| manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2lng1t56jk0cd | 172.67.192.143 | 301 Moved Permanently | 0 B |
URL HTTP/1.1manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2lng1t56jk0cd IP172.67.192.143:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2lng1t56jk0cd HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 04:57:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 30 Nov 2022 05:57:03 GMT
Location: https://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2lng1t56jk0cd
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZI71KcOY5CBsU3EaSS%2BySryB83%2BtY54Zi%2FmG98UynqYAW225yDmPw36dykY9tjlwmnQzAJi3BpWna7zd1XOmyDiyGzzSEIkfBmqb2aKP1B6MaeGDRXaPPRSo9nKevrmw3AjqA18%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772100076bc8fabc-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasha5daf4dc99951793ae2315d4795e8146 4427507ca4d3a5632cc8f598afbc85e2195d00bd 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7579
Expires: Wed, 30 Nov 2022 07:03:23 GMT
Date: Wed, 30 Nov 2022 04:57:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash6d9d34c96b9a826ae5676640c966469c 8052a16d41a637e420478b7de1ff5a2dc951fccd f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4748
Expires: Wed, 30 Nov 2022 06:16:12 GMT
Date: Wed, 30 Nov 2022 04:57:04 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash4ed065cb23b5fca1a179dd73b3c5b7b2 4422eb24688f5e056fc1b18b127c7f63b1dbf5e0 b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2122
Cache-Control: max-age=108569
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:57:04 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:06:33 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6eheBDc+d6u4dxWITVO72/bYKEjHI+HeaMF9/lTbflatAYXmOH4P/ognjEZp0GtAS0vq1/x1UiY=
x-amz-request-id: XVEZ49YAXFDFTS7W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 04:45:05 GMT
age: 719
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 04:19:39 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2245
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:57:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 04:11:13 GMT
cache-control: public,max-age=3600
age: 2751
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 344 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash408f03f4f6d952d331f7b682f15430f9 b10fc508462c0fad4790e2ddf5b3f939ac2d4ab1 667be15e31dda945f8ba966a3276fcd64aeef872f2acc3bf5621f213c9588a5a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "667BE15E31DDA945F8BA966A3276FCD64AEEF872F2ACC3BF5621F213C9588A5A"
Last-Modified: Tue, 29 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Wed, 30 Nov 2022 10:56:44 GMT
Date: Wed, 30 Nov 2022 04:57:04 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash3c8c689bd654417640d85f3da51af313 85123b6d46230a23d03768bf304b386e5d301305 516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2101
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:57:04 GMT
Etag: "6385cba8-1d7"
Last-Modified: Wed, 30 Nov 2022 04:22:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 344 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash408f03f4f6d952d331f7b682f15430f9 b10fc508462c0fad4790e2ddf5b3f939ac2d4ab1 667be15e31dda945f8ba966a3276fcd64aeef872f2acc3bf5621f213c9588a5a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "667BE15E31DDA945F8BA966A3276FCD64AEEF872F2ACC3BF5621F213C9588A5A"
Last-Modified: Tue, 29 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Wed, 30 Nov 2022 10:56:44 GMT
Date: Wed, 30 Nov 2022 04:57:04 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 35.163.49.154 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.163.49.154:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9Fzl0umCle7Eata/DPU77Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jKUAWah8Y+0DT2V0fDymP/03KuE=
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash8744b420a10a2cf35bc5877b2dff9302 bf5ad501ac3e36bbed35695b59eced04d380b596 455bda3629e55c1730a67d5d82c68e4001f78f8019a755178225624e16076e80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "455BDA3629E55C1730A67D5D82C68E4001F78F8019A755178225624E16076E80"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11374
Expires: Wed, 30 Nov 2022 08:06:39 GMT
Date: Wed, 30 Nov 2022 04:57:05 GMT
Connection: keep-alive
|
|
| my.rtmark.net/gid.js | 139.45.195.8 | 200 OK | 4.1 kB |
IP139.45.195.8:0
Hasha42f47e6f7ba6831f1edfdabe6275d7d a54f4706a0fc7afafc362c651fa795d6c15a7ef5 e64f6bfa15570d39c6907553a5ea80713f2d85f94dd0ee3d905eabe247c048c5
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:57:05 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9033e5a050e14f5e8c5d934d14c8287a; expires=Thu, 30 Nov 2023 04:57:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashe2bbb16daf0066fd0e4fb1ad6b36aaa7 ee9b7c25b368da7bc78a1628d3b7f94b34871c2f b1a63ddf2500dcc3151c6c58d29b3d124d6e21daf0864df70cd7ab7d25171f4a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B1A63DDF2500DCC3151C6C58D29B3D124D6E21DAF0864DF70CD7AB7D25171F4A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7417
Expires: Wed, 30 Nov 2022 07:00:42 GMT
Date: Wed, 30 Nov 2022 04:57:05 GMT
Connection: keep-alive
|
|
| manylucksurvey.top/js/each-land-config.92a8433c.js | 104.21.44.8 | 200 OK | 26 kB |
URL HTTP/2manylucksurvey.top/js/each-land-config.92a8433c.js IP104.21.44.8:0
File typeASCII text, with very long lines (65536), with no line terminators Hashce15005038d8e0c4b14a3e4c4ef35392 2cdf1f6492e8df3c199f3a6d48d51d6923ecefe7 dcb76251dad7c5738309c5b62db342d22efa2ca84fb8c3fca93b5df0b9558974
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/each-land-config.92a8433c.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:57:04 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 12:45:15 GMT
vary: Accept-Encoding
etag: W/"6385fedb-12a97"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXiNvOtPJje%2F1o%2BfoE77F0rQwrsDDUkcvzgAgm%2BDb23npdVBJwYXWWkzSU%2FLE5cCwlj2nsVNYO01xK4P8q4Cqc78gbWceJm4E%2B%2B%2BdczHoXxsbffoLL4HmGLMndV5eobIdzZKcCI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7721000d38f90b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| itcleffaom.com/track?offer_id=2755&z=4526262&request_var=1&variable2=2lng1t56jk0cd | 139.45.197.237 | 200 OK | 148 B |
URL HTTP/2itcleffaom.com/track?offer_id=2755&z=4526262&request_var=1&variable2=2lng1t56jk0cd IP139.45.197.237:0
File typeJSON data\012- , ASCII text, with no line terminators Hash673cfa6261713c037f5e6d0d8cebc7e5 3fa4ef98e3409901f9d51f1bd651a130506aed6b 546d54b13b6ae34900ec662401d1df42e740d9bc40c24cca29863414f9affe39
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /track?offer_id=2755&z=4526262&request_var=1&variable2=2lng1t56jk0cd HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:57:05 GMT
content-type: application/json
content-length: 148
x-trace-id: c36d3009694850c65af33f5eec547786
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| itcleffaom.com/rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5428259;5426182&var=4526262&ymid=1&uid=9033e5a050e14f5e8c5d934d14c8287a | 139.45.197.237 | 200 OK | 2.5 kB |
URL HTTP/2itcleffaom.com/rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5428259;5426182&var=4526262&ymid=1&uid=9033e5a050e14f5e8c5d934d14c8287a IP139.45.197.237:0
Hash24212feb814504af4130710a321dbc34 da9928d58137f7ec82b55f0b68be6de32bd76c14 343bda7409f0a1f2db6b51593401d35b8193d6554498b4a17c2eed3c08a26981
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5428259;5426182&var=4526262&ymid=1&uid=9033e5a050e14f5e8c5d934d14c8287a HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:57:05 GMT
content-type: application/javascript
x-trace-id: 87a706d0c9c5d073cac6773e032a2f4e
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://manylucksurvey.top
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=9033e5a050e14f5e8c5d934d14c8287a; expires=Thu, 30 Nov 2023 04:57:05 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash3254f7c878d1f52f6503bf5b5b01b8fa 9061a49e98763ce6261db1792944ddd73a63ae03 ec1dace4e9720c35cdaecc0b552c805852d307eedbd02c06e9f3642facd4b3d3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EC1DACE4E9720C35CDAECC0B552C805852D307EEDBD02C06E9F3642FACD4B3D3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11679
Expires: Wed, 30 Nov 2022 08:11:44 GMT
Date: Wed, 30 Nov 2022 04:57:05 GMT
Connection: keep-alive
|
|
| cdntechone.com/stattag.js | 188.114.97.1 | 200 OK | 6.2 kB |
URL HTTP/2cdntechone.com/stattag.js IP188.114.97.1:0
File typeASCII text, with very long lines (12932), with no line terminators Hash5cec3b480a808bc28579e558b1ccb33d c961e934dbd68e13d90f771ab5504ec0f7904e89 be46578415a0fbf31231e5122a4b8e5509a85074aff7e8d8abf1b6feaee8290b
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:57:05 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2316
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58lYet6iSvqII9fLYcu3I8lUqE6SVIh%2BzqcyhxpOA2AVcEuOg3iiCd%2BHUWVwgeOjPp4jIFxmAOnTGtYwf739ExwW%2F3ueUruiVLdHi7qjNiwxWSiDJLb3mVopEMc1q5ITkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772100130bb70b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/metrika/tag.js | 77.88.21.119 | 200 OK | 73 kB |
URL HTTP/2mc.yandex.ru/metrika/tag.js IP77.88.21.119:0
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (587) Hash1d79426653c3b55939eaec59a2ce8ef5 c6db0314df7a4e5c08047f6306e0b79a1ad3bab2 2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73267
date: Wed, 30 Nov 2022 04:57:05 GMT
access-control-allow-origin: *
etag: "6384bff1-11e33"
expires: Wed, 30 Nov 2022 05:57:05 GMT
last-modified: Mon, 28 Nov 2022 17:04:33 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hash081f27e87b02fb79b3453a116e731959 03e52819d86a0fa523e77ed24126e76e5369bd21 10283df9fce094267720532246e9d80b3c2061425f657497652e71de4c95de06
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:57:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 01:33:19 GMT
Expires: Tue, 06 Dec 2022 01:33:18 GMT
Etag: "03e52819d86a0fa523e77ed24126e76e5369bd21"
Cache-Control: max-age=505572,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772100140b25b511-OSL
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a | 139.45.195.253 | 200 OK | 702 B |
URL HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a IP139.45.195.253:0
Hash0092372b471c057c54dac2b76622dcba ce81cb4e8f0889a5db21a12207f0655bf2e8d0bd a8e1cf3eaa37fc7de9f45bb5dc7722d489130b374488186bd5280b7b07d6387d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1007
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 30 Nov 2022 04:57:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://manylucksurvey.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| manylucksurvey.top/js/v-utils.js.05f5c072.js | 104.21.44.8 | 200 OK | 3.3 kB |
URL HTTP/2manylucksurvey.top/js/v-utils.js.05f5c072.js IP104.21.44.8:0
File typeASCII text, with very long lines (7119), with no line terminators Hash2054a0b45238ba21336a79b2d9d4a43d 0b2119d285eb4202b5ac2886b30aafab3b445563 d95be03114ba1bca29c791fe4f916af49c9174a13acdc4b301d09829c1b65d46
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-utils.js.05f5c072.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:57:04 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 12:45:15 GMT
vary: Accept-Encoding
etag: W/"6385fedb-1bcf"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3df8WYgYH5QwjYMS%2FvxejVKKRw4ZG%2FB4%2Fx2TbC7DxFAfS3Cr0NfT6v2oZjEV%2Fr1keE%2BEEFH7bkOQRsnr09UnYs%2BwNh%2F8EjLOKcgda3CemJMRBGy%2BVMsJ%2BgsA%2FeOIWle9CC6jQI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7721000d38f50b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A230%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A176601312%3Arqn%3A1%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C75%2C0%2C%2C0%2C%2C123%2C2%2C%2C%2C%2C260%3Ans%3A1669784223927%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) | 77.88.21.119 | 302 Found | 400 B |
URL HTTP/2mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A230%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A176601312%3Arqn%3A1%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C75%2C0%2C%2C0%2C%2C123%2C2%2C%2C%2C%2C260%3Ans%3A1669784223927%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) IP77.88.21.119:0
File typeJSON data\012- , ASCII text, with very long lines (400), with no line terminators Hash0696b945d8754ee70f61cc37af4c5a18 dc0a6c2f34d599bb865807cf6b88400d00079416 4b24faddc3644de51f6d02b4928b39173b03dd0cb1b7933ca1da58c7006d3857
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A230%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A176601312%3Arqn%3A1%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C75%2C0%2C%2C0%2C%2C123%2C2%2C%2C%2C%2C260%3Ans%3A1669784223927%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A230%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A176601312%3Arqn%3A1%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C75%2C0%2C%2C0%2C%2C123%2C2%2C%2C%2C%2C260%3Ans%3A1669784223927%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 30 Nov 2022 04:57:06 GMT
access-control-allow-origin: https://manylucksurvey.top
set-cookie: yandexuid=8898930961669784226; Expires=Thu, 30-Nov-2023 04:57:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8898930961669784226; Expires=Thu, 30-Nov-2023 04:57:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=624546111669784226; Path=/; SameSite=None; Secure
i=l0p64OiORdf5qk9T5PPYSSnudGt4IcnluWAuQAdPQFK0Up8vWZQ7mzb8WjQWuZrkoQnX8z/BhALzi4UCIVz1s59n8TU=; Expires=Sat, 27-Nov-2032 04:57:06 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701320226.yc.1669784226#1701320226.yrts.1669784226#1701320226.yrtsi.1669784226; Expires=Thu, 30-Nov-2023 04:57:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 04:57:06 GMT
last-modified: Wed, 30-Nov-2022 04:57:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasha97c452e75cf1d4833e777d7ba7f2c47 58f15763fd33f742ce870f49f1c2dbed5b41205f 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12435
Expires: Wed, 30 Nov 2022 08:24:21 GMT
Date: Wed, 30 Nov 2022 04:57:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasha97c452e75cf1d4833e777d7ba7f2c47 58f15763fd33f742ce870f49f1c2dbed5b41205f 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12435
Expires: Wed, 30 Nov 2022 08:24:21 GMT
Date: Wed, 30 Nov 2022 04:57:06 GMT
Connection: keep-alive
|
|
| manylucksurvey.top/js/v-AxiosHeaders.js.9182bc7d.js | 104.21.44.8 | 200 OK | 1.9 kB |
URL HTTP/2manylucksurvey.top/js/v-AxiosHeaders.js.9182bc7d.js IP104.21.44.8:0
File typeASCII text, with very long lines (2975), with no line terminators Hash5c21c7289f27378025b8742b814ecb76 8d53243a3be0229979ca8e3cfcff2f4c547f17a1 abf3c7ea24d4f93d4a5716fdd8751acaf7e8b52b4050464ad5966a3bb1e1861b
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-AxiosHeaders.js.9182bc7d.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:57:04 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 12:45:15 GMT
vary: Accept-Encoding
etag: W/"6385fedb-b9f"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15yu2mIw5bci734N7GBo%2BN8Yz6PjytBEuERU4wiYE1cvSoOOotecv6%2BENF8sLVdtBU8QU9nneV9BlGRbAMH7xox2%2BliSRn0lfYrNnV%2FubhEUos50PtCynMZAB7aGZP%2BpELx41fY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7721000d38f80b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasha97c452e75cf1d4833e777d7ba7f2c47 58f15763fd33f742ce870f49f1c2dbed5b41205f 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12435
Expires: Wed, 30 Nov 2022 08:24:21 GMT
Date: Wed, 30 Nov 2022 04:57:06 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2cb669522a324cd5d9ba1b1743138d38 71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0 a997731964710b80affb001f7f2e2f05a93550b06c1626279516d78b11332803
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8337
x-amzn-requestid: 88e6ec5a-6b04-4787-91e4-02f316d0d6e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgYHViIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-10f0d81a09c0ae930f6be726;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CQERARyqGc2C8dEihlWw5X9eI6QqdR9Equ683aCy1XkizytQdod9Kw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:57:25 GMT
age: 25181
etag: "71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74cbd5b-36b7-497f-97d1-4e7073a47375.jpeg | 34.120.237.76 | 200 OK | 4.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74cbd5b-36b7-497f-97d1-4e7073a47375.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9b96b63164d7dc37268951510afb359f 5991d60e238558f9fe4e1759fe18dde628cb7be4 cd7a88b3173bae9ad466d41b9ae9a2ed9e18157660697f1f1b070043194c3db4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74cbd5b-36b7-497f-97d1-4e7073a47375.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4706
x-amzn-requestid: ce0b287a-7242-402b-8261-c519a1310309
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhHxETjoAMFcTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcb-7a69d6d14ad0fd707ede2882;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odDoJgXLfaw-QRX8PfW3PW2yav7R41pQoyVbEVaDARSYLJPToLsTTA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 25461
etag: "5991d60e238558f9fe4e1759fe18dde628cb7be4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png | 34.120.237.76 | 200 OK | 113 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png IP34.120.237.76:0
Size113 kB (112619 bytes) Hash9545d0af6ce33421a4f598285eae1273 b742a31e67583c53631dff3e285fce957cbbece6 6cc64c6085bddb7cff637e9e49117281b02c12a80555e37db7202fb439423a4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13195
x-amzn-requestid: 1303b72c-fe18-46a3-b3c1-06f3b8550d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvHW6oAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1b3dbbb005a238117076d1f3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pw2Wm8mI8MxRAOVsdvvWLEuxPN5ffcgWBZ_KecuuS5stoTHF4hxECg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:33 GMT
age: 24513
etag: "6004b4b7afd22dded903f026d245bc90a6706767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5508d05a290b663fd89ead9b58f2efd8 53650399f9a986ba54addd668b4557109d12003b 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 25455
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe08af5b1d18986e112913c6e69cc8ce6 151b60134a66305bd72dbb3810f67a57720b2af1 555a62d98f4002ad187a6b480d534a1dbe3c64d1f4d17cffad2ab985c10ca462
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12853
x-amzn-requestid: 25e4402d-98d0-4c38-a927-397c37724bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhdpHAuIAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c57-506672a36959d9ea09ef5155;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gHL2sFE-o1u5kEIUiabbP6u5CXr3ihI4mKiAVkfReyuJuTF5k5ktSg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:17:16 GMT
age: 23990
etag: "151b60134a66305bd72dbb3810f67a57720b2af1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash777ce44582c70bf01a31da4cab366f36 57e1d34f146d5ccd9943aa97bcc3158f7103bb07 fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
age: 24014
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A984181026%3Arqn%3A2%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1131%2C1131%2C0%2C%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A984181026%3Arqn%3A2%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1131%2C1131%2C0%2C%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A984181026%3Arqn%3A2%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1131%2C1131%2C0%2C%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 77
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 30 Nov 2022 04:57:06 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 04:57:06 GMT
last-modified: Wed, 30-Nov-2022 04:57:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonUnique&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A679844053%3Arqn%3A3%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonUnique&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A679844053%3Arqn%3A3%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonUnique&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A679844053%3Arqn%3A3%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 30 Nov 2022 04:57:06 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 04:57:06 GMT
last-modified: Wed, 30-Nov-2022 04:57:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A892673312%3Arqn%3A4%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A892673312%3Arqn%3A4%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A892673312%3Arqn%3A4%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 30 Nov 2022 04:57:06 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 04:57:06 GMT
last-modified: Wed, 30-Nov-2022 04:57:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A802564938%3Arqn%3A5%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A802564938%3Arqn%3A5%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A802564938%3Arqn%3A5%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 30 Nov 2022 04:57:06 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 04:57:06 GMT
last-modified: Wed, 30-Nov-2022 04:57:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A862090178%3Arqn%3A6%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A862090178%3Arqn%3A6%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A862090178%3Arqn%3A6%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 30 Nov 2022 04:57:06 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 04:57:06 GMT
last-modified: Wed, 30-Nov-2022 04:57:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A997404907%3Arqn%3A8%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A997404907%3Arqn%3A8%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A997404907%3Arqn%3A8%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 30 Nov 2022 04:57:06 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 04:57:06 GMT
last-modified: Wed, 30-Nov-2022 04:57:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A1041561058%3Arqn%3A7%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A1041561058%3Arqn%3A7%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A1041561058%3Arqn%3A7%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 199
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 30 Nov 2022 04:57:06 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 04:57:06 GMT
last-modified: Wed, 30-Nov-2022 04:57:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A875582614%3Arqn%3A10%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)rqnl(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A875582614%3Arqn%3A10%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)rqnl(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A875582614%3Arqn%3A10%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 30 Nov 2022 04:57:06 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 04:57:06 GMT
last-modified: Wed, 30-Nov-2022 04:57:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A404431336%3Arqn%3A9%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(2) | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A404431336%3Arqn%3A9%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(2) IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2lng1t56jk0cd%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1669784226_2a06cea8efe881d205658338d1437740166e37ffc54192ec47c2116c2849a8f5&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A92954497350%3Ahid%3A10446296%3Az%3A0%3Ai%3A20221130045705%3Aet%3A1669784225%3Ac%3A1%3Arn%3A404431336%3Arqn%3A9%3Au%3A1669784225643297778%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1669784223927%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669784225%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 384
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 30 Nov 2022 04:57:06 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 04:57:06 GMT
last-modified: Wed, 30-Nov-2022 04:57:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2lng1t56jk0cd | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2lng1t56jk0cd IP104.21.44.8:0
GET /sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2lng1t56jk0cd HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:57:04 GMT
content-type: text/html
last-modified: Tue, 29 Nov 2022 12:45:15 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsCX0CvWRjvTZ8ThO%2BWGUE9oZZca63yQ4QlSgRwiTArfmwgfEqh7jU4IVEK9y60F23AzJmkUsCCyy73A238BV%2B%2BdDBeTDVS96ZaTYbcU86WdbKQbQnNQZpND1D%2BJshTWKbafzM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7721000c18aa0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/_global-config-sd.bf55f2fb.js | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/_global-config-sd.bf55f2fb.js IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/_global-config-sd.bf55f2fb.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:57:04 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 12:45:15 GMT
vary: Accept-Encoding
etag: W/"6385fedb-16d"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUtA3UqyQJ9KTCiyRMO5ReAy7EwNeH66R8D09uLAOmKU2ZkNUEp4MBRE2Oiku9qHIW6tze%2B5vTi%2B%2FnQvjbCCd2aj6yG6Q0tXFGWTV2AduSXg6sheGtdN3GSAGCl284zj%2FXTqDg8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7721000d28f20b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/v-xhr.js.cc932262.js | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/v-xhr.js.cc932262.js IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-xhr.js.cc932262.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:57:04 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 12:45:15 GMT
vary: Accept-Encoding
etag: W/"6385fedb-bb3"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OA923jVj21JmdoS%2FutxySikEa38wXDY7ei1T%2B2k4ExHlXqpKOZzSY%2Bk3hByh5dSZNgpH5L2wgm81z9%2B9wcG1nQUi3FdGlP9ptBYNN7MRRNg3l6JmSJ%2FWpgongnkroG6HdnuNI%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7721000d38f60b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/rtc.cd34f0aa.js | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/rtc.cd34f0aa.js IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/rtc.cd34f0aa.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:57:04 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 12:45:15 GMT
vary: Accept-Encoding
etag: W/"6385fedb-29d4"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIm8BGFl83Vlq6kRlrp%2FQlyIYdfiOprsoMzbCBetS8lwg6yYZe09ZKao1Cge3xjI1Xs8xWsPV25eoS58ggUo8ICRaXCVAFlxK1KA8mwDfaaMdGSy%2FQD882nEqaaOvgCM5ePie7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7721000d28f30b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|