Report - manylucksurvey.top/betting-survey.html?z=4534663&offer

Report Overview

Submitted URL
manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5
IP
172.67.192.143
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-30 09:30:24
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
laugoust.com	unknown	2022-07-22T13:11:39Z	2023-03-13T05:09:35Z	470 B	877 B	139.45.197.250
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	4.1 kB	11 kB	23.36.76.226
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	718 B	1.5 kB	139.45.195.8
itcleffaom.com	72236	2021-07-29T13:48:44Z	2023-03-13T06:56:12Z	883 B	52 kB	139.45.197.237
datatechonert.com	46154	2021-12-24T17:44:17Z	2023-03-13T06:06:56Z	461 B	486 B	139.45.195.253
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	7.1 kB	35.241.9.150
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	963 B	104.18.32.68
mc.yandex.ru	2672	2012-05-21T11:38:30Z	2023-03-13T08:16:45Z	18 kB	93 kB	93.158.134.119
cdntechone.com	64371	2021-12-24T18:09:58Z	2023-03-13T06:06:46Z	325 B	840 B	188.114.96.1
pulsersurvey.com	unknown	2020-04-01T23:21:43Z	2023-03-13T01:09:25Z	402 B	23 kB	139.45.197.151
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	359 B	1.4 kB	104.18.20.226
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	63 kB	34.120.237.76
manylucksurvey.top	unknown	2022-08-15T23:18:04Z	2023-03-13T07:53:10Z	934 B	1.4 kB	172.67.192.143
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	676 B	1.5 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	14 kB	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.83.22.170

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-30 09:30:24	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-01-30 09:30:24	medium	Client IP	172.67.192.143	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-30	medium	itcleffaom.com	Sinkholed
2023-01-30	medium	laugoust.com	Sinkholed
2023-01-30	medium	datatechonert.com	Sinkholed
2023-01-30	medium	itcleffaom.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5	771 B	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5 IP 172.67.192.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:26:13 Last Seen2023-03-13 12:17:17 Times Seen1 Hash 501f172921572d7f7cb631c8473e476f b5a7817fd01652bcc63fdeaffdd7b73f6235dd55 573355d416005b50d7ac14652a6201eaa2990cabcd90ad1d74b501767bad3de0 Loading...

	manylucksurvey.top/js/_is-browser-supported.89c0b86e.js	1.0 kB	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/js/_is-browser-supported.89c0b86e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:10:55 Last Seen2023-03-13 14:58:17 Times Seen1 Hash 9300c15ad7cffd5876c2f45e9ae04d5c 4f4a2f32e5d79d5f06798f473c96878f4ce1abd5 3d84fd8da13f9c2c4c90cad8109eb76ea6a56c8f9bc192a28649559796b5c953 Loading...

	manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5	236 B	2023-03-12	2023-03-26
Pretty URL manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5 IP 172.67.192.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:21:12 Last Seen2023-03-26 00:35:42 Times Seen97 Hash b98369b7b44fb2e7275952d3f6d08696 f26365bad8e8869f6e6fa3733409700bc286b694 0716eaaa39d6bb0cf468d972677ad5f0d992a121b8037a331a0486dfa2b235ce Loading...

	manylucksurvey.top/js/_each-land-config.039127ff.js	41 kB	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/js/_each-land-config.039127ff.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:26:13 Last Seen2023-03-13 12:17:17 Times Seen1 Hash 36d0052cb1cefe8aacae1195254e14b0 608d738e41195212f8aa0820a02631f1f900c40f 8794092f12a419bc36913c848be1fd1fd139594659d611357be0dfdd2b75fd7c Loading...

	manylucksurvey.top/js/v-index.js.0c57bc62.js	35 kB	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/js/v-index.js.0c57bc62.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:26:13 Last Seen2023-03-13 12:17:17 Times Seen1 Hash 97aa096f8443a5268f7608e6533fe54d 766afe4dbac711c7a689ca923bd493d31e948da3 2087a7c2ffa8f3ea2d0412dd31f659719e436525ee61e604b51d7f2ffe83850a Loading...

	manylucksurvey.top/js/v-_baseIsEqualDeep.js.44c3619f.js	719 B	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/js/v-_baseIsEqualDeep.js.44c3619f.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:26:13 Last Seen2023-03-13 12:17:17 Times Seen1 Hash 72d9f78cd8f2acf2e9aa93ec46b56c64 b661892eae51e5c72981e4778f916c324b52664b a65c8f2616e576ac04c65dac6f77b87381378e92c9a6eb05b5943d50535fcab9 Loading...

	manylucksurvey.top/js/betting-survey.31d6cfe0.js	0 B	2023-03-07	2024-04-25
Pretty URL manylucksurvey.top/js/betting-survey.31d6cfe0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 11:30:52 Times Seen37062476 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mc.yandex.ru/metrika/tag.js	216 kB	2023-03-13	2024-02-12
Pretty URL mc.yandex.ru/metrika/tag.js IP 93.158.134.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:21:16 Last Seen2024-02-12 03:39:19 Times Seen26 Hash 11dace43aae35c0df839beaed62a7af2 69bc46afefb0a5a4246be951c20b9ea7196333df e920c8868829d751996c981a49d415d9a1abc190bc51cc719826441236231e32 Loading...

	manylucksurvey.top/js/s-storageService.js.c2d14bf0.js	2.6 kB	2023-03-12	2023-09-20
Pretty URL manylucksurvey.top/js/s-storageService.js.c2d14bf0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:21:12 Last Seen2023-09-20 09:39:50 Times Seen77 Hash 24b5b5534c271e0bd7603072a42239c3 b05967409e784e229dbe632be42d4c26344a5650 9907afe3e4f311f87e058007d3c0e3a590ea9dc4887d9cbf81ceb95ac875ad0e Loading...

	manylucksurvey.top/pfe/current/micro.tag.min.js?z=4843163&sw=/sw/sw4843163.js&var=4534663&var_3=null&ymid=10&cdn=1&domain=laugoust.com	42 kB	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/pfe/current/micro.tag.min.js?z=4843163&sw=/sw/sw4843163.js&var=4534663&var_3=null&ymid=10&cdn=1&domain=laugoust.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:26:13 Last Seen2023-03-13 23:00:39 Times Seen1 Hash 047530a3450dc9b4e898653e06a12c82 687fc706b7fd4cc59ac4fb100f53a1f7d3122cbd 97ecbba31bb9b8f3a323834193167f286ae117789ce0b45089498dd0f90d7c2b Loading...

	manylucksurvey.top/js/BettingSurvey.dfe9b79b.js	1.4 kB	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/js/BettingSurvey.dfe9b79b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:00:31 Last Seen2023-03-13 12:17:17 Times Seen1 Hash f7e79fb755fd0664075cfb68b7d16eea 9a0a6a5c87ea3f2eeded4230689378f3d77734b5 baf854d8f72923cb0cd86b487aae675d079484db42729e2f0dc44bfc81a2f952 Loading...

	manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5	923 B	2023-03-12	2023-04-05
Pretty URL manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5 IP 172.67.192.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:21:12 Last Seen2023-04-05 02:10:28 Times Seen548 Hash c9c1ad35a9ab3c91454a812c3fe91860 bd33f965772fe1813b6b3609fb872ab8795ff505 08567263baf0f891460a5bd66ad2468e81569bcdcce80748193c6c729e3792f7 Loading...

	manylucksurvey.top/js/_rtc.b920829b.js	11 kB	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/js/_rtc.b920829b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:24:06 Last Seen2023-03-13 19:38:47 Times Seen1 Hash e937617c660202ffe256897a33d87796 874f951ad52d0e53fa61625a8a06d98a847000ca c9cbe6f8555a0f4fbd835df0aa159d8412c3ef111828ea708fb9674cb7f79a09 Loading...

	manylucksurvey.top/js/v-_equalByTag.js.aaa58009.js	934 B	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/js/v-_equalByTag.js.aaa58009.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:26:13 Last Seen2023-03-13 12:17:17 Times Seen1 Hash 2f6cede66cfc528b388c9697384eba38 1e036bccca35cbae28090d10438ae6153a877389 6254ef88efc859241a2ecdfd36ac2927cd1a18366e71134c238a60fd8b0dcaa2 Loading...

	manylucksurvey.top/js/v-react-dom.production.min.js.a35f144b.js	129 kB	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/js/v-react-dom.production.min.js.a35f144b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:24:06 Last Seen2023-03-13 12:17:17 Times Seen1 Hash ae93f0708b7c39317725fa9a998f7e19 02f3d6ed699a45fa63282d7a8a1ebc81c147750a 383fb01737fed020e98c7bc1605d505c6ef5747dc9bc518b289c02cc5f974f59 Loading...

	manylucksurvey.top/js/config/data/sd-1509001.js?v=10	5.2 kB	2023-03-12	2023-04-27
Pretty URL manylucksurvey.top/js/config/data/sd-1509001.js?v=10 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:31:07 Last Seen2023-04-27 17:40:02 Times Seen8 Hash 6276e217f1cca97453b1c65f57375fdc ae241ba2ff12e59693a8ff77059f27a4f62cb471 15018f2406ec406948a27be6388c2ba2756f2605f27e79df72db5cc2c2b8986b Loading...

	manylucksurvey.top/js/_global-config-sd.42e5e47b.js	964 B	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/js/_global-config-sd.42e5e47b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:24:06 Last Seen2023-03-13 19:38:47 Times Seen1 Hash 416a2035b3b697e6b23b06b83dcfc3bf af0b3745d11028d30380060e34f0c254ab84567e c7188ecae517f97cc3f3cc4705c879d792e80af02d30fd64dd71b79e702dc005 Loading...

	manylucksurvey.top/js/v-redux-toolkit.esm.js.fafaeba8.js	10 kB	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/js/v-redux-toolkit.esm.js.fafaeba8.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:26:13 Last Seen2023-03-13 12:17:18 Times Seen1 Hash 0d01f859d8d27d224bc008448081f796 1692f119982a00cd9ea0a050fad76e2b7e14617c 734c89d3c98663fc1e07c153d369feb7d85a57365e88c8a2b3e1e94658e8c987 Loading...

	manylucksurvey.top/js/_core-survey.e45b5aec.js	191 kB	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/js/_core-survey.e45b5aec.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:26:13 Last Seen2023-03-13 12:17:18 Times Seen1 Hash bc0146b22ca13c5ba71b1d168803cef0 ee62806c55cfc8c4fa817adb6f7e38c319369848 5e278604cf1b8cb214a98127c8140ca72dd0b0a01b0d34065f4a2bbdb1634b7c Loading...

	cdntechone.com/stattag.js	13 kB	2023-03-12	2023-03-13
Pretty URL cdntechone.com/stattag.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 11:02:19 Last Seen2023-03-13 15:16:34 Times Seen1 Hash ca36929b82c9bfc249c2f8eb83574b69 f69e40270281bb0bdb4bcab63cd6adc21653f559 58444808f638e51e082fc66dc748f4064ea56db71a793b319a05068a786668b0 Loading...

	manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5&utm_campaign=10&utm_medium=4534663&utm_content=zd_public_v2	103 B	2023-03-13	2023-03-13
Pretty URL manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5&utm_campaign=10&utm_medium=4534663&utm_content=zd_public_v2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:18 Last Seen2023-03-13 12:17:18 Times Seen1 Hash 46fcf6551c43184207e5cb77810c23a6 007162e0bded345b7f0fa22e92b927d1b077a443 2b2808ab2ca05879ada2ff20798bad86a9943cf3b3ae8474457a88fb191b58e7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6b1ca2d5899b9e8d6f088f51a5ba42a8	80 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 12:17:18 Last Seen2023-03-13 12:17:18 Times Seen1 Hash 6b1ca2d5899b9e8d6f088f51a5ba42a8 ad12f28bacecede0240cffdcec878ee7bf36e83d e03a392da1b5e3fc7110655afd7b0fcd6507f0fede377249fb8868ed9e5eaad4 Loading...

HTTP Transactions (53)

URL IP Response Size

manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5

172.67.192.143

301 Moved Permanently

0 B

URL HTTP/1.1
manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5
IP
172.67.192.143:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 09:30:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 30 Jan 2023 10:30:12 GMT
Location: https://manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yl%2B6aa78kFRqjGVAxCieg2nP12OMeZR%2FfIPtR2UVOv6oh8DlFgIAiC3V8%2FZkV9blyFK0Vhhe4YZ44LbYZrCJjCpyfwoXp%2BkGi75vaVsvfzSti%2FEK0DVP3SbCui1%2B26opFBnb4Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791930055817b527-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9382
Expires: Mon, 30 Jan 2023 12:06:34 GMT
Date: Mon, 30 Jan 2023 09:30:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11645
Expires: Mon, 30 Jan 2023 12:44:17 GMT
Date: Mon, 30 Jan 2023 09:30:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6665
Expires: Mon, 30 Jan 2023 11:21:17 GMT
Date: Mon, 30 Jan 2023 09:30:12 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 08:43:11 GMT
content-type: application/json
age: 2821
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: CwyhzNr/rxoJYim7IMBdPIA1jJS4wmsGHbrl5fLHSUDrwv6vxXuXvM5YSsEPY/JyGh6+INqjAzA=
x-amz-request-id: 3DMNATAEVKHRTTH3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 08:50:40 GMT
age: 2373
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 09:30:13 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
42b8190ca03133598984304f7eeb0e14
9ccc7fc3a629f0f8fbde1d9c0050dfa4adfdc87e
a114aacbae42b27fcaa1c6a536283229f70eb857571e16082a7190ebb7030176

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A114AACBAE42B27FCAA1C6A536283229F70EB857571E16082A7190EBB7030176"
Last-Modified: Fri, 27 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 30 Jan 2023 15:30:13 GMT
Date: Mon, 30 Jan 2023 09:30:13 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
42b8190ca03133598984304f7eeb0e14
9ccc7fc3a629f0f8fbde1d9c0050dfa4adfdc87e
a114aacbae42b27fcaa1c6a536283229f70eb857571e16082a7190ebb7030176

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A114AACBAE42B27FCAA1C6A536283229F70EB857571E16082A7190EBB7030176"
Last-Modified: Fri, 27 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 30 Jan 2023 15:30:13 GMT
Date: Mon, 30 Jan 2023 09:30:13 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

5.1 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
data
Size
5.1 kB (5088 bytes)
Hash
27c376f1bf26ae76502b4d7fa4e33c18
1bd6775fe66859e2d623d2a32e4c95856973b426
a12dfc93e79ccfe5aa383158654cdcf2a75df45d6da346950bded0b26785c40d

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 08:49:04 GMT
age: 2469
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e2d2b00ed4a3970f9b7c4561eec1f2ba
5d51d00a750a05bcad6aac56b5dcd410afff7591
20f4ee50766ee62c45e9a18f9646a856c1ae9b702a055c7d9131026dce630c42

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20F4EE50766EE62C45E9A18F9646A856C1AE9B702A055C7D9131026DCE630C42"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8958
Expires: Mon, 30 Jan 2023 11:59:31 GMT
Date: Mon, 30 Jan 2023 09:30:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6632
Expires: Mon, 30 Jan 2023 11:20:45 GMT
Date: Mon, 30 Jan 2023 09:30:13 GMT
Connection: keep-alive

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
78d740813b596e7eb632b59dbf9d99f5
4dc588f03ba412c1765e0c27ccfe563a19f6448d
51adb6465c65e75ae22b4114c1524c412c4f2de22f5e677e35d7898354b895cf

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 09:30:13 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3de54874c6964122827bbeaa484956f3; expires=Tue, 30 Jan 2024 09:30:13 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
f802f236051aaa85d4411678a2377184
711dd243393219bd12256c3830421377d579d38a
6caafd70e0fe417582f273e58cac70a72700461652209c6cc04406ffeef3aa9f

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 09:30:13 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=eef1d1db84a44ef28508ad59fee241a5; expires=Tue, 30 Jan 2024 09:30:13 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
533ba1f71209e95bc3592fdc89b1c87a
2dd012d45dd6ab28636ecafc30cbd79bf777a9b5
9b0fe64e6c2059c11d15c627d2ab8a065dcdd853f580733fe552437d7c330b81

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:30:13 GMT
Last-Modified: Mon, 30 Jan 2023 08:35:15 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

14 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
14 kB (13530 bytes)
Hash
0845fbeb7c9b03a42361a171fb163960
a66b5c50c4ab677f480329dbc2fa754516861bf4
cf50c41aab78d1a8eccd6c329a4c38e2969a527c7a9e0eb21fe3f134058492e3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:30:13 GMT
Last-Modified: Mon, 30 Jan 2023 08:35:15 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c130e4608787ae7eaf7a4c548ae2679
c8a35e9d2212d78a5edc6c106940b20e0b40f7a8
035cadeeffd469982d8bb9856e467730df30bc978633e2dd75baf859eb185fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "035CADEEFFD469982D8BB9856E467730DF30BC978633E2DD75BAF859EB185FE2"
Last-Modified: Fri, 27 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5891
Expires: Mon, 30 Jan 2023 11:08:25 GMT
Date: Mon, 30 Jan 2023 09:30:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6121b54a56753e9bfaf1bd97fc17542e
156ad4a837edcb61044b663cab5d9f5f648547d3
135d87c239ac64cf82ac7034bda946b4bd0eafa5d8e302dde5f9aebf7f177526

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "135D87C239AC64CF82AC7034BDA946B4BD0EAFA5D8E302DDE5F9AEBF7F177526"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1651
Expires: Mon, 30 Jan 2023 09:57:45 GMT
Date: Mon, 30 Jan 2023 09:30:14 GMT
Connection: keep-alive

push.services.mozilla.com/

35.83.22.170

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.83.22.170:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: z1mvAUIKW+dadl9HTo/KtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EwQyRRCSQC1PEBRLiGWjho5TVdk=

itcleffaom.com/track?offer_id=2058&z=4534663&request_var=10&variable2=51vq9q803vg5

139.45.197.237

200 OK

51 kB

URL HTTP/2
itcleffaom.com/track?offer_id=2058&z=4534663&request_var=10&variable2=51vq9q803vg5
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
51 kB (50754 bytes)
Hash
6e4fc511214330eeb746ed7e24e80f53
be134ae00bb1f7601250217fbbf49f5a7079c0ec
8347c2ed34a96cf536256b9f5125ca487f2d871b9d7d728d26f542b12e24505b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /track?offer_id=2058&z=4534663&request_var=10&variable2=51vq9q803vg5 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 09:30:14 GMT
content-type: application/json
content-length: 148
x-trace-id: 8280460dcfc1e9f6473ab684891a590d
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

laugoust.com/zone?&pub=0&zone_id=4843163&is_mobile=false&domain=manylucksurvey.top&var=4534663&ymid=10&var_3=null&dsig=&action=prerequest

139.45.197.250

200 OK

501 B

URL HTTP/2
laugoust.com/zone?&pub=0&zone_id=4843163&is_mobile=false&domain=manylucksurvey.top&var=4534663&ymid=10&var_3=null&dsig=&action=prerequest
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
data
Size
501 B (501 bytes)
Hash
ea67e984b5a96c517085927c44817b6c
c73185ef3b2d8b70857316e87907233010f254b0
ab2235358b7725b82062c55bf30a28a9f987d57f2cf67fe7bb99bfce120af851

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=4843163&is_mobile=false&domain=manylucksurvey.top&var=4534663&ymid=10&var_3=null&dsig=&action=prerequest HTTP/1.1
Host: laugoust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 09:30:14 GMT
content-length: 0
x-trace-id: fd8e85cd41d194d72ff2be2c3f9223db
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ec42d7324ad1c80caba4afdd28f39165
33ff4118cfa2a04eb8e8e886f0ab0dd54324b679
e2b44e32dd856c497ebfd310ea411dc19ff2e15cf68df9af6b02ccd5b66bb253

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2B44E32DD856C497EBFD310EA411DC19FF2E15CF68DF9AF6B02CCD5B66BB253"
Last-Modified: Sun, 29 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8420
Expires: Mon, 30 Jan 2023 11:50:34 GMT
Date: Mon, 30 Jan 2023 09:30:14 GMT
Connection: keep-alive

pulsersurvey.com/contents/s/0f/b5/a0/eccfe6fe27747ca4a84abb1c9b/0926450336462.png

139.45.197.151

200 OK

23 kB

URL HTTP/2
pulsersurvey.com/contents/s/0f/b5/a0/eccfe6fe27747ca4a84abb1c9b/0926450336462.png
IP
139.45.197.151:0
ASN
#9002 RETN Limited

File type
data
Size
23 kB (22718 bytes)
Hash
ea65d7caf20c8b7e0f7afef9d0896ae5
eb76505e57976b112b3f3aa3ec7659883bf817e0
8aa34caf615bee0bb6f4897e2a425e1120215bad4f4d2946c85310e3c2f06f2a

HTTP Headers

GET /contents/s/0f/b5/a0/eccfe6fe27747ca4a84abb1c9b/0926450336462.png HTTP/1.1
Host: pulsersurvey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 09:30:14 GMT
content-type: image/png
content-length: 10580
last-modified: Thu, 21 Jan 2021 09:10:34 GMT
vary: Accept-Encoding
etag: "6009450a-2954"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f449add508501da44724305fb6ff20a0
ced164d4c36445b3eb9db8da2d43aca1b747d19a
e3afe28a6c603e1f372f38f5b531267aad351861484190aa66a94ef32786996e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 09:30:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 17:20:01 GMT
Expires: Sun, 05 Feb 2023 17:20:00 GMT
Etag: "ced164d4c36445b3eb9db8da2d43aca1b747d19a"
Cache-Control: max-age=545985,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7919300f2bc7fab4-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
f4ddc657d3931d8f28239f268cb1a108
663c2e56d7fefb3846d325fdb333df6710fdbb07
8052f47b635ae1677eca84f1caef41392b9769ffc69a6cccb4cbbc3a1200c312

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 09:30:14 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 03 Feb 2023 07:16:22 GMT
ETag: "663c2e56d7fefb3846d325fdb333df6710fdbb07"
Last-Modified: Mon, 30 Jan 2023 07:16:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1577
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791930105b37fac4-OSL

datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a

139.45.195.253

200 OK

12 B

URL HTTP/1.1
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
IP
139.45.195.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1009
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 30 Jan 2023 09:30:14 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://manylucksurvey.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

mc.yandex.ru/metrika/tag.js

93.158.134.119

200 OK

74 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Size
74 kB (73769 bytes)
Hash
a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 73769
date: Mon, 30 Jan 2023 09:30:14 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Mon, 30 Jan 2023 10:30:14 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 09:30:14 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Mon, 30 Jan 2023 10:30:14 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A610049643%3Arqn%3A1%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C86%2C1%2C%2C0%2C%2C101%2C1%2C%2C%2C%2C353%3Aco%3A0%3Ans%3A1675071024921%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29

93.158.134.119

200 OK

6.0 kB

URL HTTP/2
mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A610049643%3Arqn%3A1%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C86%2C1%2C%2C0%2C%2C101%2C1%2C%2C%2C%2C353%3Aco%3A0%3Ans%3A1675071024921%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
data
Size
6.0 kB (5957 bytes)
Hash
2feb5f92a208a5553bc0aea13f882006
377a386d8c3d983f9e11682f94e60b95a2c2f938
13648d0d089995628622957499d81dc0674fad9f246b1e1dcb7d75ce139aed23

HTTP Headers

GET /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A610049643%3Arqn%3A1%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C86%2C1%2C%2C0%2C%2C101%2C1%2C%2C%2C%2C353%3Aco%3A0%3Ans%3A1675071024921%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 400
date: Mon, 30 Jan 2023 09:30:14 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 09:30:14 GMT
last-modified: Mon, 30-Jan-2023 09:30:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A821561817%3Arqn%3A3%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2)

93.158.134.119

200 OK

524 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A821561817%3Arqn%3A3%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
data
Size
524 B (524 bytes)
Hash
01915f6d1f46c3495d82571470131160
97a9117ac98771cda0130d5ae79fe1d95e9e152d
e1aaddc865de5d77458a2a18c32df84347a4b36e4e143cc7a18c021a775b1ab7

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A821561817%3Arqn%3A3%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 09:30:14 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 09:30:14 GMT
last-modified: Mon, 30-Jan-2023 09:30:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A955747222%3Arqn%3A2%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1269%2C1269%2C0%2C%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A955747222%3Arqn%3A2%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1269%2C1269%2C0%2C%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A955747222%3Arqn%3A2%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1269%2C1269%2C0%2C%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 77
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 09:30:14 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 09:30:14 GMT
last-modified: Mon, 30-Jan-2023 09:30:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A86905447%3Arqn%3A5%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A86905447%3Arqn%3A5%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A86905447%3Arqn%3A5%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 09:30:14 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 09:30:14 GMT
last-modified: Mon, 30-Jan-2023 09:30:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonUnique&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A840478863%3Arqn%3A6%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonUnique&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A840478863%3Arqn%3A6%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonUnique&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A840478863%3Arqn%3A6%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 09:30:14 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 09:30:14 GMT
last-modified: Mon, 30-Jan-2023 09:30:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A857383592%3Arqn%3A4%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A857383592%3Arqn%3A4%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A857383592%3Arqn%3A4%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 09:30:14 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 09:30:14 GMT
last-modified: Mon, 30-Jan-2023 09:30:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A823024654%3Arqn%3A7%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A823024654%3Arqn%3A7%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A823024654%3Arqn%3A7%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 09:30:14 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 09:30:14 GMT
last-modified: Mon, 30-Jan-2023 09:30:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A1011399145%3Arqn%3A8%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A1011399145%3Arqn%3A8%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A1011399145%3Arqn%3A8%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 199
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 09:30:14 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 09:30:14 GMT
last-modified: Mon, 30-Jan-2023 09:30:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A683826102%3Arqn%3A10%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A683826102%3Arqn%3A10%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A683826102%3Arqn%3A10%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 09:30:14 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 09:30:14 GMT
last-modified: Mon, 30-Jan-2023 09:30:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A153856608%3Arqn%3A9%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A153856608%3Arqn%3A9%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675071014_4157a8b50ef65c4dc6cc6aa14c5eb275739490b09ceda3c32d7a56cb59b8bc0c&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A153856608%3Arqn%3A9%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675071024921%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 316
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 09:30:14 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 09:30:14 GMT
last-modified: Mon, 30-Jan-2023 09:30:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2653
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 09:30:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2653
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 09:30:15 GMT
Connection: keep-alive

mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A610049643%3Arqn%3A1%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C86%2C1%2C%2C0%2C%2C101%2C1%2C%2C%2C%2C353%3Aco%3A0%3Ans%3A1675071024921%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)

93.158.134.119

302 Found

503 B

URL HTTP/2
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A610049643%3Arqn%3A1%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C86%2C1%2C%2C0%2C%2C101%2C1%2C%2C%2C%2C353%3Aco%3A0%3Ans%3A1675071024921%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A610049643%3Arqn%3A1%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C86%2C1%2C%2C0%2C%2C101%2C1%2C%2C%2C%2C353%3Aco%3A0%3Ans%3A1675071024921%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fbetting-survey.html%3Fz%3D4534663%26offer_id%3D2058%26var%3D10%26ymid%3D51vq9q803vg5%26utm_campaign%3D10%26utm_medium%3D4534663%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A378129070147%3Ahid%3A822018524%3Az%3A0%3Ai%3A20230130093026%3Aet%3A1675071026%3Ac%3A1%3Arn%3A610049643%3Arqn%3A1%3Au%3A167507102630910521%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C86%2C1%2C%2C0%2C%2C101%2C1%2C%2C%2C%2C353%3Aco%3A0%3Ans%3A1675071024921%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675071026%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 30 Jan 2023 09:30:14 GMT
access-control-allow-origin: https://manylucksurvey.top
set-cookie: yabs-sid=870379831675071014; Path=/; SameSite=None; Secure
i=xc0wYIsnc5ADbWimrY6lZgcckEDl1UbL4BaHV6VzDaMsw/VXNqeYTg+/0LrKG8Owz7rJPYvm506o6lZpZ0dtt4Mx7Os=; Expires=Thu, 27-Jan-2033 09:30:13 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4434664601675071014; Expires=Tue, 30-Jan-2024 09:30:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4434664601675071014; Expires=Tue, 30-Jan-2024 09:30:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706607014.yc.1675071014#1706607014.yrts.1675071014#1706607014.yrtsi.1675071014; Expires=Tue, 30-Jan-2024 09:30:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 09:30:14 GMT
last-modified: Mon, 30-Jan-2023 09:30:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2653
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 09:30:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2653
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 09:30:15 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg

34.120.237.76

200 OK

3.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.7 kB (3678 bytes)
Hash
e8d680cbaee5ef3e7b8e09b174ed6ecf
6651a0d3041920798240ea67e827c3d458769fa9
4c74e8ebff95e67da678248d3dc1d3f42d98c8a0d33d54d9d2bde36314c9f952

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3678
x-amzn-requestid: 21cd1ae3-b769-418a-b7f8-5efa486db859
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEvE-RIAMFpmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-6998009c289996563d78616a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or8AGZIZTzP_EuRHaCfCNrdPQIw2OQW37MKvOTFQIQgO0h18ct0-Xg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:34:10 GMT
age: 39365
etag: "6651a0d3041920798240ea67e827c3d458769fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11095 bytes)
Hash
bb1a5e0a2bb1cacf87189373c118adf4
079974268f755aa38fb2cb32b8bcb748353c793f
1b0519e6bfca30a31b83d427302f7e22140f5b2da6f13cac37ea9c07abc42676

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11095
x-amzn-requestid: dc7c00e2-cd2d-4265-8763-3dd7dbe223ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkFyEhJIAMFjpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f1-541a17c362e95dfa5e90f58f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: t1IqXPqG23nYmxAPOJFaZhKDD49KD8fREs8L59AGjx-1AzoQOeSO0A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 41827
etag: "079974268f755aa38fb2cb32b8bcb748353c793f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7679 bytes)
Hash
3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 41886
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9167 bytes)
Hash
3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 45838
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9457 bytes)
Hash
51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 41377
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8464 bytes)
Hash
fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 41694
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5934 bytes)
Hash
8fce79ef35b4c943c2b60d5092d17b6f
d29ce982633d0cc50b2a968ea22893d92b9663e3
297e951e4ab09c3465deb222cbe8f66579f9154d4e8806eec3a52350e577fded

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5934
x-amzn-requestid: 75aeb64a-1ba1-4349-84f3-b94aabeccc9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFUMIAMF3nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-56d6fb7b337769986c5c567b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RKiUEsflAz1PfeT8AvkmfNGxTkGO_0Ajo5hgnRIvo0qdiVUA0wD46Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:34:18 GMT
age: 39364
etag: "d29ce982633d0cc50b2a968ea22893d92b9663e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

itcleffaom.com/rotate?zz=4326387;5592660;5592658;5592700;5592645;5592702;5622941&var=4534663&ymid=10&uid=eef1d1db84a44ef28508ad59fee241a5

139.45.197.237

200 OK

0 B

URL HTTP/2
itcleffaom.com/rotate?zz=4326387;5592660;5592658;5592700;5592645;5592702;5622941&var=4534663&ymid=10&uid=eef1d1db84a44ef28508ad59fee241a5
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /rotate?zz=4326387;5592660;5592658;5592700;5592645;5592702;5622941&var=4534663&ymid=10&uid=eef1d1db84a44ef28508ad59fee241a5 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 09:30:14 GMT
content-type: application/javascript
x-trace-id: 39c961daf4f1fdc00085834dd2099eca
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://manylucksurvey.top
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=eef1d1db84a44ef28508ad59fee241a5; expires=Tue, 30 Jan 2024 09:30:14 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5

104.21.44.8

200 OK

0 B

URL HTTP/2
manylucksurvey.top/betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5
IP
104.21.44.8:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /betting-survey.html?z=4534663&offer_id=2058&var=10&ymid=51vq9q803vg5 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 30 Jan 2023 09:30:13 GMT
content-type: text/html
last-modified: Fri, 27 Jan 2023 11:23:38 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7NXjNfgO3sSAiR2OTIyYY6g4wKTS%2FEnDLhiUOaEt2oFiArazrAaPtI7P879RqtrN2%2Fc4VNrfMBo5ce90MrMy15GLgSI%2FfZUki7QQNsC3zx5oOs2VBv9FMbm5SedTinf%2FM6Fl2I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791930088d7bb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdntechone.com/stattag.js

188.114.96.1

200 OK

0 B

URL HTTP/2
cdntechone.com/stattag.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 09:30:13 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:22 GMT
etag: W/"63adb9d2-331f"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2038
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUMvJ8SmQyUfspavETG9EhyFToZg4TiAks1RDX0Gtw8n4SaX7%2F5o8Wo7L47L91Sy36V9w6cvp87IQH%2BlY9AaCNBtAEvRIGTKBn5Qf0OnuwT66WVfkOdrJJJ7LrLfzDyE2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919300d0b621bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML