| getbonus.quest/X5JDLmQf | 165.22.196.103 | 302 Found | 0 B |
IP165.22.196.103:0 ASN#14061 DIGITALOCEAN-ASN
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /X5JDLmQf HTTP/1.1
Host: getbonus.quest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 27 Oct 2022 13:33:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Thu, 27 Oct 2022 13:33:58 GMT
Location: https://gainfulsurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=s8hnpa6455n4
Pragma: no-cache
Set-Cookie: _subid=s8hnpa6455n4;Expires=Sunday, 27-Nov-2022 13:33:58 GMT;Max-Age=2678400;Path=/
7867c=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMxN1wiOjE2NjY4Nzc2Mzh9LFwiY2FtcGFpZ25zXCI6e1wiNFwiOjE2NjY4Nzc2Mzh9LFwidGltZVwiOjE2NjY4Nzc2Mzh9In0.1Tc3002b5WTXhNTGGTW0MhYQ5LnDqWWZzTYErOox5ZY;Expires=Saturday, 24-Aug-2075 03:07:56 GMT;Max-Age=1666964038;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4c9ec202b798d350b6582220b7bb8457 d16ca24cd60b349231ad06fa5db32f54a3bc9e09 df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5884
Expires: Thu, 27 Oct 2022 15:12:02 GMT
Date: Thu, 27 Oct 2022 13:33:58 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash221b3fe9a6458de64d8bbfcd4a8e2f36 988c93428ff15108d46a11865e1c7e2782fbae34 a5ff1b60b9ef85086d0c6617d9d39cf17ae45855bf7b0ee24ec49ad5a863c18e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3020
Cache-Control: max-age=161251
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:33:58 GMT
Etag: "635a4fdd-1d7"
Expires: Sat, 29 Oct 2022 10:21:29 GMT
Last-Modified: Thu, 27 Oct 2022 09:31:09 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash221b3fe9a6458de64d8bbfcd4a8e2f36 988c93428ff15108d46a11865e1c7e2782fbae34 a5ff1b60b9ef85086d0c6617d9d39cf17ae45855bf7b0ee24ec49ad5a863c18e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6351
Cache-Control: max-age=164582
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:33:58 GMT
Etag: "635a4fdd-1d7"
Expires: Sat, 29 Oct 2022 11:17:00 GMT
Last-Modified: Thu, 27 Oct 2022 09:31:09 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8db408c487f7d35bba323046736e8d3a 01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0 9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4237
Expires: Thu, 27 Oct 2022 14:44:35 GMT
Date: Thu, 27 Oct 2022 13:33:58 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Oa1qtAb6XDc7h7Ie5GzXXN3Q0x11+A3So9OMftqv2rKKTUyl8XDebrOtCGhUQtxlef7DQUJ7ve07Q0H1bEbE2g==
x-amz-request-id: 3DZDMCRJYRJDAA97
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 13:09:50 GMT
age: 1448
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 13:33:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf1fffdb3841adc7571ccfd38ea7dbae2 00f873c95a5c95c685191010f5e382d547985591 31b1d3bf49eaaeec11ee46d09697d7e7b9bee3e8cc3acda2d3dcdb668fac4935
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "31B1D3BF49EAAEEC11EE46D09697D7E7B9BEE3E8CC3ACDA2D3DCDB668FAC4935"
Last-Modified: Tue, 25 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1710
Expires: Thu, 27 Oct 2022 14:02:28 GMT
Date: Thu, 27 Oct 2022 13:33:58 GMT
Connection: keep-alive
|
|
| gainfulsurvey.top/img/betting/sport-betting/boxring.jpg | 172.67.70.156 | 200 OK | 60 kB |
URL HTTP/2gainfulsurvey.top/img/betting/sport-betting/boxring.jpg IP172.67.70.156:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1350x900, components 3\012- data Hashe3501142e9751c6caa6d9f86da43f4b5 a309f9944fb1dd75c490144f1a9ddb30be3a4e15 6c83cb9be5f8845920d0bbcadb5dea98d85de971edc754209a9a291f77039001
GET /img/betting/sport-betting/boxring.jpg HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gainfulsurvey.top/css/sport-betting.css?v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:58 GMT
content-type: image/jpeg
content-length: 60085
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
etag: "635a690a-eab5"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWjFv%2FaqRFRfCjZ5e%2FCXIyQR9%2BrS3hd3qvRGfS42oKZRCQumhh7pdbFtIO0d4msg8fWDtQkDPtctRjb2suO14rVPU35v%2B9VTPyVOUrNVFjh%2BYHbsisM29FW%2FCjmlSJ5w04Ty"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760bce7b8b700b49-OSL
X-Firefox-Spdy: h2
|
|
| gainfulsurvey.top/img/betting/sport-betting/boxgirl.png | 172.67.70.156 | 200 OK | 76 kB |
URL HTTP/2gainfulsurvey.top/img/betting/sport-betting/boxgirl.png IP172.67.70.156:0
File typePNG image data, 487 x 650, 8-bit colormap, non-interlaced\012- data Hash525acc2a933db35fe25e51c4a72e4c6c 231368d2b4389f91afe41d227ed371f014cf230a 8261942c43027c0b4ed38a6f4271b5b43c82e6c2be89d0f53a981b9795e77884
GET /img/betting/sport-betting/boxgirl.png HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gainfulsurvey.top/css/sport-betting.css?v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:59 GMT
content-type: image/png
content-length: 75597
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
etag: "635a690a-1274d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKIz%2Fwyx9aVP93M4rNG3YoN9Jz%2F6uOxMUoMjOnzjLAbZFT3Flv1sCIJz%2F%2BMg3Gr44BeGRFp1%2FCpDazcCYRQhQtzpJjh%2BDLJBzxKT0xzMsMU6aZNs7TrxpX1pBPc8gpY6gqbh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760bce7b8b730b49-OSL
X-Firefox-Spdy: h2
|
|
| gainfulsurvey.top/js/config.js?v=8 | 172.67.70.156 | 200 OK | 23 kB |
URL HTTP/2gainfulsurvey.top/js/config.js?v=8 IP172.67.70.156:0
File typeASCII text, with very long lines (65536), with no line terminators Hash400ab0b5a49771cafeaf2d9b455af0dd 00499de1d92f5730724df5cbcbe35eecf444d899 ef5b3d15d38d0fdbec30e90a9521225e53a4330f18d20749bbefb3b07883683c
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/config.js?v=8 HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:58 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
etag: W/"635a690a-11876"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdoH%2FV4bEAnW6XCDS%2BiQRmliR39mUNR%2BZHhoFPWa2XD8KXJcQVsn%2FYSkrKIqUoXWvrPWXdLEt0TbNvsbRVGgcm2Y3ezH3MwDmtfYANGPun13eBBGQiIfgM9vAlk8nHteqb5l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760bce7a8a6d0b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash5ac10ffe7ac998f87f45e96ceed7b9cf 9bcde54ab105b2c390f7a561cc86ef100d69cd95 e11e2ee4d7c29121dd9faa429e3f43dda663b443f1ca0245954be09cf3d3fd42
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4304
Cache-Control: max-age=125058
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:33:59 GMT
Etag: "6359bd79-116"
Expires: Sat, 29 Oct 2022 00:18:17 GMT
Last-Modified: Wed, 26 Oct 2022 23:06:33 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hashe4e9602f1062e692c3df5dc1eec489cb ab47ab5548fed1ea1e145becb03a9885eacf7ddb 036e9d4e5c9e9bc75cbb78389fbcc4a5cdfa3463feddd5db8a11375b8c964af0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:33:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 06:25:20 GMT
Expires: Mon, 31 Oct 2022 06:25:19 GMT
Etag: "ab47ab5548fed1ea1e145becb03a9885eacf7ddb"
Cache-Control: max-age=319279,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760bce7cac680b49-OSL
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash5ac10ffe7ac998f87f45e96ceed7b9cf 9bcde54ab105b2c390f7a561cc86ef100d69cd95 e11e2ee4d7c29121dd9faa429e3f43dda663b443f1ca0245954be09cf3d3fd42
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2543
Cache-Control: max-age=123297
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:33:59 GMT
Etag: "6359bd79-116"
Expires: Fri, 28 Oct 2022 23:48:56 GMT
Last-Modified: Wed, 26 Oct 2022 23:06:33 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash56685759d36ef3cec2fbb760dc8a7f29 40b4a7dd6f97a585514ba7598bd85d660cfb7194 faf0856b5fc32b8a579b51c56c201491f1769a7fe65e812fa8d8db3fada71c27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAF0856B5FC32B8A579B51C56C201491F1769A7FE65E812FA8D8DB3FADA71C27"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7630
Expires: Thu, 27 Oct 2022 15:41:09 GMT
Date: Thu, 27 Oct 2022 13:33:59 GMT
Connection: keep-alive
|
|
| itcleffaom.com/track?offer_id=2058&z=4534663&request_var=4&variable2=s8hnpa6455n4 | 139.45.197.237 | 200 OK | 148 B |
URL HTTP/2itcleffaom.com/track?offer_id=2058&z=4534663&request_var=4&variable2=s8hnpa6455n4 IP139.45.197.237:0
File typeJSON data\012- , ASCII text, with no line terminators Hash673cfa6261713c037f5e6d0d8cebc7e5 3fa4ef98e3409901f9d51f1bd651a130506aed6b 546d54b13b6ae34900ec662401d1df42e740d9bc40c24cca29863414f9affe39
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /track?offer_id=2058&z=4534663&request_var=4&variable2=s8hnpa6455n4 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gainfulsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 13:33:59 GMT
content-type: application/json
content-length: 148
x-trace-id: d9f1a220f43eae58a9622931ade9bb48
access-control-allow-origin: https://gainfulsurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| gainfulsurvey.top/js/data/_global-config-sd.js?v=3 | 172.67.70.156 | 200 OK | 350 B |
URL HTTP/2gainfulsurvey.top/js/data/_global-config-sd.js?v=3 IP172.67.70.156:0
Hash52bb1de601be8970280cccc0354576ec 855647db8a52b5a39d03622b521810ce460d82ba 6b61452e25ade679afa91fa65bb1ace79f856fef0e256fd115147f1d1522064a
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/data/_global-config-sd.js?v=3 HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:58 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
etag: W/"635a690a-2ab"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3xJhhjexV0FBZ0F9yEPwngGytm%2FtVC76pLk5jxweocH7DQmDf%2B65amd5Ku%2BU6h92LeVQ2AoX0waopKjgKek4kWqSwUQRdFX8h%2FtOJeMspo5Vopsndp%2Fo1vAkLFjq8ZEZZEB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760bce7a7a6a0b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hashe4e9602f1062e692c3df5dc1eec489cb ab47ab5548fed1ea1e145becb03a9885eacf7ddb 036e9d4e5c9e9bc75cbb78389fbcc4a5cdfa3463feddd5db8a11375b8c964af0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:33:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 06:25:20 GMT
Expires: Mon, 31 Oct 2022 06:25:19 GMT
Etag: "ab47ab5548fed1ea1e145becb03a9885eacf7ddb"
Cache-Control: max-age=319279,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760bce7d8da30b49-OSL
|
|
| my.rtmark.net/gid.js | 139.45.195.8 | 200 OK | 65 B |
IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash387fe649d7411e05da7a44b60c45a0f5 985b2ada6ba87fb127479df87c04706f7505ae56 d16a2554a1ffcc4d21b66ba912844f496514ab57ce7dd23d1f0c2b34ab1ab34e
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gainfulsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 13:33:59 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://gainfulsurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2b5bc6090768465a83d45a2cc0f0a48b; expires=Fri, 27 Oct 2023 13:33:59 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash22d50b42989b5314d4848e495baff40e b5aed18ee36d79c09febee64fbf322940b7cfc03 40cccac6f2cafd9f4e5121fe19eac29d4371072b1b26044b8a2cd3f09121bb1a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40CCCAC6F2CAFD9F4E5121FE19EAC29D4371072B1B26044B8A2CD3F09121BB1A"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Thu, 27 Oct 2022 16:19:44 GMT
Date: Thu, 27 Oct 2022 13:33:59 GMT
Connection: keep-alive
|
|
| pulsersurvey.com/contents/s/0f/b5/a0/eccfe6fe27747ca4a84abb1c9b/0926450336462.png | 139.45.197.155 | 200 OK | 11 kB |
URL HTTP/2pulsersurvey.com/contents/s/0f/b5/a0/eccfe6fe27747ca4a84abb1c9b/0926450336462.png IP139.45.197.155:0
File typePNG image data, 140 x 140, 8-bit/color RGB, non-interlaced\012- data Hash0fb5a0eccfe6fe27747ca4a84abb1c9b f83ae7f2c746872a9ba9da626928946e3b6de28d 70eba3a4b499c4ffe4a8e62461c1b8581a9dd904f14b5742b48632dbebdd30a6
GET /contents/s/0f/b5/a0/eccfe6fe27747ca4a84abb1c9b/0926450336462.png HTTP/1.1
Host: pulsersurvey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 13:33:59 GMT
content-type: image/png
content-length: 10580
last-modified: Thu, 21 Jan 2021 09:10:34 GMT
etag: "6009450a-2954"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| itcleffaom.com/rotate?zz=4326387&var=4534663&ymid=4&uid=2b5bc6090768465a83d45a2cc0f0a48b | 139.45.197.237 | 200 OK | 393 B |
URL HTTP/2itcleffaom.com/rotate?zz=4326387&var=4534663&ymid=4&uid=2b5bc6090768465a83d45a2cc0f0a48b IP139.45.197.237:0
File typeJSON data\012- , ASCII text, with very long lines (393), with no line terminators Hashb1fee2140ff5217ca0236ecb8e6745b8 4323b80bb1a942b7311f6acac4a358f6b78c3fa0 10e77d618459442fa557412806b9c231151e958a3f277086e127323cc5e66dfb
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /rotate?zz=4326387&var=4534663&ymid=4&uid=2b5bc6090768465a83d45a2cc0f0a48b HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gainfulsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 13:33:59 GMT
content-type: application/javascript
content-length: 393
x-trace-id: d4d8e6e7a5815eed3787765ceed5bfcb
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://gainfulsurvey.top
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=2b5bc6090768465a83d45a2cc0f0a48b; expires=Fri, 27 Oct 2023 13:33:59 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hashda275afef2c120cef63dae40154284da 569947d789ce819632a881cb49b16b79ef6353ec d5efa3c3f1c8e805662f74e42a3fac2993f0c8dd03129f28a9e6930cd98e98e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:33:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 01:33:16 GMT
Expires: Tue, 01 Nov 2022 01:33:15 GMT
Etag: "569947d789ce819632a881cb49b16b79ef6353ec"
Cache-Control: max-age=388155,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760bce7f6fc00b49-OSL
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a | 37.48.68.71 | 200 OK | 12 B |
URL HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a IP37.48.68.71:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeJSON data\012- , ASCII text, with no line terminators Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1005
Origin: https://gainfulsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 27 Oct 2022 13:33:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://gainfulsurvey.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| ocsp.globalsign.com/gseccovsslca2018 | 104.18.21.226 | 200 OK | 937 B |
URL HTTP/1.1ocsp.globalsign.com/gseccovsslca2018 IP104.18.21.226:0
Hash3fc3f157400caefe3daf8c561cede128 c31d250c30140e47006ee9fa4f046d4b565a523b b32cdacfebb6c250150901ab2dfbeea939125e37be5523df50e04118868e2ad2
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:33:59 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Mon, 31 Oct 2022 12:20:02 GMT
ETag: "c31d250c30140e47006ee9fa4f046d4b565a523b"
Last-Modified: Thu, 27 Oct 2022 12:20:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1961
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760bce81b81ab523-OSL
|
|
| mc.yandex.ru/metrika/tag.js | 77.88.21.119 | 200 OK | 74 kB |
URL HTTP/2mc.yandex.ru/metrika/tag.js IP77.88.21.119:0
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (587) Hashb8652e33f5bd5ff280922739cb5b55f1 a1b0a76e7ed8cf5a87eba6b2bd3413d9c1cc3963 bb6e49dc63f5bae83b1b3303951f9aca12e41bc314db2e7d0315f4dc7396edb6
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73490
date: Thu, 27 Oct 2022 13:33:59 GMT
access-control-allow-origin: *
etag: "63575841-11f12"
expires: Thu, 27 Oct 2022 14:33:59 GMT
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/metrika/advert.gif | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/metrika/advert.gif IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 13:34:00 GMT
access-control-allow-origin: *
etag: "63575841-2b"
expires: Thu, 27 Oct 2022 14:34:00 GMT
accept-ranges: bytes
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877639%3Ac%3A1%3Arn%3A839100856%3Arqn%3A1%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C1%2C%2C0%2C%2C163%2C2%2C%2C%2C%2C375%3Ans%3A1666877638033%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877639%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 | 77.88.21.119 | 200 OK | 400 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877639%3Ac%3A1%3Arn%3A839100856%3Arqn%3A1%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C1%2C%2C0%2C%2C163%2C2%2C%2C%2C%2C375%3Ans%3A1666877638033%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877639%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 IP77.88.21.119:0
File typeJSON data\012- , ASCII text, with very long lines (400), with no line terminators Hashf68373b3a7f28fcde2292ec6446a5a97 9c465d072208c2d0674374ce88adc4b056f8cb6a 1d5537afd51f12dd274f8f63dd0f33b9c03e8706269a4823fc638e4ba13f2ffe
GET /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877639%3Ac%3A1%3Arn%3A839100856%3Arqn%3A1%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C1%2C%2C0%2C%2C163%2C2%2C%2C%2C%2C375%3Ans%3A1666877638033%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877639%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gainfulsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Thu, 27 Oct 2022 13:34:00 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://gainfulsurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 13:34:00 GMT
last-modified: Thu, 27-Oct-2022 13:34:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd74fd61a9f3caa5eada0b6b9f7154475 eb94382c5deaf0de61635a7d4ecc89928ef84e65 b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6015
Expires: Thu, 27 Oct 2022 15:14:15 GMT
Date: Thu, 27 Oct 2022 13:34:00 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd74fd61a9f3caa5eada0b6b9f7154475 eb94382c5deaf0de61635a7d4ecc89928ef84e65 b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6015
Expires: Thu, 27 Oct 2022 15:14:15 GMT
Date: Thu, 27 Oct 2022 13:34:00 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd74fd61a9f3caa5eada0b6b9f7154475 eb94382c5deaf0de61635a7d4ecc89928ef84e65 b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6015
Expires: Thu, 27 Oct 2022 15:14:15 GMT
Date: Thu, 27 Oct 2022 13:34:00 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4ded5eb41644bfe7ea87cff5ab0d79f0 9b13eca2d768277b92c05a8a82743018489783a6 3de7fcc3e9c8a107e4c5d6e59506ec71e68129a8351e47af63930873775ac3f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15768
x-amzn-requestid: ab678277-5d12-4ae2-9af7-f15fab294657
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRoclEbBoAMFz9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508783-344a14d17bfcd6b12ffe02b0;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:25:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AgS3Yq-WCRRnFvCxMcwq13lQz8cGvvdwZ51C3H0szmB0iyZLb9mf-A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:09 GMT
age: 56571
etag: "9b13eca2d768277b92c05a8a82743018489783a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fe841-b0a7-4f17-8713-d982fcedd316.jpeg | 34.120.237.76 | 200 OK | 6.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fe841-b0a7-4f17-8713-d982fcedd316.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash27838ba1a0dc8484cc39e787b1e35c24 317f858e36816c2605e0ca91fd7ba60896bc082d f5b148a13cdcdf31e83ba5db3da139f581778d8b843b8f59ab0c9f08990d0374
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fe841-b0a7-4f17-8713-d982fcedd316.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6306
x-amzn-requestid: c5a693a2-df65-4c7a-a755-133e0dbf14e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apW_tHDGoAMFp2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a0531-72afd432100cd0117ec18934;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 04:12:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9A1adf9pl0pRkrNB7jSKlF5tX-suPU-VxAP1upGgJEOnLC_aQcEb6g==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 04:38:55 GMT
age: 32105
etag: "317f858e36816c2605e0ca91fd7ba60896bc082d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg | 34.120.237.76 | 200 OK | 4.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash91ee720c15dc69de45080d0c951353af 5292b31a99d90bcb7071f327b93d52034bdf9dcb 7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NQJHFIbLMzw0aGwCkVGIEIHOMHprTpvLkLQRKgrGeVj35sk7sW4IUg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 00:35:15 GMT
age: 46725
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg | 34.120.237.76 | 200 OK | 18 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashed4462f023dbabb596a2e3b521425ca1 61b82445b422a5f917bb10640beb6d73eb0e62c3 a02af2897331acc123bf7d54b30929e3bc062a0875b5dea95302ddf60d808ded
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 18182
x-amzn-requestid: f1232b1f-32ac-4820-b186-b3bfb928c0b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aYvSKFF4oAMF2Wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63535f40-0b9bc4d27b7534176cc278ed;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 03:10:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -iSQAX4xEu0e3ym9ovX4jXaBbE6JVQyqZQOI4vNg_uEOO2hFafgl4A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 06:31:47 GMT
age: 25333
etag: "61b82445b422a5f917bb10640beb6d73eb0e62c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a3beb47-d762-472b-9658-8a33fd7da5b8.jpeg | 34.120.237.76 | 200 OK | 15 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a3beb47-d762-472b-9658-8a33fd7da5b8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash67ab2d52efde23610013edaacf8ba485 16580f7f378eede68f6f8c5361f942d6a33b862e 35ef1400e311bc04c5e48d5e9e80060a377c6a8570cc2e76ca2e25f6395f80cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a3beb47-d762-472b-9658-8a33fd7da5b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14637
x-amzn-requestid: d2b22c2f-a677-4d97-aa1e-98e93c988c7f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_IjEibIAMF_DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524569-746ac9cf1df9428b60e84817;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:08:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dcIIYATr2wSA9wRFZIEptkACLVwLBMuadNzFHZZI2z742ub0WIUvYA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 06:43:17 GMT
age: 24643
etag: "16580f7f378eede68f6f8c5361f942d6a33b862e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8240214ef7bc82b09de023cde217beb9 0f432e521fc4392f528042c711139dc0becc5598 2d5f1a426441536086c8278651808dc6e3e819ec18b48048520a4dedbc8a08ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6806
x-amzn-requestid: bdf4f489-b474-4143-881f-521ad5dee74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwUGb9oAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a801-2a1e822f6b1dd3304c8f0527;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oxLrpXYZuUBO5qEKrFYAkh3lx2ZE7Jph8tcq0b4dWIHxUODXP3FDDQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:52:49 GMT
etag: "0f432e521fc4392f528042c711139dc0becc5598"
content-type: image/jpeg
age: 56471
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A155008999%3Arqn%3A3%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%7D | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A155008999%3Arqn%3A3%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%7D IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A155008999%3Arqn%3A3%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 13:34:01 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 13:34:01 GMT
last-modified: Thu, 27-Oct-2022 13:34:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A192052974%3Arqn%3A2%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1332%2C1332%2C0%2C%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22userOfferId%22%3A%222058%22%2C%22userSurveyId%22%3A1509001%7D | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A192052974%3Arqn%3A2%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1332%2C1332%2C0%2C%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22userOfferId%22%3A%222058%22%2C%22userSurveyId%22%3A1509001%7D IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A192052974%3Arqn%3A2%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1332%2C1332%2C0%2C%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22userOfferId%22%3A%222058%22%2C%22userSurveyId%22%3A1509001%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 13:34:01 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 13:34:01 GMT
last-modified: Thu, 27-Oct-2022 13:34:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A901711306%3Arqn%3A6%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%7D | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A901711306%3Arqn%3A6%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%7D IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A901711306%3Arqn%3A6%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 13:34:01 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 13:34:01 GMT
last-modified: Thu, 27-Oct-2022 13:34:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A409673215%3Arqn%3A5%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22stepName%22%3A%22main%22%7D | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A409673215%3Arqn%3A5%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22stepName%22%3A%22main%22%7D IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A409673215%3Arqn%3A5%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22stepName%22%3A%22main%22%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 13:34:01 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 13:34:01 GMT
last-modified: Thu, 27-Oct-2022 13:34:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonUnique&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A945392177%3Arqn%3A4%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22isUnique%22%3Atrue%7D | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonUnique&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A945392177%3Arqn%3A4%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22isUnique%22%3Atrue%7D IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonUnique&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A945392177%3Arqn%3A4%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22isUnique%22%3Atrue%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 13:34:01 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 13:34:01 GMT
last-modified: Thu, 27-Oct-2022 13:34:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A759636893%3Arqn%3A8%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22user_browser%22%3A%22firefox%22%2C%22user_os%22%3A%22windows%22%2C%22user_os_version%22%3A%2210%22%2C%22user_proxy%22%3A0%2C%22user_geo%22%3A%22no%22%2C%22user_getsubid_time%22%3A0%7D | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A759636893%3Arqn%3A8%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22user_browser%22%3A%22firefox%22%2C%22user_os%22%3A%22windows%22%2C%22user_os_version%22%3A%2210%22%2C%22user_proxy%22%3A0%2C%22user_geo%22%3A%22no%22%2C%22user_getsubid_time%22%3A0%7D IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A759636893%3Arqn%3A8%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22user_browser%22%3A%22firefox%22%2C%22user_os%22%3A%22windows%22%2C%22user_os_version%22%3A%2210%22%2C%22user_proxy%22%3A0%2C%22user_geo%22%3A%22no%22%2C%22user_getsubid_time%22%3A0%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 13:34:01 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 13:34:01 GMT
last-modified: Thu, 27-Oct-2022 13:34:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A210973033%3Arqn%3A10%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22trafficQuality%22%3A%22alert%22%7D | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A210973033%3Arqn%3A10%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22trafficQuality%22%3A%22alert%22%7D IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A210973033%3Arqn%3A10%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22trafficQuality%22%3A%22alert%22%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 13:34:01 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 13:34:01 GMT
last-modified: Thu, 27-Oct-2022 13:34:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A803981976%3Arqn%3A7%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22notificationPermission%22%3A%7B%7D%7D | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A803981976%3Arqn%3A7%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22notificationPermission%22%3A%7B%7D%7D IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A803981976%3Arqn%3A7%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22notificationPermission%22%3A%7B%7D%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 13:34:01 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 13:34:01 GMT
last-modified: Thu, 27-Oct-2022 13:34:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A152861210%3Arqn%3A9%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22getIppLinkTime%22%3A0%2C%22mainExitDirection%22%3A%22ipp%22%7D | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A152861210%3Arqn%3A9%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22getIppLinkTime%22%3A0%2C%22mainExitDirection%22%3A%22ipp%22%7D IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fgainfulsurvey.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666877640_533efc6eac91e4d4a14c4d0d3c890b3122b9bf995276f44ebed21e797599d208&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877640%3Ac%3A1%3Arn%3A152861210%3Arqn%3A9%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666877638033%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877640%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22getIppLinkTime%22%3A0%2C%22mainExitDirection%22%3A%22ipp%22%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 13:34:01 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 13:34:01 GMT
last-modified: Thu, 27-Oct-2022 13:34:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash9a9990486edce16b4006127b580ffab9 8b217e569fe5465626a2fab99cc1ed85ed79d061 ac3383760f464e85350f806a42a7d921f9de34e14c155ebdcc07411faed775fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC3383760F464E85350F806A42A7D921F9DE34E14C155EBDCC07411FAED775FE"
Last-Modified: Tue, 25 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19270
Expires: Thu, 27 Oct 2022 18:55:17 GMT
Date: Thu, 27 Oct 2022 13:34:07 GMT
Connection: keep-alive
|
|
| gainfulsurvey.top/js/sport-betting.js?v=1 | 172.67.70.156 | 200 OK | 0 B |
URL HTTP/2gainfulsurvey.top/js/sport-betting.js?v=1 IP172.67.70.156:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/sport-betting.js?v=1 HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:58 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
etag: W/"635a690a-46e"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0dbTd6TR6aHCHR1n5GXSokC18lFXnl97HmcfG5Bt6hwx23ZyqoRV3cs1qb55Y2W2VlYI5UvHGkAArEh05r%2BRVxsg%2FLGHaGu8Z4Qx%2B%2FyU1NWGoZZuh5TM9k96TCuWp3iJzDM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760bce7a8a750b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gainfulsurvey.top/favicon.ico | 172.67.70.156 | 200 OK | 0 B |
URL HTTP/2gainfulsurvey.top/favicon.ico IP172.67.70.156:0
GET /favicon.ico HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:59 GMT
content-type: image/x-icon
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
etag: W/"635a690a-47e"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RgqHunqmA%2FDTTlRhhjuLS2xwWiwC0C3S8m5FXOH5wAH7tBslMdeKTtPtPEvdPSf%2BCxmDc6Y6Wr%2FoN%2FpbNM6oqdacA1lmOk2pICLXel%2F3qVohYQBp9mfeQXpZQ0E9OcQR86r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760bce8139410b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gainfulsurvey.top/js/dict/cookie-consent-1.json?v=1 | 172.67.70.156 | 200 OK | 0 B |
URL HTTP/2gainfulsurvey.top/js/dict/cookie-consent-1.json?v=1 IP172.67.70.156:0
GET /js/dict/cookie-consent-1.json?v=1 HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:59 GMT
content-type: application/json
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
etag: W/"635a690a-168d"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJTrgkE%2BQiVqGWdukbAyxOR%2F9rKH1rL7X2OALciTQ3VBKgfEDxrfemaoO69o7WtiGaI6t1ISGhXE0ypzsMsYkFTjtk0Bu39fVvh9cjKFGl1U567XEfCA4yaljHMd2E7I43c0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760bce7b8b6d0b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gainfulsurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=s8hnpa6455n4 | 172.67.70.156 | 200 OK | 0 B |
URL HTTP/2gainfulsurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=s8hnpa6455n4 IP172.67.70.156:0
GET /betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=s8hnpa6455n4 HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:58 GMT
content-type: text/html
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nuzYb4NmKPAZLSUQBWkxKYVhCtbaIbnKu5x6r6Qc9J2CSK9vhI8SrnBG%2BL9aRWEKwE1LlhAzIX%2Buf6wP6uQDU0lTgIYmuxzpwElnpLBXby2UuZ7B12ZoYew50LGEr10U0qR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760bce7979750b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gainfulsurvey.top/js/data/rtc.js?v=1 | 172.67.70.156 | 200 OK | 0 B |
URL HTTP/2gainfulsurvey.top/js/data/rtc.js?v=1 IP172.67.70.156:0
GET /js/data/rtc.js?v=1 HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:58 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
etag: W/"635a690a-3a65"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUsFPEc7UxktQKB%2B9mQVIpO2jCSic08IW%2FiQRitwYPgHc1Q8UUUMQutLuGNRqwEgmL9ARu%2FbAg6G7qzkfIl3KXypwTsBOyavS4TEflgLPIm5uyabA4OJGoTSP9bNieAKPlIA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760bce7a8a6c0b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gainfulsurvey.top/css/sport-betting.css?v=1 | 172.67.70.156 | 200 OK | 0 B |
URL HTTP/2gainfulsurvey.top/css/sport-betting.css?v=1 IP172.67.70.156:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /css/sport-betting.css?v=1 HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:58 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
etag: W/"635a690a-2748"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0pjH8DiXqr50rFxPwi6xEDADGuw4bhMn3JF11cJ4iapjl7JlSlMVUSuhUWvfsQ%2Bm7qYjGILtv%2FVmfnA%2Fqx72o0Xh2Yj8mhldyndO8HwZG2M6Gj87yqGJ6NUd6KkrGtifF7o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760bce7a8a720b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gainfulsurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=s8hnpa6455n4&utm_campaign=4&utm_medium=4534663&utm_content=zd_public_v2 | 172.67.70.156 | 200 OK | 0 B |
URL HTTP/2gainfulsurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=s8hnpa6455n4&utm_campaign=4&utm_medium=4534663&utm_content=zd_public_v2 IP172.67.70.156:0
GET /betting-survey.html?z=4534663&offer_id=2058&var=4&ymid=s8hnpa6455n4&utm_campaign=4&utm_medium=4534663&utm_content=zd_public_v2 HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:59 GMT
content-type: text/html
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkHXV3YBKGWazD6KrEbxeNUt6mfKl%2FJc45VqKZ4Q2WsC4Kk32xH%2Bi5PPUnA7%2FfNWh7TU6Y0G8qG6T9fPiiUPCH0kI8vC1uNifUAkHLS6qSAaBBa%2F7dpF1h%2FdR%2BGsMHsohLHW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760bce7b7b630b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gainfulsurvey.top/js/data/sd-1509001.js?v=4 | 172.67.70.156 | 200 OK | 0 B |
URL HTTP/2gainfulsurvey.top/js/data/sd-1509001.js?v=4 IP172.67.70.156:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/data/sd-1509001.js?v=4 HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:59 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
etag: W/"635a690a-2030"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PveApohG1z%2BPygG5omlK1by5tpSXsMuQRQZ1x8zrhTj3pt0SGBknxnSdPyxgduDWLfYiKTKZevCynEQbJy1I2kGS81AH57mMPbNdCEBlDv70aa7WpqCtHUvOEY7ptUxYTaqe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760bce7b8b690b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gainfulsurvey.top/js/survey.js?v=14 | 172.67.70.156 | 200 OK | 0 B |
URL HTTP/2gainfulsurvey.top/js/survey.js?v=14 IP172.67.70.156:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/survey.js?v=14 HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:59 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"635a690a-4a5a2"
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EamWPCamO4lUrjmw8QE8S1tsrqEFxKUA8b6d839ydSRQAl6M0ptYFqtQkv%2FREmpA3jwUp5Y5eWIN1pAhIYQx4V%2B52RGC88tEgFBdDD0LS7Ezomm3uGB8hlSdZvMvR0wip2AP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760bce7cdcc30b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdntechone.com/stattag.js | 172.67.149.153 | 200 OK | 0 B |
URL HTTP/2cdntechone.com/stattag.js IP172.67.149.153:0
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:59 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:52 GMT
etag: W/"634eb2c0-32b7"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2349
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bx%2BGpY7TgVjEwSyP8T%2Fwa31fJXZ0eSjIWQPeC4BFkMPI8GSLzW0lnLjvkX73wwty2%2Bjmo%2FCY2Lx5qoMGhPGSTa14945FuC%2FHSbj8pVD%2FqK5u2B8DFTXMH5M8Koon5GyWYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760bce7dc815b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877639%3Ac%3A1%3Arn%3A839100856%3Arqn%3A1%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C1%2C%2C0%2C%2C163%2C2%2C%2C%2C%2C375%3Ans%3A1666877638033%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877639%3At%3ASports%20Pro%20Test&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) | 77.88.21.119 | 302 Found | 0 B |
URL HTTP/2mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877639%3Ac%3A1%3Arn%3A839100856%3Arqn%3A1%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C1%2C%2C0%2C%2C163%2C2%2C%2C%2C%2C375%3Ans%3A1666877638033%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877639%3At%3ASports%20Pro%20Test&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) IP77.88.21.119:0
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877639%3Ac%3A1%3Arn%3A839100856%3Arqn%3A1%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C1%2C%2C0%2C%2C163%2C2%2C%2C%2C%2C375%3Ans%3A1666877638033%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877639%3At%3ASports%20Pro%20Test&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gainfulsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fgainfulsurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D4%26ymid%3Ds8hnpa6455n4%26utm_campaign%3D4%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A100530677163%3Ahid%3A245502492%3Az%3A0%3Ai%3A20221027133359%3Aet%3A1666877639%3Ac%3A1%3Arn%3A839100856%3Arqn%3A1%3Au%3A1666877639819897372%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C1%2C%2C0%2C%2C163%2C2%2C%2C%2C%2C375%3Ans%3A1666877638033%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666877639%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 27 Oct 2022 13:34:00 GMT
access-control-allow-origin: https://gainfulsurvey.top
set-cookie: yandexuid=3766358461666877640; Expires=Fri, 27-Oct-2023 13:34:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3766358461666877640; Expires=Fri, 27-Oct-2023 13:34:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2477126211666877640; Path=/; SameSite=None; Secure
i=7Sb8OnkyUQZS7wuMlLDGIaqHcsMxJs2tZF6epvrHAnT1NYXQw8H0eVJzUvwdk2icnNXBw8r4Z3yt+lbOaLnHGapzDiM=; Expires=Sun, 24-Oct-2032 13:33:58 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1698413640.yrts.1666877640#1698413640.yrtsi.1666877640; Expires=Fri, 27-Oct-2023 13:34:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 13:34:00 GMT
last-modified: Thu, 27-Oct-2022 13:34:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| gainfulsurvey.top/css/survey.css?v=1 | 172.67.70.156 | 200 OK | 0 B |
URL HTTP/2gainfulsurvey.top/css/survey.css?v=1 IP172.67.70.156:0
GET /css/survey.css?v=1 HTTP/1.1
Host: gainfulsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:33:58 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
etag: W/"635a690a-4d7b"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXsVwQQ9hTUe7qecEq%2BAuOtq3idbAf%2BJxswr8qPdHnaSoTYa0Roap1NlOhPeVPaxQgVR68aQVuXYoq%2FC15rEUF1hORFrKK9V9jxxpsMbMbHWHXHTDZQmxn%2FAMVyxlrdwYbRF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760bce7a8a700b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|