTkO%2FWDXE%2FKZG5r4m7InDVKLqmAuXUVcMFW7GyauCZOwZ1gwoDv8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b932b7db4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/js/_rtc.692696d0.js	104.21.55.218	200 OK	9.2 kB
URL GET HTTP/3 erailsiwsurvey.top/js/_rtc.692696d0.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (11189), with no line terminators Size 9.2 kB (9150 bytes) Hash 769aca51bf83343eb2ac227aedcd4ff3 2a193572dec77357bdbcc9d02e629afb942fe61b 7110ad0251bd71ba0caa74c691d850c8e3ea55d53d6195408d21d4777e2cf293 HTTP Headers `GET /js/_rtc.692696d0.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-2bb5" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpYKwPU38C0qmT3PNwek1fVuEAtvkaybiMXF0PBwEOEf7AYQW5OMWWjeDL9TPZlSzyU1jDDzkWgyPXZ%2FWgnnY6UktyymAWp02nYfZfHYrZNHedzCYUOr0ppvqevh3fdDetsIU1E%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b932b7ab4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/icon-survey.svg	104.21.55.218	200 OK	4.3 kB
URL GET HTTP/3 erailsiwsurvey.top/img/icon-survey.svg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1080) Size 4.3 kB (4300 bytes) Hash 9612f51aebfc959fbe20466738ad7a35 40018ba48bd4ed13c219ceb9efdeccac7902ff4f a35df0cc8723374ad7b9b6a99e7b07b23a32783d0ae1897fbf8dbc6e6ffe11d6 HTTP Headers `GET /img/icon-survey.svg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: image/svg+xml last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: W/"6478a1ef-c19" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYmtlD9w%2FDvrZb5ifS2WpVEuZCHK%2Fibc45kz4T8oqcW36GlrUZvmuHFzLbmTlJ%2BM5OPnbDv6luL1oE793sIY%2BPjs89RFGoR2UHFEL%2Fv87u74AiRbboZjBLtTsIv79ED6KMQoQEs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b9148e9b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/js/_global-config-sd.2d740028.js	104.21.55.218	200 OK	9.1 kB
URL GET HTTP/3 erailsiwsurvey.top/js/_global-config-sd.2d740028.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (1410), with no line terminators Size 9.1 kB (9059 bytes) Hash 15cb25fb388b6ce841d68c478a48f0c9 cc2ada5f0d6b7fa5d79c487315e08f36f14918ad 09c4db6fcdedb3623e653fb0660b495d4fe28db67ca358fabfbec1c8fe297ca9 HTTP Headers `GET /js/_global-config-sd.2d740028.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-582" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16XwSuZE36ZAXTgvub9pU3Ch%2B5Mlejin5QkZ527j6Edyn9LL7nIQrxx%2B%2BmfhjnL5cCWPmTPki426vSFRwa9u73IOnMsfue2Rwl1kxphjimUxb2j8Pb5dF4B48BZVby1rn%2Fp6nXI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b9138c9b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/unnamed.jpg	104.21.55.218	200 OK	1.4 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/unnamed.jpg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Size 1.4 kB (1378 bytes) Hash 449aaf5a54e3fe3aa4f0f5875bede090 b2b897362626700277b7f8baca8b1f292d08b7e5 4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59 HTTP Headers `GET /img/comments/unnamed.jpg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/jpeg content-length: 1378 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-562" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3698 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CteBh0MygUXJx%2Byx0RZF%2BgFHdLBPjjBt0GgFAz0AkhYt%2FXHTr4%2BTgUAS3Id%2BdhBL%2FWYDHr%2FcXLhyAgyZSKqKiyhN4RIE%2FD0SQRt0mhs8u6UFAaIZgtC0EYW0lMq2puoKcbbWWtE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b97193ab51b-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-1.png	104.21.55.218	200 OK	6.6 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-1.png IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data Size 6.6 kB (6577 bytes) Hash 8f9a954bf05965bb41cf97a7ddb7a375 de9db936bbea75043e08a55d1f371678fca2270c a787bd40650924a7bbc61d6ea0bbcaddae4b3129fd8028b68c3629210e41e26d HTTP Headers `GET /img/comments/person-1.png HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/png content-length: 6577 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-19b1" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3698 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kfeH45oriKT2Tyh9flg0klv2D6R7%2FX%2FwtnbL0%2FT%2BwFKhgtnU9fPaOcn6%2BAcXg1whKcbh5uyc8ckPGIgdEMsNdNOj%2B2lOY%2B8GCUCRp6L7rUgcHi%2B2BhAp4lqFyW4TLXL%2BoJ2F6c%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b97193cb51b-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/js/_is-browser-supported.c49ec082.js	104.21.55.218	200 OK	6.9 kB
URL GET HTTP/3 erailsiwsurvey.top/js/_is-browser-supported.c49ec082.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (1015), with no line terminators Size 6.9 kB (6923 bytes) Hash 68e1a61f2550d6589e5ae1830fd2d3db aeefce07be8a0ea5485c7463a8a368806c55e059 a0b2b72ecb2738d1f49c83d11a844bc96965537fb634ed8d1c8c3dd95f4ef0b1 HTTP Headers `GET /js/_is-browser-supported.c49ec082.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-3f7" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FNOeWEPpITMMVQIep%2FeV4iLFknp9k6DCX%2FKCohKSLhHebg34NDhna7UnggS3PGeMMyh3uJshiItb3G8WuZaqXDsceLssPpdHMFXL%2BqKUg5To0Q2iQUhvqSS3KiYB1JaWa3f9qs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b932b7fb4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-8.jpg	104.21.55.218	200 OK	5.7 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-8.jpg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, software=Google], baseline, precision 8, 100x100, components 3\012- data Size 5.7 kB (5748 bytes) Hash 6b10e71656e51e27520e854712b44f1c f78b92dded977e9f275aba726453138155420bcf 64588485da7d470991fdba6c20a6d05c7ad39f92cca72769a95cbe3d873e8edc HTTP Headers `GET /img/comments/person-8.jpg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/jpeg content-length: 5748 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-1674" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxFBaNaFrT5oipY4lVXHUwiyDjtNVvTzEjfI%2B5EMMAMyPnjZIlehrt74WWjYq%2B7cPzI6V2CrNR73OgRDaB%2BRhcDGkYLFjlazWYcW7vwaU6%2FHnOOtnTKA2cIi0rX150Ss1eaIe8c%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b971941b51b-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-9.jpg	104.21.55.218	200 OK	5.2 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-9.jpg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Size 5.2 kB (5190 bytes) Hash 529370f9fd3b0f4da6c81ca91a931155 1a4c3e0e7af1ce30dc2ca18d48b5fc3f1b40aad3 cdf1b8dcdce4e9b76157ce90e086ebafb100063eaeb091e97087d97f5d0fb50b HTTP Headers `GET /img/comments/person-9.jpg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/jpeg content-length: 5190 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-1446" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGUVaoSrmPyTQ614rdE%2FHoci1FyFx%2FpGJCX5T%2BgZ8dSeAj3BBfjdvFwm%2B8GZVHH%2FjNi%2FcejSVd18d2PndTv7ycLjSwPYWw4KOY9BE60EJ2vU%2BuqmT%2FqJiJSZiAHa75MEBsJEr3g%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b97193eb51b-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-10.jpg	104.21.55.218	200 OK	6.2 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-10.jpg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, software=Google], baseline, precision 8, 100x100, components 3\012- data Size 6.2 kB (6178 bytes) Hash 044ab37551bfe632f53b8f15d991f36e 77fdc6210608e5e36e1d36ac7fd867104cb20d9e 36adcb32026c016feaff678063911fcc9e7985e9f0c56bb1daa776f98964ef91 HTTP Headers `GET /img/comments/person-10.jpg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/jpeg content-length: 6178 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-1822" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3698 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B65TqzdzvYX3rC9TZEUfU5QQ6ZSZZY2UzN7pdMfnXExitS6kUZNhddoCgGlDLkQb2jgoE9Ptd0D7FhkMHZu243W3SQwnfnizLW1vBT65yzfB2VnPg67F2sVGkXRnIvdSMzlT698%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b971946b51b-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-11.jpeg	104.21.55.218	200 OK	4.2 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-11.jpeg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Size 4.2 kB (4175 bytes) Hash 3924bdc784dc4947f52b779aa4d5a0aa 1e3f3fdd99490addd60014aa7327fe27c6bd5589 b3f882f57f9a213d85eb1c5c6a8a1451bd16dfcd9e4bd00e0a74584422dbd950 HTTP Headers `GET /img/comments/person-11.jpeg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1; finance_ID=c7c5ce45aeb1e27e6a6e80acf02f4e58 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/jpeg content-length: 4175 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-104f" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1eE6j5AlmFVPkd7pnfBBhdsEnOr37qHv1f2atocP0t5OozrxDaIWRKVO4em312Mg9opYEGe7nHKMCCl1qikzsDQig0Ob1VDaUzk%2Bik520WkTWrBRN6OcoXvBhi5ubAopExCqfY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b971944b51b-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-13.jpg	104.21.55.218	200 OK	3.2 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-13.jpg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Size 3.2 kB (3172 bytes) Hash a3364ed9e772ae6f696b814072001bf8 b8f34c657c31bf1e4d42b5d864b2519493d80e92 88f30b8552d0ab928d895390b337a0049405f3b1e8446631e606ba787e1205e1 HTTP Headers `GET /img/comments/person-13.jpg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1; finance_ID=c7c5ce45aeb1e27e6a6e80acf02f4e58 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/jpeg content-length: 3172 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-c64" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3698 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZwqSwP8yzej7fjJuKYmWvyqH9W%2Fku8AKtztmyyBZjkEiBssO43djmgB1OD3Feyj9HMy0GjVZUbe%2BEjTnEgy3GcIrIuSxTN%2Bp%2ByBNXjI7zX3%2B0Dx59g8gWGNQkVI6cbUriXsrB4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b971943b51b-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/pfe/current/micro.tag.min.js?z=4842621&sw=/sw/sw4842621.js&var=3956710&var_3=688622749352206570&var_4=null&ymid=5996995&cdn=1&domain=laugoust.com&ab2_ttl=5184000000	104.21.55.218		14 kB
URL erailsiwsurvey.top/pfe/current/micro.tag.min.js?z=4842621&sw=/sw/sw4842621.js&var=3956710&var_3=688622749352206570&var_4=null&ymid=5996995&cdn=1&domain=laugoust.com&ab2_ttl=5184000000 IP 104.21.55.218:0 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type C source, ASCII text, with very long lines (42367), with no line terminators Size 14 kB (14041 bytes) Hash e2c1209fa034e82830b27b2c7e00a7dc 0a3057e56de2d45bee9443afba1823ce0629f199 ea6ad99d1789576a76dcb7c3d970a1fb9c81b4b0c493eafc64023b85686a2bcd HTTP Headers GET /pfe/current/micro.tag.min.js?z=4842621&sw=/sw/sw4842621.js&var=3956710&var_3=688622749352206570&var_4=null&ymid=5996995&cdn=1&domain=laugoust.com&ab2_ttl=5184000000 HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: W/"6478a1ef-a57f" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOl2xANa31%2FC%2F1pnhQJn0KPuOqUi4uDZykYRE2VMFEMYeUJUh%2FPwZnhsXM892SNkKYX0tISK81HQCyvhJw0NotILQCS0hCwxp%2F6eGs%2BhUp3VpdMBU%2F0Kjpa%2Fbl%2F96eRBcyDe4Js%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b92dafeb4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js	142.250.74.35	200 OK	166 kB
URL GET HTTP/2 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5 ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT File type ASCII text, with very long lines (660) Size 166 kB (166449 bytes) Hash 95a32a4d8f8be968bc15d6ab9b9491d1 fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015 a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981 HTTP Headers `GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://erailsiwsurvey.top DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 166449 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 02 Jun 2023 13:27:11 GMT expires: Sat, 01 Jun 2024 13:27:11 GMT cache-control: public, max-age=31536000 last-modified: Mon, 22 May 2023 20:58:33 GMT content-type: text/javascript vary: Accept-Encoding age: 31593 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash a94a6bf69a5bda20a5a497cff9a93636 fa3de38b0755fc024d6d35dfd833ac95eb79a5f3 64a989eaabc52262e244b627bbc4efd123a8079b8d2499f2f7cf80fa914c801e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 02 Jun 2023 22:13:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	erailsiwsurvey.top/js/config/comments/en.json	104.21.55.218	200 OK	4.8 kB
URL GET HTTP/3 erailsiwsurvey.top/js/config/comments/en.json IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type JSON data\012- , Unicode text, UTF-8 text Size 4.8 kB (4785 bytes) Hash 01c72c627a3038e7869405d68e78ab48 c4542fe77a2753163565ba73f8370585611e4359 3f9a0e2b1e418607c88ef2c2c52f7c8eac9c93d5f10409719b9d8f12b3745c40 HTTP Headers `GET /js/config/comments/en.json HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/json last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: W/"6478a1ef-11ad" strict-transport-security: max-age=1 x-content-type-options: nosniff cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTuvrnofRkMFd08sMpJS%2FkUm4Di8B%2F86hWkY7WgVoDubqJJ1mALRnzhVBvjbs9qOPeWHumQjT43beuqAIoYVhx4UZ7IQsgpF3GgopjkXFYXGcqmwNzIm3m1%2F10%2BUIWSGgiZXDvY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b947ce3b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	cdntechone.com/stattag.js	104.21.29.183	200 OK	7.2 kB
URL GET HTTP/2 cdntechone.com/stattag.js IP 104.21.29.183:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29 ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT File type ASCII text, with very long lines (17871) Size 7.2 kB (7227 bytes) Hash 0fdff67feab23cc69ecfb6800fc54cb7 eb84c650e6d27e290795207b1f37dd7b67f2aa06 456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378 HTTP Headers `GET /stattag.js HTTP/1.1 Host: cdntechone.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript last-modified: Fri, 19 May 2023 08:43:53 GMT etag: W/"646736c9-4859" link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin cache-control: max-age=14400 cf-cache-status: HIT age: 647 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuVApl3q%2FtoIO00Zj0Y0RH76FlxyPJtxqFghA50dQKiyNjqJNd7S74gksJiqeIZru%2B%2FnMzcOZ5E8DIhtwG1uNxOQnQQ0vZ4%2B9%2FF7g7JWJaKlhOrK1wdcPFq%2BeBomlYcK1g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d130b9489a8b4f7-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	my.rtmark.net/img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60	139.45.195.8		43 B
URL my.rtmark.net/img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 IP 139.45.195.8:0 ASN #9002 RETN Limited Certificate IssuerLet's Encrypt Subjectrtmark.net Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80 ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash b4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 HTTP Headers `POST /img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null DNT: 1 Connection: keep-alive Cookie: ID=a376fb947e9f4a04a8660dc00d759df6 Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 TE: trailers` HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 22:13:59 GMT content-type: image/gif content-length: 43 access-control-allow-origin: null access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=a376fb947e9f4a04a8660dc00d759df6; expires=Sat, 01 Jun 2024 22:13:59 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2

	datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a	37.48.68.71	200 OK	12 B
URL POST HTTP/1.1 datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a IP 37.48.68.71:443 ASN #60781 LeaseWeb Netherlands B.V. Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerSectigo Limited Subjectdatatechonert.com Fingerprint6F:17:15:C2:7F:CC:16:6C:9D:C0:AD:C3:EE:DA:69:61:8C:77:0B:5B ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT File type troff or preprocessor input, ASCII text, with no line terminators Size 12 B (12 bytes) Hash 6949f52318584a4b51c719a9b84a7287 9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905 72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375 HTTP Headers `POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1 Host: datatechonert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 1532 Origin: https://erailsiwsurvey.top DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.19.10 Date: Fri, 02 Jun 2023 22:13:44 GMT Content-Type: application/json; charset=utf-8 Content-Length: 12 Connection: keep-alive Access-Control-Allow-Origin: https://erailsiwsurvey.top Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Access-Control-Allow-Credentials: true`

	erailsiwsurvey.top/js/v-redux-toolkit.esm.js.b2bedd2f.js	104.21.55.218	200 OK	11 kB
URL GET HTTP/3 erailsiwsurvey.top/js/v-redux-toolkit.esm.js.b2bedd2f.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (11317), with no line terminators Size 11 kB (11317 bytes) Hash ac9121dfc38a96f9146a7121ce322045 06ccd82f9b12b0e28763513da15d61fce4b9197b 2994e8f29a919a18deb772d218fe3fb77e45df892ae6512d448f8d862e2b3a71 HTTP Headers `GET /js/v-redux-toolkit.esm.js.b2bedd2f.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-2c35" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3eMq%2FNoyq55wfrx3FEEF6d6o5K0JyXTpWp9155Uu9U18DmEdcs%2BMfNMQFFlrgy1emQrMf0666GZD05hVnrNjH1l4YTBJa1bu2eh209iInHJYeyUgteCWm6P4AbofQKTMtU7Fbk%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b932b86b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/favicon.ico	104.21.55.218	200 OK	1.2 kB
URL GET HTTP/3 erailsiwsurvey.top/favicon.ico IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size 1.2 kB (1150 bytes) Hash 668ba1a9fa1890ba16cb8adc28d3dad8 5e35223b2541265114eaf61b9da2556c812fea17 7746cf1b553433822522f2dc432f55fe64eee1f1cf823ef6adfde02e58e1d7e2 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1; finance_ID=c7c5ce45aeb1e27e6a6e80acf02f4e58 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/x-icon last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: W/"6478a1ef-47e" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 1723 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhXB4L4%2BFidKL47PL1FvRiGJmKUxVPJZt0wZ%2FRtyH7AYUujc1upbCsvLEHkN54Nl75qsgLoYfpd9oN08RTgnK0EbDu%2Fo356GuBbS%2BvW7jlvUNAILmKn3Q2tfZT2YMrQVsI%2F2fWM%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b98bb56b51b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/sw/sw4842423.js?var=3956710&var_3=688622749352206570&var_4=null&ymid=5996995&ab2_ttl=5184000000	104.21.55.218	200 OK	1.3 kB
URL GET HTTP/3 erailsiwsurvey.top/sw/sw4842423.js?var=3956710&var_3=688622749352206570&var_4=null&ymid=5996995&ab2_ttl=5184000000 IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (1381), with no line terminators Size 1.3 kB (1321 bytes) Hash c21b76d8c5cc98d28e2ded4d7182cfb3 615a50d523a68a9b87e50715c88671e6b70e2868 ce15252772a764d35cbda3d5faeeb3c3e190ed7c4a1c56f75b0997666ad44322 HTTP Headers GET /sw/sw4842423.js?var=3956710&var_3=688622749352206570&var_4=null&ymid=5996995&ab2_ttl=5184000000 HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Moz: prefetch DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1; finance_ID=c7c5ce45aeb1e27e6a6e80acf02f4e58 Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: application/javascript last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: W/"6478a1ef-529" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQxYpGXKVGF8Ws7htU6tvEbDwoKicLxhpi7Yr%2FpGEp3zUwbv5VLX496yoDSAGJ%2Bwu1hoVWD5L1Ki42uOHqhmyseUGmbPrnxxgaGS9%2BM6JGEwNh3sHuDY34CvYL7xP%2BYiRWSRNNY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b9a2db0b51b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2	104.21.55.218	200 OK	4.7 kB
URL User Request GET HTTP/3 erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4929), with no line terminators Size 4.7 kB (4701 bytes) Hash 26de6480612297db791b37fc60de79ee 782348fe6a88d506c1e6de65a586c0ac6a2ec34d b9f53a6b7ddb29070ed1bdf87f44f45126cee362599b1049f4aa3edad01194d3 HTTP Headers GET /survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: text/html last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding strict-transport-security: max-age=1 x-content-type-options: nosniff cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUIGdbovSrT6csvOf%2FTi9jWjwDoRalewv26jAdxhOylbqHThx0K%2F4bSzN%2Fx5bMdmuJxZMBCeNkZunzR1rGIwmP0otIzf%2BfTSY8eSrvdYMaj8ru7xL4TbMG1%2Fwpe%2FZCNfKo6vkUQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b925a3cb4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/css/_core-survey.26c0898c.css	104.21.55.218	200 OK	3.2 kB
URL GET HTTP/3 erailsiwsurvey.top/css/_core-survey.26c0898c.css IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (3187), with no line terminators Size 3.2 kB (3187 bytes) Hash 2e6143d07cb0a0273cd0fded0cd7b430 4853285adf3a468cc8a42b1c6f17d8353cfef896 f2690b871425a66071365ba5be475a5089e8074dbdab7df95a71bbee62e2f5fb HTTP Headers `GET /css/_core-survey.26c0898c.css HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: text/css cf-bgj: minify cf-polished: origSize=3194 etag: W/"6478a1ef-c7a" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqxZub5XPf7WI8rIR3f%2FNG%2FvGcZwKHrOgHl25oq3mweuqTAIdOQOPsxGMlylSQpcTaEPG3D5YFzZA%2BwKU0d9Y4ZjeDh1vKnuPljlJfWnJHS%2B2HEPvyrZ%2F8qXDCqDUCNsWZ3maus%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b933ba0b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-2.png	104.21.55.218	200 OK	6.4 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-2.png IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data Size 6.4 kB (6428 bytes) Hash 3e6eaea87b2891590972dd11373b09a3 f038c6e6306ca708defa2b601bf9477f0cf78a3d 15aadd2e7f4f83e79f35e760da382fb8b5045d2cf506f531bdc15b7b27f699a5 HTTP Headers `GET /img/comments/person-2.png HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/png content-length: 6428 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-191c" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3698 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRTwQHBeN%2F2gTqAXlZd0oaPM%2FZ27hkKt6OgYVENhuduQxJjZ89353fOTOwu3V9OyDXaD%2BKr85HJHUOvHmsJBKRxaQFuk0oQlOQot8Tm6ImKMtIgmZt2zZXPA4RNfJJ1vDCCL6YQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b97193bb51b-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/js/v-immer.esm.mjs.28802142.js	104.21.55.218	200 OK	10 kB
URL GET HTTP/3 erailsiwsurvey.top/js/v-immer.esm.mjs.28802142.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (10496), with no line terminators Size 10 kB (10496 bytes) Hash 18f8b1a5408bb552103bab2a9e5cba70 72ba4dd83f4e85a45017492cd8ceedceabcc7587 1fce72cc05122f77f6dfd7ddb9fd43853cc9ee2d3cda9478afafcd48388e122d HTTP Headers `GET /js/v-immer.esm.mjs.28802142.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-2900" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBXiRYu2gUMBQAUvnnUJV2E7FZQCZylvm3RQitBW13oVaIJGFt9PqB4l9gWFvIM2mvQIoJVonlfFOCbfaUH%2FU1notxm%2BcwI7bmX%2F9AbNJXJlidjWWFaBjNOZmvNZz2%2FCtlibGjE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b933b8fb4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-6.jpg	104.21.55.218	200 OK	4.4 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-6.jpg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Size 4.4 kB (4392 bytes) Hash be9ff88491a5bc0745579a3813eb2cbe 870f88a7fae9fdd928af33f47c5ffdddc6a4082b 698d413ddf6b2ec37acf0e982237d239bd912cb097e243cb355855ac2b8548d3 HTTP Headers `GET /img/comments/person-6.jpg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/jpeg content-length: 4392 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-1128" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3698 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hnkPh8plQiyuDZzOmfh3SP4QgmrTMWQ%2F%2BQTfoTmiZjj8b8JSMGjS5L4L5BrUJ3a%2FBh5OlkKeS2neuqx%2FOrKBcFQWyGtVz%2F2CN2XQCivWVFF%2BpUvaI64R59agRmNQZmdqaI18Y0%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b97193fb51b-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/js/v-index.js.a18034f4.js	104.21.55.218	200 OK	40 kB
URL GET HTTP/3 erailsiwsurvey.top/js/v-index.js.a18034f4.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (40296), with no line terminators Size 40 kB (40296 bytes) Hash 3698267f8797b04e520279c94f8e0805 6d3badcf82c2faa17f61efdc44beff2267fa84e4 fe3a9cbf06b7238b24211ed6af8cf947aa8fcfbd0d6a81601993639a48431f20 HTTP Headers `GET /js/v-index.js.a18034f4.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-9d68" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QP6XiAYS31VM7CLGB%2FPgNklUOAyKnq%2F65w%2BDb%2BHXGMf83gOhH2bnsdjwcJxG8NIUEi27btikMcjYROdXeFgqxzSJnOeGOld3K1zqF%2F9HBooDI3IMvDeP0UEy2p4Li0uJMNXTjao%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b932b82b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/js/v-index.mjs.7a6f6513.js	104.21.55.218	200 OK	35 kB
URL GET HTTP/3 erailsiwsurvey.top/js/v-index.mjs.7a6f6513.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (35051), with no line terminators Size 35 kB (35051 bytes) Hash 9f7ddd785647e7de7ff506bbe6ec7ca7 b04873210640ef785259fb4405f01c5e6f96d5a2 10338634d2cfa9fec434ea07a265687bf552d382e11b107d7afe649c05ac5627 HTTP Headers `GET /js/v-index.mjs.7a6f6513.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-88eb" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTA02r9A7%2B2VTSvtZbfTu1qfbzxb0sMnCYUsOmkomI5PWzJ1lLdMqvofH6R9HeuGELnwAjceQTdsMr72BkAXy8JqEQkyUDUnAqTIwy2EOwMv3WiB0bv4X9PmLB1q2sZmfN3Ur%2B8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b933b8db4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/js/v-react-dom.production.min.js.708dd72a.js	104.21.55.218	200 OK	129 kB
URL GET HTTP/3 erailsiwsurvey.top/js/v-react-dom.production.min.js.708dd72a.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 129 kB (129259 bytes) Hash bf59e2beec56bd492cd1247c25672598 4af373f2ad8d7a2bda18232ab4740abdea6ecb7c 04853b2a6175aa975ebe4d756699da4d7a9a156fef4895cf65b53c8fdf6c1389 HTTP Headers `GET /js/v-react-dom.production.min.js.708dd72a.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-1f8eb" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJWJL1FT7%2Fa7ZfeF5M%2BEATpxykYE79wxBKnaVznrcKuO4FgDgSgv9fVO%2FM74UmZ97QQ2XHMexrTDncb9m91vOgB1JVjhegpeeTMfrzLR51JTxRA8buGXUSARnvJNw81BdB%2BZrzY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b933b90b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/js/config/dict/cookie-consent-1.json?v=10	104.21.55.218	200 OK	6.8 kB
URL GET HTTP/3 erailsiwsurvey.top/js/config/dict/cookie-consent-1.json?v=10 IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (6009), with no line terminators Size 6.8 kB (6757 bytes) Hash 4b2ff958e811a50d2f641818590b443d 6abae297812bb55fad869e953e7fdf7469cbe1ae 9c77a5f3d0028d9ba122ed15728ee7b144619431f8302503a19c5785ddaa06b8 HTTP Headers `GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/json last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: W/"6478a1ef-1a65" strict-transport-security: max-age=1 x-content-type-options: nosniff cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXLDVP0htUparkbbV1PAdD8nRMD21UhIOPKVT7HSgLVwQmFc4FfYOcY7s6DFy8opFSe9HwMNw27S2Hcl4aFLKVDUWKZr0OWuvaHM3H1xHtafsMpupF58PMQV0FdwtGcyZuJFXwc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b942c92b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/js/survey.36a8ba6b.js	104.21.55.218	200 OK	5.4 kB
URL GET HTTP/3 erailsiwsurvey.top/js/survey.36a8ba6b.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type ASCII text, with very long lines (5583), with no line terminators Size 5.4 kB (5437 bytes) Hash 50480142d122fd3d853c7ae77245aaf2 93f28b44c66ae17c5201343832958535f02d226e fc9e514e06e0e2e1a7c57d979bfb0ef8a5fe6978161c61570121c87ceda4adee HTTP Headers `GET /js/survey.36a8ba6b.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-153d" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxZjJJHsWSuqu4aVNzdnU4YECD2lpErBEDRk%2FQnAwUfY4SodkIvjmlDZuhfAya1oISLbvGYQeFsK%2BComTE8aUshq5HfODEcbxCyUMtxXG5fNiAlrueH6aVqSSHhKzcHV2MOm5jg%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b933b93b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	laugoust.com/zone?&pub=0&zone_id=4842423&is_mobile=false&domain=erailsiwsurvey.top&var=3956710&ymid=5996995&var_3=688622749352206570&var_4=null&dsig=&action=prerequest	139.45.197.250	200 OK	0 B
URL POST HTTP/2 laugoust.com/zone?&pub=0&zone_id=4842423&is_mobile=false&domain=erailsiwsurvey.top&var=3956710&ymid=5996995&var_3=688622749352206570&var_4=null&dsig=&action=prerequest IP 139.45.197.250:443 ASN #9002 RETN Limited Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerLet's Encrypt Subjectlaugoust.com Fingerprint99:7C:6B:09:6A:A1:BC:70:53:D5:2F:97:56:F3:C0:A5:06:9F:80:C9 ValiditySun, 19 Mar 2023 05:11:02 GMT - Sat, 17 Jun 2023 05:11:01 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /zone?&pub=0&zone_id=4842423&is_mobile=false&domain=erailsiwsurvey.top&var=3956710&ymid=5996995&var_3=688622749352206570&var_4=null&dsig=&action=prerequest HTTP/1.1 Host: laugoust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0` `HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 22:13:44 GMT content-length: 0 x-trace-id: 0c6dac524e14ceff2bd30de1728e2de0 access-control-allow-origin: null access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=1 x-content-type-options: nosniff X-Firefox-Spdy: h2`

	erailsiwsurvey.top/js/_core-survey.2e2c57dd.js	104.21.55.218	200 OK	230 kB
URL GET HTTP/3 erailsiwsurvey.top/js/_core-survey.2e2c57dd.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type Size 230 kB (229458 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /js/_core-survey.2e2c57dd.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-38052" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jD3FCBE4AJM1GN2UryglXfKSTsh99Pony8m61vscPnEz9UL1Gib%2FuStmVJE7klk9ptUydgW%2Fu32y0RosvjqCOdqE6mFv%2BRdxbLjtiM34uRe7sllRBH7qf0%2FWD0LkTfag69HnBtU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b933b91b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	offpichuan.com/rotate?zz=4292525;4326653;5128285;4949467;5381241;5381316;5381339;5381332;5381307;5381330&var=3956710&ymid=5996995	139.45.197.237	200 OK	4.6 kB
URL GET HTTP/2 offpichuan.com/rotate?zz=4292525;4326653;5128285;4949467;5381241;5381316;5381339;5381332;5381307;5381330&var=3956710&ymid=5996995 IP 139.45.197.237:443 ASN #9002 RETN Limited Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerLet's Encrypt Subjectoffpichuan.com FingerprintDF:FD:C9:DF:54:1F:F8:D0:EB:70:9D:22:14:AB:31:A4:CA:18:1D:AE ValidityThu, 30 Mar 2023 21:17:15 GMT - Wed, 28 Jun 2023 21:17:14 GMT File type troff or preprocessor input, ASCII text, with very long lines (4685), with no line terminators Size 4.6 kB (4633 bytes) Hash de1d469208224fd13c8d1a1bb145e089 73e0645145bb078ec7cb8400319bf182efdf7dd3 696d5edeca7cdc0d11d9b5ddf122cc3dc409d5578e08ae2d9a2c4f7ea87be766 HTTP Headers `GET /rotate?zz=4292525;4326653;5128285;4949467;5381241;5381316;5381339;5381332;5381307;5381330&var=3956710&ymid=5996995 HTTP/1.1 Host: offpichuan.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://erailsiwsurvey.top DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 22:13:44 GMT content-type: application/javascript x-trace-id: 9abbcda9f5c6c4fac507c34816b429aa cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 pragma: no-cache expires: Tue, 11 Jan 1994 10:00:00 GMT vary: Origin access-control-allow-origin: https://erailsiwsurvey.top access-control-expose-headers: Link access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding set-cookie: OAID=ef4f4067e2034c51a4276446008b6c1e; expires=Sat, 01 Jun 2024 22:13:44 GMT; path=/; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , content-encoding: gzip X-Firefox-Spdy: h2

	erailsiwsurvey.top/img/comments/person-3.png	104.21.55.218	200 OK	7.4 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-3.png IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data Size 7.4 kB (7368 bytes) Hash 2f62e53b6333bc904be22a37a1fd0ace 6e972fefcbe0193d9b28817c47c1ceab2a0235d1 9128194f1b1bf44435a3e80f994157b94a40a3365cd8f0794dcadb41a24c3b41 HTTP Headers `GET /img/comments/person-3.png HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/png content-length: 7368 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-1cc8" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iI4DQhacc4khfhlvvQ2KdUnGKFroAO3jLnpF91C8%2BDuwnH4n8ERnIn5nnz1wB33EQwZ737vhvwp4%2Blttz624txW7FmlcWvsBc7UMf63OJzA82dSbR2Um%2FnnEmoWHfNh1w6RCQPU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b97193db51b-OSL alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-5.jpg	104.21.55.218	200 OK	4.3 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-5.jpg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Size 4.3 kB (4333 bytes) Hash 21fd6ef6d69b527c02e92a8c23d28d52 5980b75edc23f7fa2f57fa257cb67c9efb86fa58 f37490dbef620959d7124e3de027c5b5c43a57dc90737163947a6725444051eb HTTP Headers `GET /img/comments/person-5.jpg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/jpeg content-length: 4333 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-10ed" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqK1SW3h6bpvyZjzV1lyglTvDSCdH5tG4PAwVMs6kJ5LphSiLvMXUxngymcFrf%2BRv1swUDNeeJ4yI0pUOr9ffkOS%2Fw5VmedjoHkoG6P9UyilOa%2Fg01tns3PDZA%2B56yst3ZF7Ew8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b971942b51b-OSL alt-svc: h3=":443"; ma=86400

	www.google.com/recaptcha/api.js?render=explicit&hl=en	216.58.211.4	200 OK	852 B
URL GET HTTP/2 www.google.com/recaptcha/api.js?render=explicit&hl=en IP 216.58.211.4:443 ASN #15169 GOOGLE Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT File type ASCII text, with very long lines (852), with no line terminators Size 852 B (852 bytes) Hash 6eb227f49545693ff09e7e868952f4af dc2cfcf4a5d33b127c8c5d18dbe577c1e690dfa9 0a22aef6916a4504fc4c1b3f83cf9ad8dec879e875888b7598ee8edde393d86d HTTP Headers `GET /recaptcha/api.js?render=explicit&hl=en HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK expires: Fri, 02 Jun 2023 22:13:43 GMT date: Fri, 02 Jun 2023 22:13:43 GMT cache-control: private, max-age=300 content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block content-length: 556 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	erailsiwsurvey.top/img/comments/person-2.png	0.0.0.0		0 B
URL GET erailsiwsurvey.top/img/comments/person-2.png IP 0.0.0.0:0 ASN #0 Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /img/comments/person-2.png HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache`

	erailsiwsurvey.top/js/s-storageService.js.2dc48dda.js	104.21.55.218	200 OK	2.6 kB
URL GET HTTP/3 erailsiwsurvey.top/js/s-storageService.js.2dc48dda.js IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type troff or preprocessor input, ASCII text, with very long lines (2624), with no line terminators Size 2.6 kB (2572 bytes) Hash ff4c29feda7e805fa2b689efdf355178 ad1d6d3e48fb9a19ce34d18fd6c22b19b9ea5756 12e747466a5ee2ebcc49ebf0696d383095bfe881bfc339283c24a3cdb039f509 HTTP Headers `GET /js/s-storageService.js.2dc48dda.js HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:43 GMT content-type: application/javascript cf-bgj: minify etag: W/"6478a1ef-a0c" last-modified: Thu, 01 Jun 2023 13:49:35 GMT strict-transport-security: max-age=1 vary: Accept-Encoding x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3697 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwY1Afhnt85DtmL1t9d7L12pL5mQLKPhvFbnQtfuNbc%2FqSeWxlyzWH5c3TobUNkCxO6AaGJjZDOFe61HukVN5kvvBHTDDb%2FH2he7cc1lV9Cb9UVlxxm8Tk7nsV7Q57zsqLdeGyA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b932b80b4ff-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	erailsiwsurvey.top/img/comments/person-12.jpeg	104.21.55.218	200 OK	3.5 kB
URL GET HTTP/3 erailsiwsurvey.top/img/comments/person-12.jpeg IP 104.21.55.218:443 ASN #13335 CLOUDFLARENET Requested by https://erailsiwsurvey.top/survey.html?offer_id=1916&geo=NO&oaid=15673b4b4d414d468b67a3852a16a90e&s=688622749352206570&z=3956710&var=5996995&testinapp=&autoexit_86400=3953544&utm_campaign=5996995&utm_medium=3956710&utm_content=zd_public_v2 Certificate IssuerGoogle Trust Services LLC Subjecterailsiwsurvey.top Fingerprint96:36:B7:B4:69:65:04:6B:5C:B3:4F:DD:F0:5F:BA:2D:80:2D:91:FD ValidityFri, 19 May 2023 17:30:27 GMT - Thu, 17 Aug 2023 17:30:26 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Size 3.5 kB (3519 bytes) Hash c937339f4ba54ff7dc150b9865c29084 44206828ca23cbed303193bde1dfe47bdc532972 8e872daac17de58d352c9f4082e6e35af76a8b2138c142a8cf0fbacea195c73e HTTP Headers `GET /img/comments/person-12.jpeg HTTP/1.1 Host: erailsiwsurvey.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: isCookieSyncABTest=0; loaded-page=1; finance_ID=c7c5ce45aeb1e27e6a6e80acf02f4e58 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 22:13:44 GMT content-type: image/jpeg content-length: 3519 last-modified: Thu, 01 Jun 2023 13:49:35 GMT vary: Accept-Encoding etag: "6478a1ef-dbf" strict-transport-security: max-age=1 x-content-type-options: nosniff cache-control: max-age=1800 cf-cache-status: HIT age: 3698 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oD93bE3asaPMD7AqRLT5QHKqS%2Fd3EnCAzX4sU1UYpCOIcPpBvyV3N%2BWXCItJPU6jJFddjqamHAbiIbaSIxG0VUuksme3C%2B0VEZhv%2FXFaXdNeRm2bSHJCLonk42wgCn6fUfHaKsc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d130b971945b51b-OSL alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML