| promosurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=63&ymid=32q6p4k8dn1d0 | 104.26.15.99 | 301 Moved Permanently | 0 B |
URL HTTP/1.1promosurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=63&ymid=32q6p4k8dn1d0 IP104.26.15.99:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sweeps-survey.html?z=4526262&offer_id=2755&var=63&ymid=32q6p4k8dn1d0 HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 08:07:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 09:07:44 GMT
Location: https://promosurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=63&ymid=32q6p4k8dn1d0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MtDg0ib0dJle6j1GfvFgFglc%2Fp1HNvazigwYFygOv4Evn%2FvzLvccy3t5hIBiIEjPDWvGYcWnEsfzn9M09J8LNUEXtl1GT2jE1Yqg%2BK25pyyj3gxJs7KDYa5TuuHXRU3ig%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c6cf538680b61-OSL
alt-svc: h2=":443"; ma=60
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.36 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 07:29:42 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pW_zK0grh_tUCLgiE1NdMb1OdI0b9Q3BeFPqlAufz5JNOgoSGo9TUA==
Age: 2282
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash9955bda9c9ef64bc5700a14af0bae25e 8de7b7469e905af0374bdfcc3006bbb844f13e94 1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2472
Expires: Tue, 04 Oct 2022 08:48:56 GMT
Date: Tue, 04 Oct 2022 08:07:44 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 143.204.55.25 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP143.204.55.25:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mw_TJKapkXU_hv3sEhOjd7GlLs5bca1iRnY0eBYgedZbIeLegpGvJA==
age: 9557
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:07:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf96bf9087d1d202bc245f55906eed9c7 cc364bf054ae09d1cf6b4c181c292c15ed82ec13 06fbec4eea5c08f32661c23d75270e1388b0c3ea0fa96c2d47e4af10b243e5c5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "06FBEC4EEA5C08F32661C23D75270E1388B0C3EA0FA96C2D47E4AF10B243E5C5"
Last-Modified: Mon, 03 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21517
Expires: Tue, 04 Oct 2022 14:06:21 GMT
Date: Tue, 04 Oct 2022 08:07:44 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.36 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 07:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 08:26:00 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _xShC7T4jX9fsnLw8fG17N0Wc21vh7T2wMVPl0qR3EW4WW0fOwgndA==
Age: 2291
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash321fa9a78e31dcb66601ac5890bfba73 c325580db79bde6fd00d2d0c7e3f675e4c0046bb 83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2706
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:07:45 GMT
Last-Modified: Tue, 04 Oct 2022 07:22:39 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash0a25532c4133886e22a425cacca9c027 41a1b476967aed6ac227717098cd8be3209b45b3 f50b860d2b3b4d59df90ad6b36c84639141ca9dd9530a74e07fd79fd9387f52e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 08:07:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 06:25:20 GMT
Expires: Mon, 10 Oct 2022 06:25:19 GMT
Etag: "41a1b476967aed6ac227717098cd8be3209b45b3"
Cache-Control: max-age=511653,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754c6cfbbcb5b4f1-OSL
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash0a25532c4133886e22a425cacca9c027 41a1b476967aed6ac227717098cd8be3209b45b3 f50b860d2b3b4d59df90ad6b36c84639141ca9dd9530a74e07fd79fd9387f52e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 08:07:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 06:25:20 GMT
Expires: Mon, 10 Oct 2022 06:25:19 GMT
Etag: "41a1b476967aed6ac227717098cd8be3209b45b3"
Cache-Control: max-age=511653,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754c6cfce8d0b51d-OSL
|
|
| my.rtmark.net/gid.js | 139.45.195.8 | 200 OK | 65 B |
IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hasha746c77428e47aa2b279f62d66a9846e fe91335d2e7dd6f41f91761d2de7b858ad4f0f9f 5a1eab8daeb6a65b35c44099889d59d3c36901429fd5f05d629bbc175c224ac8
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promosurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://promosurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=52fc41eeebb94a02889baf1343434268; expires=Wed, 04 Oct 2023 08:07:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 44.240.140.78 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.240.140.78:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZNOFL++iuFd+RkOeBpx7tg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QdU9J9ntrF9QDMkU6ZkRnP+CIQg=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash16ae4a1439fab84b7de5fb6dd3ab3e00 b427836040c3809307c11026503dea7d57569463 269ce5b9693351933457fe0bccf9b3be570135cc13e199e35eb158ea4bb62ed2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "269CE5B9693351933457FE0BCCF9B3BE570135CC13E199E35EB158EA4BB62ED2"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9494
Expires: Tue, 04 Oct 2022 10:45:59 GMT
Date: Tue, 04 Oct 2022 08:07:45 GMT
Connection: keep-alive
|
|
| itcleffaom.com/track?offer_id=2755&z=4526262&request_var=63&variable2=32q6p4k8dn1d0 | 139.45.197.237 | 200 OK | 172 B |
URL HTTP/2itcleffaom.com/track?offer_id=2755&z=4526262&request_var=63&variable2=32q6p4k8dn1d0 IP139.45.197.237:0
File typeJSON data\012- , ASCII text, with no line terminators Hashb2c53e382a4001db1ba25c5def2d6fe4 f2bb3220f8fd71e78ad0d8eebec628256a002a62 937a534f8b79d6236f7f5caaaa499e534dc1f3f3dda90c7987899149a9ae9ac0
GET /track?offer_id=2755&z=4526262&request_var=63&variable2=32q6p4k8dn1d0 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promosurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: application/json
content-length: 172
x-trace-id: 86b365a43534b317a6999d1c9bd66e69
access-control-allow-origin: https://promosurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| promosurvey.top/pfe/current/micro.tag.min.js?z=4843177&sw=/sw/sw4843177.js&var=4526262&var_3=null&ymid=63&cdn=1&ab2=0&domain=laugoust.com | 104.26.14.99 | 200 OK | 37 kB |
URL HTTP/2promosurvey.top/pfe/current/micro.tag.min.js?z=4843177&sw=/sw/sw4843177.js&var=4526262&var_3=null&ymid=63&cdn=1&ab2=0&domain=laugoust.com IP104.26.14.99:0
File typeASCII text, with very long lines (65536), with no line terminators Hash61b9f0d677ef096477c282e54423390d c7cd4be1d22cc06930c661980d0a1ab4132a495a e972d604234a95dbc252a66240579a67bdcc12d631ac0c6761d09ae8a2ecb4a4
GET /pfe/current/micro.tag.min.js?z=4843177&sw=/sw/sw4843177.js&var=4526262&var_3=null&ymid=63&cdn=1&ab2=0&domain=laugoust.com HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: application/javascript
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
vary: Accept-Encoding
etag: W/"633acffa-1b1f6"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t407Hfy9itr0X%2Fg1tY0adsxQYLNmV4jKaUYjWkLBxiv1yaStVJeaSZVFbTdQqPvYloI1fwmm%2Fh99RN7ebirKQ7LBZi%2BTmKXeP9ufZKgI0tsutkv1%2BtFY2Y%2BM3vGJFxW2bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754c6cfcde26b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-3.jpg | 104.26.14.99 | 200 OK | 1.1 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-3.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash72ab252d8ff828965ad984b8ab16991f e45ea3665e80feb2e6309b04e1ec2e8d41bb279b c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291
GET /img/comments/person-sweep-3.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 1063
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-427"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZE5%2Fb2rhAaCupsFHQvo744o2nsuUB8DarBIPt%2Bdi5m5RqDBCHD7OAx9v831uq1SynuhA8BVwyFDWfmrz8KhfAeHiVGDp7DutW%2FkUKoGonUT1FSVjjKy%2FE0ckMxKKeHHboQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfe982ab509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-6.jpg | 104.26.14.99 | 200 OK | 10 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-6.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:31:13], baseline, precision 8, 50x50, components 3\012- data Hasheecc2c7e1efc1d69f01f47b677666cf2 c4e909b86e22612ca4c5e599c7fc7204573b1baa 92aaaee44b9c6f7f69cd778106927274a9c6f0fec665555be6b020d220207fb6
GET /img/comments/person-sweep-6.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 10400
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-28a0"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E30Ck83f1vRPZEZT0P007ZoXQYczKBnRNkUcS5%2FOpTf5dKYwqygZEZ1VhHJ63L8ZfNnXq7sqAFLU7ObBbfUotwKO8DiILt5Ubp6Y%2FKAU3Tbcrb5H4kbnMGIM6c%2F2B761xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfe9831b509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-12.jpg | 104.26.14.99 | 200 OK | 11 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-12.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:34:12], baseline, precision 8, 50x50, components 3\012- data Hash85b4e587433a60e7d3e98b1ef93a71f8 c4c8600ce8a5be2640aacbac866bf8b1f8192f26 65e9048c6b09381baa8056de19ad758b2a302dbbc3fb1cdb509e414ed73c69b8
GET /img/comments/person-sweep-12.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 11188
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-2bb4"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuKX79R0OJDzg5PheiNSyc7zIftIVsHpXxRSUuRntVBYIZBAyqE0TblGxsFa%2FSmtLacjzMCOOLKoB4hOETJah2%2FsIHwLuvqVkYaCPmK5%2FBwwqY6pJeyuqyKf5uguAaGaYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfeb852b509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-13.jpg | 104.26.14.99 | 200 OK | 1.1 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-13.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash85059de53011f0ef712a5f4b5dd13219 481385e3fe4b3ec1fd703de246796396a33777b1 7f442be1fc6ab7aa64035207cedeff057625371b7a58d551fda451acee6b4f58
GET /img/comments/person-sweep-13.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 1110
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-456"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IzMIL3ivTztwkYuYIdEuawtIm%2FcsgSinH%2Bi3fveAFgzVV3Ji0nxds6aOQ%2F5qw9caFMbjdFE%2BsFKrFLRdluKxTt0Z%2B18ssDqgdJsNrVYEz%2BGunn8c9hHztJP4w7yZGtDyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfeb855b509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/js/dict/cookie-consent-1.json?v=1 | 104.26.14.99 | 200 OK | 75 kB |
URL HTTP/2promosurvey.top/js/dict/cookie-consent-1.json?v=1 IP104.26.14.99:0
File typeJSON data\012- HTML document, Unicode text, UTF-8 text Hash8345f0bdc6dcedbe40cfd94f5258fddc 36cd8134798f14e47dd1595d7a0bbc307f4b182f 54c4b7b7d2425f3036173dc3d6cc7c8360e62b4f7898b48e58b1180908def896
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/dict/cookie-consent-1.json?v=1 HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: application/json
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
vary: Accept-Encoding
etag: W/"633acffa-168d"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lw1R7hpxF30SiunssOHUgD7Aq9z%2FOxXJOMp56f%2BiDohaN47hYlsyW5Npp51z8SYPIE%2FhCjboX4B%2FXM%2BpwRuOkEko3dCDbAPNKRujieGmCL6FAeynNoUb0gX3xSnFMcao1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754c6cfd2e7cb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/unnamed.jpg | 104.26.14.99 | 200 OK | 1.4 kB |
URL HTTP/2promosurvey.top/img/comments/unnamed.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Hash449aaf5a54e3fe3aa4f0f5875bede090 b2b897362626700277b7f8baca8b1f292d08b7e5 4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59
GET /img/comments/unnamed.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 1378
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-562"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEQSWz3VQtJsfLCApjTeFRKxfB4Fb7j0%2F7PlV0JhnIg629XAXJpDofU7biHuw%2BqYRZvr8NLnPG9V%2FUzsRgjZcWv5y9CwGuK2PuV8DgRDXW%2BiILYnGhXOvq50bhJ069gNsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfe9823b509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/css/survey.css?v=1 | 104.26.14.99 | 200 OK | 8.2 kB |
URL HTTP/2promosurvey.top/css/survey.css?v=1 IP104.26.14.99:0
File typeASCII text, with very long lines (19834) Hash393e711ff51f524b31c9f578626e9563 73a4a56250a39816002c50c256b8a8deadc79f21 d0c9b389fd213fdb85ffdf8a219b983a33e29be373c079010883cbdf3e4ebaad
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /css/survey.css?v=1 HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:44 GMT
content-type: text/css
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
vary: Accept-Encoding
etag: W/"633acffa-4d7b"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jE7%2Bo3LgoWS8iOH6F%2FzARz4s9yd0x60G%2FHfEgfDvy7uTOybac1UrA4%2BDvQ9B8Z%2FPbNfsS8Nr8eM%2F6ygOsvYADUvH3QbM85jjyOoBgTEkJEOnHkYZRjuljLUXZjtyMYAwHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754c6cf909b4b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-5.jpg | 104.26.14.99 | 200 OK | 3.3 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-5.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\012- data Hash92c40a962aa579868b64b8b7f1b6575c f676f1ce463a7b0b7b2c05587a9b52285e55e679 64e47fb0b1dc439d03463c15a7977d88988a4d3f7d563e3d772cc9ca8d41e414
GET /img/comments/person-sweep-5.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 3268
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-cc4"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DlaFwuk2Scjr3Ri30iUfPhW0W1a4%2FGLEyIQp0TRL9vkyE8PrEshA2%2FDJPv0Kqskap5c%2F1lSaXmcTZqTt9BO4LS42Prb4JpjbPciqVzP5NZ%2F4C9%2FmVcTDesiJloa6yY9NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfe982fb509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-2.jpg | 104.26.14.99 | 200 OK | 1.0 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-2.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashe489d022a40ba80f51fb5acc1addea46 41c334f49c248783037ceaf6fc335acff62f760c c39b4bfbcc6aa147547ca922c4f80350b48dbfa59cbd5176f44373e3b20f3567
GET /img/comments/person-sweep-2.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 1042
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-412"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDbY0cFOEEc5RT8%2BxjOSrLnAo7CwdVabMCLoy%2Byydsj5FIZgCCdXmtBgfuUlK%2Bs1WrUtnIO1r5gmx0yY2FZqARuxVsiYWx5PnuJpmleFjCf9BS3PSpm%2FJxraFZNLvgp3xA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfe9828b509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-4.jpg | 104.26.14.99 | 200 OK | 3.7 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-4.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\012- data Hash02eebe83bc6786ef27b852477d4c4998 205314ba911137b6f6be4eefd946a2c62229e591 a0038f9d5f6fe1ce8fe1bf1cc7256f05e16c11d27041739c55918b823744753c
GET /img/comments/person-sweep-4.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 3694
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-e6e"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVuPjwMogcg1GBNhaXmwV6n1OffHS6AqP8ls85Kg%2BhIEYu8VGKfuCjOMKR5HQ%2Bg3LYz5rmhPUKbrRkF7F3Xt6aCxkfbyUBAizEhp3i0o1972Z9g%2FcgKA9raozPnSzjserg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfe982cb509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-8.jpg | 104.26.14.99 | 200 OK | 1.2 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-8.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashf60b9c2d018d7a29d014742ae8e36839 1b59e7eec38eb9f620256742f83ae7938ac0bb07 ed7ea3a5c85d0ba010c783b9599441ba28fb4333cf1ef534f6ec07b5d81e7fd8
GET /img/comments/person-sweep-8.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 1182
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-49e"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpcLEoEwB8nLY5Ge3Bc2gs5N2tJGT5XyiY2RWZVZjS1O6GKPkFa2czdShZCfolmn5bfwzqye3Hwj8DJ%2Fc8unNqTpq9sQ3wOL4K0ikAxhYmmUyPrsQxUcHDSl5P1FdR1B0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfea83cb509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-9.jpg | 104.26.14.99 | 200 OK | 12 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-9.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:32:23], baseline, precision 8, 50x50, components 3\012- data Hashf950070b2582c8f9202b5d084e91905f 7154a29bb2ecd778435943cf02c88fb9b0a86183 ccfcb58ee86d9df13807286e232dd153f04c84527fd80d5efc2212157cb6386e
GET /img/comments/person-sweep-9.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 11871
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-2e5f"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKOWm48gCI5gOrWIIyKQGyLgrG7haoWnoPYNF13WhlCHaImLrCvJsd7tmXOJB8DrbOJO32JJWOv%2BqKT29r9%2FXv0OYWBucWjPjRb%2BjdexjGEkpoVPdGRw4Wwu85y6Ss6Ujw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfea83eb509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-7.jpg | 104.26.14.99 | 200 OK | 11 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-7.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:30:25], baseline, precision 8, 50x50, components 3\012- data Hash583a669aef17441f222db5be083f3750 f869d6bf98c43f0a0a935305096fe637df202687 5afe11e79d5ce7715f2dd2a291c3841d7abc1a62ac89002214f9562f6f58865b
GET /img/comments/person-sweep-7.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 10884
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-2a84"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dk2IMj8m7DSCKGAQBTLtmbdJJtGiiYugOiCyrnFnJ8UDXShqNvDnBeRei3IpqD78WdJAsHd9aIFBQ9eMxhRoH%2FwmYAgaDLpg12yqA3nFaCPv4hGSU6BJI1QIts8ZGl8BNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfea83ab509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-10.jpg | 104.26.14.99 | 200 OK | 11 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-10.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:33:44], baseline, precision 8, 50x50, components 3\012- data Hash2f7d5d907d9e6d0250afbdbeb7f3cb0c 136703751a36b76b1fe599930ec855f90fde9f23 271e2dabe37ae76b27d28edfeaf49c9a4135f62dd24a3c0ff3387ea9354841f1
GET /img/comments/person-sweep-10.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 10828
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-2a4c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quxrezyO9TIc5y53prNOB59pwE9dV3rTx4pbI4BaRiT3975DqPpq%2FDEfnI1iR%2BB%2BmtDlrksjXJFYOf4IHUsMH3yBNPStG1iF%2FaodM8cxQvIb4WDcSN6io5ASG%2BDVjhKeBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfea849b509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-11.jpg | 104.26.14.99 | 200 OK | 11 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-11.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:32:58], baseline, precision 8, 50x50, components 3\012- data Hashe33f2bea60761c8f1c4cf8648839692a 14a8b54006c419c85842d96a8a4aeb837f5a0a5e 9d020381e094ab0ae1556c751f9c4af6498cf12989cd9c3605ca91b856cb5951
GET /img/comments/person-sweep-11.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 10636
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-298c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzkRLKp9Z72WC4WVtRgfdlKXJrRVIHEljTdYnrLjAx6HJ2v4xaOTZsveckzl2s%2FeLwShw2BN2p1%2Bf32P0PHJnbFrXr0HGWn%2FYxPpt0puSq0qKEgVIg%2FuMjtcBaW%2BL3Aceg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfea84cb509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-15.jpg | 104.26.14.99 | 200 OK | 1.1 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-15.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashca57a3f68e171ebeb7798679d5fb79ca 688e6a4ffeeae81c9e970e03081de1fe26afac9a f739552ded4074fa25475c5a5ed9c49dc0a769e791e9916b5d8bcbc044f8818a
GET /img/comments/person-sweep-15.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 1067
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-42b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0e4sp5UCzIg5dKYIkf6WD23MhecZoyeyfqJSCBlIogLGECm7ntINw6PDq%2BToopZy%2Bo1i31ZpYOJVLrp36KoAJGJ0YplSltpxcWdIA7GSqMmaxHEAwDAWnF%2FE3b%2BQKK0kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfeb859b509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-16.jpg | 104.26.14.99 | 200 OK | 1.2 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-16.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash9574e9e3f629fc4cc0f470f678a232ca 89412a05077b4eaa423f7790bd5fb4ee3efc84eb 15f660e8aec56d65e9da4efcd552984e5a623c25b8484c3efbdfa7567bdab17d
GET /img/comments/person-sweep-16.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 1208
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-4b8"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExCT83vj6CXa%2FjSb6M9YF94WVIt%2FFpttyboaRZp3HM8L0K%2BO7YRg7RZrCE%2BchycZpcI%2F24aDEZTEGUBgpXtllVrS0XExCTePA5gonqRsRGQVI1hiwrSI0HWJ6l55YNbx5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfeb85bb509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/comments/person-sweep-14.jpg | 104.26.14.99 | 200 OK | 1.1 kB |
URL HTTP/2promosurvey.top/img/comments/person-sweep-14.jpg IP104.26.14.99:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash4248fa5ac54e7b0dfa5a791bd1dbd161 aa880bfbdca2ec69d93fd29606a64bdce6ee830c 174659ceb240363f2d31a6fd392f108ad714a592b0dc3192d1051c42237bf8b8
GET /img/comments/person-sweep-14.jpg HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/jpeg
content-length: 1146
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-47a"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUDwLD9a1qEuamlex%2FSfX7fhfQAi5f9h1QVpkpBEnKRE6XIWNztCZ62RLh9rqPPGkAlS%2FcMCegb5ivHzoY4bGv%2F62lwj5%2B2x3srfYdfnKfrxGNRT0v6oqirkRjnDfi0IhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfeb858b509-OSL
X-Firefox-Spdy: h2
|
|
| promosurvey.top/img/sweep/tokens10k.png | 104.26.14.99 | 200 OK | 67 kB |
URL HTTP/2promosurvey.top/img/sweep/tokens10k.png IP104.26.14.99:0
File typePNG image data, 480 x 500, 8-bit colormap, non-interlaced\012- data Hash7226e7c7102de83aea128e7417e87779 1777a0c66bd17c26c4da8462efa8975342581a4d 2cb3f101f3327f07baf3bcd509372a6058d871da12ae0661771a5c7c339fff36
GET /img/sweep/tokens10k.png HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/png
content-length: 66622
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: "633acffa-1043e"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhSXT46Ez55AI7KgS92Hiq6oLyqBDQkIaFep4SKTlLiZ8D3tsN6Q84MkuKtTdqfk16sEqoP9JoBk%2BQwIwXhuML8Oo%2FErt7XBbQ9CJyur3fkwFt14apmjgm6%2FBaV7xIjYdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfec86ab509-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash778dfc33f849d577a1524dedb80c7f7c deac9620fc086de0c067b75a9e8a126541e9a49c 8ce029c54d83e3d820ca20ea26fdb2c2b78ae4f288c9e39465af4409f0b6242f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 08:07:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 01:33:17 GMT
Expires: Tue, 11 Oct 2022 01:33:16 GMT
Etag: "deac9620fc086de0c067b75a9e8a126541e9a49c"
Cache-Control: max-age=580530,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754c6cff0866b4f1-OSL
|
|
| promosurvey.top/favicon.ico | 104.26.14.99 | 200 OK | 702 B |
URL HTTP/2promosurvey.top/favicon.ico IP104.26.14.99:0
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Hash0092372b471c057c54dac2b76622dcba ce81cb4e8f0889a5db21a12207f0655bf2e8d0bd a8e1cf3eaa37fc7de9f45bb5dc7722d489130b374488186bd5280b7b07d6387d
GET /favicon.ico HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: image/x-icon
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: W/"633acffa-47e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wpn5Ifcsd2XZqsyR7ALn9gcQ4SHdyBLFuEAOu9CDhNEnqKkke9nXaycJKd1fhyJ8p6X7CAEdombxMacjmvh1xSVlzP7l4myF5HtXL0dXmZNdcJR0cBqlyQrz%2FPQBFtQxkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfdff83b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/metrika/advert.gif | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/metrika/advert.gif IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 04 Oct 2022 08:07:46 GMT
access-control-allow-origin: *
etag: "633583ac-2b"
expires: Tue, 04 Oct 2022 09:07:46 GMT
accept-ranges: bytes
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A292%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A31819918%3Arqn%3A1%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C%2C0%2C%2C86%2C4%2C%2C%2C%2C416%3Ans%3A1664870864629%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 | 93.158.134.119 | 200 OK | 400 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A292%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A31819918%3Arqn%3A1%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C%2C0%2C%2C86%2C4%2C%2C%2C%2C416%3Ans%3A1664870864629%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 IP93.158.134.119:0
File typeJSON data\012- , ASCII text, with very long lines (400), with no line terminators Hash3a975014f963a5877c579686630cb2c8 af9499b508168897d40487b58fce7fd3fd834951 0bd87cbd72d2dfc171b7e74d487ccc232cd7c11ad26abb946c0eeb85898104ee
GET /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A292%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A31819918%3Arqn%3A1%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C%2C0%2C%2C86%2C4%2C%2C%2C%2C416%3Ans%3A1664870864629%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promosurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Tue, 04 Oct 2022 08:07:46 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://promosurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 04-Oct-2022 08:07:46 GMT
last-modified: Tue, 04-Oct-2022 08:07:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A559086711%3Arqn%3A2%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C970%2C970%2C0%2C%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A559086711%3Arqn%3A2%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C970%2C970%2C0%2C%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A559086711%3Arqn%3A2%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C970%2C970%2C0%2C%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 77
Origin: https://promosurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 04 Oct 2022 08:07:46 GMT
access-control-allow-origin: https://promosurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 04-Oct-2022 08:07:46 GMT
last-modified: Tue, 04-Oct-2022 08:07:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| itcleffaom.com/rotate?zz=4599387;4599749;4702124&var=4526262&ymid=63&uid=52fc41eeebb94a02889baf1343434268 | 139.45.197.237 | 200 OK | 1.1 kB |
URL HTTP/2itcleffaom.com/rotate?zz=4599387;4599749;4702124&var=4526262&ymid=63&uid=52fc41eeebb94a02889baf1343434268 IP139.45.197.237:0
Hashf1f025316561db1e3a72ee59c461b234 4a88a916de3ae9cff8b1d6ab03d91d80d9159dd9 8a44e009abd86aecabad6804a5a7b5eb4b9ed763171934802302d35d581dbb24
GET /rotate?zz=4599387;4599749;4702124&var=4526262&ymid=63&uid=52fc41eeebb94a02889baf1343434268 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promosurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: application/javascript
x-trace-id: a7cd33c1313667074b41079f280ae976
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://promosurvey.top
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=52fc41eeebb94a02889baf1343434268; expires=Wed, 04 Oct 2023 08:07:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A822399643%3Arqn%3A3%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A822399643%3Arqn%3A3%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A822399643%3Arqn%3A3%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://promosurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 04 Oct 2022 08:07:46 GMT
access-control-allow-origin: https://promosurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 04-Oct-2022 08:07:46 GMT
last-modified: Tue, 04-Oct-2022 08:07:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A696085913%3Arqn%3A5%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A696085913%3Arqn%3A5%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A696085913%3Arqn%3A5%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://promosurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 04 Oct 2022 08:07:46 GMT
access-control-allow-origin: https://promosurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 04-Oct-2022 08:07:46 GMT
last-modified: Tue, 04-Oct-2022 08:07:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A569753380%3Arqn%3A6%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A569753380%3Arqn%3A6%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A569753380%3Arqn%3A6%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://promosurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 04 Oct 2022 08:07:46 GMT
access-control-allow-origin: https://promosurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 04-Oct-2022 08:07:46 GMT
last-modified: Tue, 04-Oct-2022 08:07:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A656677577%3Arqn%3A10%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(10)fip(1)rqnl(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A656677577%3Arqn%3A10%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(10)fip(1)rqnl(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A656677577%3Arqn%3A10%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(10)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://promosurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 04 Oct 2022 08:07:46 GMT
access-control-allow-origin: https://promosurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 04-Oct-2022 08:07:46 GMT
last-modified: Tue, 04-Oct-2022 08:07:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A147554114%3Arqn%3A8%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A147554114%3Arqn%3A8%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A147554114%3Arqn%3A8%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 190
Origin: https://promosurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 04 Oct 2022 08:07:46 GMT
access-control-allow-origin: https://promosurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 04-Oct-2022 08:07:46 GMT
last-modified: Tue, 04-Oct-2022 08:07:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A967199896%3Arqn%3A9%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A967199896%3Arqn%3A9%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fpromosurvey.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1664870866_96f6c7aa50fba23cdc9824ad713df003c54afaf0010f24c800b1dccaf9a17dc6&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A967199896%3Arqn%3A9%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1664870864629%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 165
Origin: https://promosurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 04 Oct 2022 08:07:46 GMT
access-control-allow-origin: https://promosurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 04-Oct-2022 08:07:46 GMT
last-modified: Tue, 04-Oct-2022 08:07:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| cdntechone.com/stattag.js | 104.21.29.183 | 200 OK | 16 kB |
URL HTTP/2cdntechone.com/stattag.js IP104.21.29.183:0
File typeUnicode text, UTF-8 text, with very long lines (43256), with no line terminators Hash59bbabca18d4de376afc8516ed2e1719 24bd8c02313a007fe5d7c1334e6a2fa1b971fc00 e39f2385f494f465d1a1a96ce97634b4ddba6c7330380427aa30b5d0b0fb338b
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:17:49 GMT
etag: W/"62ebe31d-a8fa"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9uwTn2R6yED3hVx9KrRlmFBfgS94tfKnU1p2BgcAItPTd0vQhc538kBbAzxItMBBKNS1Vm7fASHXsCMqoyybTeY9WKRqx5iBaIZMwuvdnP0GweCjZ%2B9nKLFVoz86wUdAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cfcf80bb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20500
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:07:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20500
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:07:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20500
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:07:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20500
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:07:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20500
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:07:46 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg | 34.120.237.76 | 200 OK | 6.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash206fb65e75dbadf119512f71e0b78402 58ff0bf8ce7528b303d28bab01a80ad721705569 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 12293
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481896f6-cdf2-442f-aea2-dfa2c7c45f77.png | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481896f6-cdf2-442f-aea2-dfa2c7c45f77.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd5745f8e3528f481ae2acf05b4abd3d0 d830b94bea3b5698e5192a7ea05f90b25b2f9cc9 313e11915f0869a608c830637b9dfd236ff28a8fb3354c3cc8748816b0ee18b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481896f6-cdf2-442f-aea2-dfa2c7c45f77.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8738
x-amzn-requestid: ede4db78-f2ab-4226-a855-dc7373978dfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTFrBoAMFR3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-2776543e774f0016329ddade;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c9bu34_KooZB6Z4d8xXGnsd9jZ7lPl3yIo9II1Dm_2YVId3l9-7n-w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:46 GMT
age: 36720
etag: "d830b94bea3b5698e5192a7ea05f90b25b2f9cc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg | 34.120.237.76 | 200 OK | 4.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6779181f9c06975f2a662da743893939 585e7146fd24cdc2496b05baafea04091dc541e2 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 36660
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash59c6121e6f6cb833939e12585aca131e 5cc38c9cfe6a2ade7a1d8ee272c4eda47c35f5df 88b8a458ad437bf40d154b21d844ba56530ae05c2f42b417cfb0e6cffcb294e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 35cc0acc-ac90-4f36-a976-c61c34cfe4fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqNXG3mIAMFujg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5722-112061742493dd5255c3fb00;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VeeA3FQIKbAt5xmPr99k9gQjGbbwrRLM1lFYWaVIO3TCVM19GUKJaA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 36645
etag: "5cc38c9cfe6a2ade7a1d8ee272c4eda47c35f5df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg | 34.120.237.76 | 200 OK | 5.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash34f2dfb2faff276db1d4a57739db2450 f5ce815082043a4efce28fc790ae7d8b3a8531f8 e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5083
x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI0HT0IAMFxvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pddStyEpwVdYKSAUVcpupnWVPw6ALoYCouHQzixF_vTgXdpVF60ElA==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
age: 35807
etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| promosurvey.top/js/data/_global-config-sd.js?v=3 | 104.26.14.99 | 200 OK | 12 kB |
URL HTTP/2promosurvey.top/js/data/_global-config-sd.js?v=3 IP104.26.14.99:0
Hash0da42d3a547a9666cdfbdaf804d1a558 b892d94e9b8eb5fb7103954455b089cff5a3b97b e480cf4a88c6b8a4e48065086650560e3edab4649a155cb96d91ada86e3ee901
GET /js/data/_global-config-sd.js?v=3 HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:44 GMT
content-type: application/javascript
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: W/"633acffa-28b"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cL0R%2BLLkfR0xIrWgMqXAbhOveKORoXZCUhHIajMqPYH0PsBOESykjbzUQbvdcciC4tT2osnLxF29IznHDuEtEbsdiI4%2FYGpHJFAKCCEGK8ZvepNsKdMJWTMdzgJLJ7Fe%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cf909aeb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7a47367c806cea981542cb21db33465f c841b2f033c101b08379558775aa241b6c18c83c 5d07a438a31e36a2174ccebc46238d59dfa302df9204f431ab2082f972203775
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D07A438A31E36A2174CCEBC46238D59DFA302DF9204F431AB2082F972203775"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10244
Expires: Tue, 04 Oct 2022 10:58:37 GMT
Date: Tue, 04 Oct 2022 08:07:53 GMT
Connection: keep-alive
|
|
| promosurvey.top/js/data/rtc.js?v=1 | 104.26.14.99 | 200 OK | 0 B |
URL HTTP/2promosurvey.top/js/data/rtc.js?v=1 IP104.26.14.99:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/data/rtc.js?v=1 HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:44 GMT
content-type: application/javascript
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
vary: Accept-Encoding
etag: W/"633acffa-3a65"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0mpKMkILmjrOOYhYat%2BHLRvijLgCZnqZJd0vkgMFRaCHqAxD0DT5WnIHwxqkdjwiRH3RITEzhWsq5cd33wYiDI8PKU%2BS8S8pZx3ir3dWRCRt4nS4Qh4%2FXi%2BUAcuBu3WCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754c6cf909b0b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A292%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A31819918%3Arqn%3A1%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C%2C0%2C%2C86%2C4%2C%2C%2C%2C416%3Ans%3A1664870864629%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) | 93.158.134.119 | 302 Found | 0 B |
URL HTTP/2mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A292%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A31819918%3Arqn%3A1%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C%2C0%2C%2C86%2C4%2C%2C%2C%2C416%3Ans%3A1664870864629%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) IP93.158.134.119:0
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A292%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A31819918%3Arqn%3A1%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C%2C0%2C%2C86%2C4%2C%2C%2C%2C416%3Ans%3A1664870864629%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promosurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fpromosurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D63%26ymid%3D32q6p4k8dn1d0%26utm_campaign%3D63%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A292%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A162906650099%3Ahid%3A750342204%3Az%3A0%3Ai%3A20221004080745%3Aet%3A1664870866%3Ac%3A1%3Arn%3A31819918%3Arqn%3A1%3Au%3A1664870866849047175%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C%2C0%2C%2C86%2C4%2C%2C%2C%2C416%3Ans%3A1664870864629%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664870866%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 04 Oct 2022 08:07:46 GMT
access-control-allow-origin: https://promosurvey.top
set-cookie: yandexuid=2551996581664870866; Expires=Wed, 04-Oct-2023 08:07:46 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2551996581664870866; Expires=Wed, 04-Oct-2023 08:07:46 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1945486201664870866; Path=/; SameSite=None; Secure
i=ftcErTla6rrenvZ9bb/L/zVSt0S424BQkuN5jTKAJp4qQCGn5WtGIubE8eR2F5pKlNZttVLkAlyxSomJCzlRjP5Nm/Y=; Expires=Fri, 01-Oct-2032 08:07:45 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696406866.yrts.1664870866#1696406866.yrtsi.1664870866; Expires=Wed, 04-Oct-2023 08:07:46 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 04-Oct-2022 08:07:46 GMT
last-modified: Tue, 04-Oct-2022 08:07:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| promosurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=63&ymid=32q6p4k8dn1d0&utm_campaign=63&utm_medium=4526262&utm_content=zd_public_v2 | 104.26.14.99 | 200 OK | 0 B |
URL HTTP/2promosurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=63&ymid=32q6p4k8dn1d0&utm_campaign=63&utm_medium=4526262&utm_content=zd_public_v2 IP104.26.14.99:0
GET /sweeps-survey.html?z=4526262&offer_id=2755&var=63&ymid=32q6p4k8dn1d0&utm_campaign=63&utm_medium=4526262&utm_content=zd_public_v2 HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:45 GMT
content-type: text/html
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2et8aj2%2Fpo0QJX388FoFMI1BHmvpnWEp%2FHVEM1M4%2BYKnL%2FDUmbWSCRUmEXkXz7UMRbgvlNOWfIKELcPS2MqY0yiT6qwP%2BN%2B7n2MSYmo8cz%2F8H4rNuJOoMJnBd%2FF1hCEupg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754c6cfafbe4b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| promosurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=63&ymid=32q6p4k8dn1d0 | 104.26.14.99 | 200 OK | 0 B |
URL HTTP/2promosurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=63&ymid=32q6p4k8dn1d0 IP104.26.14.99:0
GET /sweeps-survey.html?z=4526262&offer_id=2755&var=63&ymid=32q6p4k8dn1d0 HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:44 GMT
content-type: text/html
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3V5lDu2vRFpFLn9drMJ3YQDtdHQE6ZrdJFE1CvX27g%2Fu3a0WonApr67v1cKFboJiGlYWKUXuV8rUeoAm5gPJU6mBWWdWGSLLZWt32YkYcslZHzjc9wFnZ6%2B2tCDHr%2F9ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754c6cf7b817b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| promosurvey.top/js/sweep.js?v=4 | 104.26.14.99 | 200 OK | 0 B |
URL HTTP/2promosurvey.top/js/sweep.js?v=4 IP104.26.14.99:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/sweep.js?v=4 HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:44 GMT
content-type: application/javascript
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
etag: W/"633acffa-90"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dW%2F4akQPyZraAFWHxWW4EavbDZMaweSIzEZGzdXlgAaHQK3Ra5vNftRqjLi6RSNdYAKQo6IEeUttarz%2FtVMmanF3V%2BcosY9Fide1TKDSpT3trjCP6KJDiI4p3IW%2Fj2JM6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c6cf909bdb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| promosurvey.top/js/config.js?v=7 | 104.26.14.99 | 200 OK | 0 B |
URL HTTP/2promosurvey.top/js/config.js?v=7 IP104.26.14.99:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/config.js?v=7 HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:44 GMT
content-type: application/javascript
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
vary: Accept-Encoding
etag: W/"633acffa-1085d"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cD2v%2F6tjZMlxFej8UANGAZRzKWFzUE7gEz%2FMf56AkFYUGwart%2FoeQIcX1Y%2Fsi%2B1y1yKnD%2Bl7udqSKlm2qbmOjegq155pO2%2BKN1kCle3Xm1CW3Xhw6%2FGVfZ5Ovw7hceJtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754c6cf909b2b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| promosurvey.top/css/sweep.css?v=7 | 104.26.14.99 | 200 OK | 0 B |
URL HTTP/2promosurvey.top/css/sweep.css?v=7 IP104.26.14.99:0
GET /css/sweep.css?v=7 HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:44 GMT
content-type: text/css
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
vary: Accept-Encoding
etag: W/"633acffa-f45e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUvCTJOp%2FduwUsM8eaZQ3W6xgyPzEW6HxcOxgIJd94Q8Pt9UBWgwPTETTWTKeV19kWLBwyiRiYMAZck1WtXj3ITwUl2i7oDaOx6GG7HhY%2BnXO6NA2CC5Ezr%2F4qkMoTkN5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754c6cf909b5b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| promosurvey.top/js/survey.js?v=13 | 104.26.14.99 | 200 OK | 0 B |
URL HTTP/2promosurvey.top/js/survey.js?v=13 IP104.26.14.99:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/survey.js?v=13 HTTP/1.1
Host: promosurvey.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:44 GMT
content-type: application/javascript
last-modified: Mon, 03 Oct 2022 12:05:14 GMT
vary: Accept-Encoding
etag: W/"633acffa-4a180"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rp0q0evZNPQ%2BVQoHIzHB%2Bp9WLDV5UfeTJtgAh1bY0Pc8CYE4CSZcY9TO9cLD25lcG3Hp7Ys2Y2TpyNYxzOBhol4lqX2V%2BO%2FY2DClKuO1nKrVxYC%2B6H%2Fmvvh%2B00xrGPFkMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754c6cf909b8b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|