wr3.topprofitsurvey.top/survey.html
172.67.75.71200 OK 2.5 kB URL HTTP/1.1 wr3.topprofitsurvey.top/survey.html
IP 172.67.75.71:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2676)
Hash 8e11238834b3c4412b3fabbfeb3b15ff
daa8b3c72261e957680a26bf4fc973c03f24b3e4
b62da5aa1eddeaf497974424532255ad5ed28250549fc818b670f168918d6b02
Analyzer Verdict Alert fortinet Phishing
GET /survey.html HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1s3LRsC0CZKxzP6QcP%2FWDE66M%2F4RxK%2BB4T4Y1433k0gP5jVLyX1YmlpPturBnUWZ5yrWVGM1Fj4b5ivymZni4t8Ii%2Bhqq46W1iDbtxZVn%2B3pLzjvft46s8doMxXj2%2FozLrjcy%2BcBUBc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f404c9500b51-OSL
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8061
Expires: Mon, 12 Dec 2022 10:19:29 GMT
Date: Mon, 12 Dec 2022 08:05:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3800
Expires: Mon, 12 Dec 2022 09:08:28 GMT
Date: Mon, 12 Dec 2022 08:05:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 07:08:35 GMT
content-type: application/json
age: 3393
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9987
Expires: Mon, 12 Dec 2022 10:51:35 GMT
Date: Mon, 12 Dec 2022 08:05:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HcE1g+lzxlo7ofSaQ05T0xd6lbBv/U2iCbOa35Tg+quq6RtxH18zKVh2wH3elWXus38ywRKslsw=
x-amz-request-id: YFA99CYY8EYQF8SW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 07:49:31 GMT
age: 937
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 08:05:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
wr3.topprofitsurvey.top/js/_global-config-sd.35896343.js
172.67.75.71200 OK 351 B URL HTTP/1.1 wr3.topprofitsurvey.top/js/_global-config-sd.35896343.js
IP 172.67.75.71:0
File type ASCII text, with very long lines (475), with no line terminators
Hash fa72a6232949780e39fdd199cef96b6f
b940c1f782249f3c07b80807809ea75cf59c437e
27c565635aebeeedf1d4a65c534cc86a1f2887e160e335d3696b471d13a675cc
Analyzer Verdict Alert fortinet Phishing
GET /js/_global-config-sd.35896343.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-1db"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nq2cncc8OOJsqaRtVBHnooEQKZHeVERBB9VtiDC8oYw%2FHG1D62oxRH9eMPTxe%2Faxa5hmHvhCMd2KiwYEmViizSDBw75ZcoKk0PheBXIKzXeN%2FlBVieXm%2FeDytDiAKeSxR%2F9yVRzFtLzg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f4072b890b51-OSL
Content-Encoding: gzip
wr3.topprofitsurvey.top/js/v-FormData.js.4806b5b2.js
172.67.75.71200 OK 152 B URL HTTP/1.1 wr3.topprofitsurvey.top/js/v-FormData.js.4806b5b2.js
IP 172.67.75.71:0
File type ASCII text, with no line terminators
Hash cdedda593521febaa5aaf369e95273a9
1409108c2cdd0dddc654def98f445e6fcb308ee2
03dcc582b32185d2c24d76c0c5e87145c6271a43e60d1cc55fef3ef9fc09f072
Analyzer Verdict Alert fortinet Phishing
GET /js/v-FormData.js.4806b5b2.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-bf"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RemhzDE72tGQZ2jg8ROwEgKd5LLEn%2BTUxp%2FLZwgpskeDazB6t7CLdmEpp7ZTj2AbqhV7rOvQsMo9u70dwL2YKBaS%2Byri4bhQDYCBxqjcyAl4p12psF7Qek8IpRxOl7YI3hbxZJh7lKS0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f407399b0b3d-OSL
Content-Encoding: gzip
wr3.topprofitsurvey.top/js/v-index.js.953f3fc0.js
172.67.75.71200 OK 12 kB URL HTTP/1.1 wr3.topprofitsurvey.top/js/v-index.js.953f3fc0.js
IP 172.67.75.71:0
File type ASCII text, with very long lines (37587), with no line terminators
Hash 30f877b87286c4e82d2c58bced23ec14
d46d2a507900921910428a6d9e175e88248482ce
3b63539102ac9fe658520b58ba9306aa8f8553ea7615a516725c6ec0650628a8
Analyzer Verdict Alert fortinet Phishing
GET /js/v-index.js.953f3fc0.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-92d3"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1SaZTN%2FygwS5fPfHX03wbRd6vUq46dbRAGz0hz8clJGLVwostdfcK2QZr9f1jRRoPIKaZWwwmVUNcSC53PpQGyOYksTeaX9V5jKLeG3MZ54QA%2BHvtDMYAT1ZKTOFOwXIfPSVfhxqC8C"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f4073c72b4f1-OSL
wr3.topprofitsurvey.top/js/rtc.da245488.js
172.67.75.71200 OK 4.9 kB URL HTTP/1.1 wr3.topprofitsurvey.top/js/rtc.da245488.js
IP 172.67.75.71:0
File type ASCII text, with very long lines (10708), with no line terminators
Hash 0e2d473aa15ab91aeb01327faa86436c
bef77eff5e40a391d80c28298960ebad55233cc4
cd827b667b43dffcd849a21281059f43c1affbeed005cacdf3907c72e4b949df
Analyzer Verdict Alert fortinet Phishing
GET /js/rtc.da245488.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-29d4"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaY3UkICz31lJrfT4unuM4%2BnCzJVXnMBR3VtFQ%2F61uzbd%2FLz7VL6tFNIi3deRzJr%2FnmRuZ1fijvQtEAgJ1Zxrtf73U%2F9u4oZm64R3o4MzqwDkXKEBQYWZWzZ2PPJCZDJ3P5C1TPn%2Fv8X"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f4073e7bb4eb-OSL
wr3.topprofitsurvey.top/js/v-utils.js.aa933f73.js
172.67.75.71200 OK 3.4 kB URL HTTP/1.1 wr3.topprofitsurvey.top/js/v-utils.js.aa933f73.js
IP 172.67.75.71:0
File type ASCII text, with very long lines (8634), with no line terminators
Hash 97aa396bf55041c923e30e4f57077669
4454ce86e981ddd80bb7c8e81fc708d62b0dbab4
3cc6e41808e7625dde29ec5f91632034baef11f240885730f2c644569e738b03
Analyzer Verdict Alert fortinet Phishing
GET /js/v-utils.js.aa933f73.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-21ba"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZzmeeiQmbmpc9cWDySQ%2F7hPz5FgWueeMer4Cd0mw2YgtaIJRAwvOXyOXpbL0itEbi7dQeXGyhNQ2%2FWqJ8SKWQ7WGuLvDvW5%2Bl784I8i2fQcnTXefdhGusWQqwCizGvL99HIfsjCN3B%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f4073bafb50b-OSL
wr3.topprofitsurvey.top/js/v-URLSearchParams.js.749f6847.js
172.67.75.71200 OK 170 B URL HTTP/1.1 wr3.topprofitsurvey.top/js/v-URLSearchParams.js.749f6847.js
IP 172.67.75.71:0
File type ASCII text, with no line terminators
Hash 684c8d1ceb4ec6836ea2e6bead54967c
fe211ff2dfa63c5f9027c6f1b2ae4134706fa015
8022a5176f9d0e53ac55f675aa463daa4457a48a0a83baa3b9ed807c1e87ee75
Analyzer Verdict Alert fortinet Phishing
GET /js/v-URLSearchParams.js.749f6847.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-dc"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0hUQInRzvz5j8jryEgdCBwsTVB9CuaqXasjHopeVuCBkLPriesQC3sRg0FzzAXcAj9TLuircRcnTW3nkreUNlijk%2BqtAYWEZytgueOwAB9YLQLEAkelc3R6XMpg89ZeELUEI%2BwiSqrd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f4073cfd0b41-OSL
Content-Encoding: gzip
wr3.topprofitsurvey.top/css/style.94ff2c9d.css
172.67.75.71200 OK 5.7 kB URL HTTP/1.1 wr3.topprofitsurvey.top/css/style.94ff2c9d.css
IP 172.67.75.71:0
File type ASCII text, with very long lines (39576)
Hash 01db1390b7c2fa022c7e922e398a7fd4
94bdf9996f121a75c3157c33141c316aefcab328
08f32bbf8516d1b83b532e4649dd7699bb0e69c8faa7e22052392f0914685880
GET /css/style.94ff2c9d.css HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-9ac7"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdShavISi6gdxuS8fNoTkaF9zSTrw6JNT0ekUyP4YqOeWBhyD91wWqwik%2FEZKzX2UIW4JK4acM0cvkldzqZK0LAdR2ceRdA%2Bn7Vea7LRv%2FkzOyUGUnD5UZxJ5PK0V9Xj1lQ%2FLVoPvFq1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f407cde4b4f1-OSL
wr3.topprofitsurvey.top/css/survey.cd8123e3.css
172.67.75.71200 OK 4.3 kB URL HTTP/1.1 wr3.topprofitsurvey.top/css/survey.cd8123e3.css
IP 172.67.75.71:0
File type ASCII text, with very long lines (18986)
Hash b9ec9269bc65f5f77dea906bb8ffac8e
d434c38ba100dff67176c46f68c66de03398ab89
1fa7b61ed5157bc17ab8efa481aa7d8f3dfb1a0b68ffa5d183f4fd6582c1fdee
GET /css/survey.cd8123e3.css HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-4a5a"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRItjrPu83RML%2BM0hNMJIFVGtTTy67t5vjT0%2FaQV7RriYRcMN%2FkohRImQPWH%2BqmyZKshZHqt8aOvBIa9KnAlbCe7oPYLBADZhEy9wha1nvm94yaHf8L0Aas6rqyMVt9qr53i9J0C7546"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f407ba070b3d-OSL
wr3.topprofitsurvey.top/js/survey-site.8780de8e.js
172.67.75.71200 OK 1.5 kB URL HTTP/1.1 wr3.topprofitsurvey.top/js/survey-site.8780de8e.js
IP 172.67.75.71:0
File type ASCII text, with very long lines (4257), with no line terminators
Hash 889293e49547de9602cbf09778c00a44
fd441d6f5455061071c52f1e6058f5c06b934721
b70c78d77f6de401122945acdbb9c1dc414d33aeb0b32b52234a726234a21be5
Analyzer Verdict Alert fortinet Phishing
GET /js/survey-site.8780de8e.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-10a1"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQr8r6VRCIsSN8%2FZpD36xbfmZsseqRNo%2F2YOtz8UqTVTTbMHV9wFcrI8RjE6t%2BfUbRji1ew2caSAbLVs5zULsx6FqNn2kBfA4MY8n%2BiOmVd7uUG1azxja7PD%2BQplbU7FT4ozG4%2FDqSok"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f407cc6ab50b-OSL
wr3.topprofitsurvey.top/js/each-land-config.a2233f39.js
172.67.75.71200 OK 21 kB URL HTTP/1.1 wr3.topprofitsurvey.top/js/each-land-config.a2233f39.js
IP 172.67.75.71:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 870d1302c291fed0e66de24a14762cb2
2f332e4c15bd9b5c800ef4503b0ba7c69f06bdff
7378fbb2b6b574bc539bb000bb17987172c6bd9ee3b9653f78032a10d4a766a5
Analyzer Verdict Alert fortinet Phishing
GET /js/each-land-config.a2233f39.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-1039c"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgradCoOp7Qz6O6fUkLDLbItTP9VDqsDlRjm%2FwvAgXgVoIsjE8snARGYrtLjl%2Fi2wLsILLDB4lILSHm6QihiwPyeoxP%2FpQoMGwSZJ5hQ0ZQeWHZEMRZVd1jy1hqrgi3%2Fo2XyI59h5nba"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f4078bda0b51-OSL
wr3.topprofitsurvey.top/css/finance-many.f62e95c1.css
172.67.75.71200 OK 3.0 kB URL HTTP/1.1 wr3.topprofitsurvey.top/css/finance-many.f62e95c1.css
IP 172.67.75.71:0
File type ASCII text, with very long lines (15284)
Hash 57f521fd45902f6c4cd5ec306522b5ba
71601a65003287feae114c0419b25fcc0a4a875e
1f2c7a3fc975f4d1c880edb62196b02a96a702d3e820009a3e04010cf58675fa
GET /css/finance-many.f62e95c1.css HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-3bea"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FDpX8wzoO9qF5z4G9zN9Tbx%2FCLdFFKeJxWhbTQNzBWLIrVdnhk7CrNkTIGJJmKdimlGLxr5CYO1LA35O1kyEJsLnKK6Y5ryogbdgsNEbrJDXSCfWk5h0EciQtjBCRoRD7wd8RFODbCg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f407cf1bb4eb-OSL
wr3.topprofitsurvey.top/js/v-_baseIsEqualDeep.js.ae1e9633.js
172.67.75.71200 OK 432 B URL HTTP/1.1 wr3.topprofitsurvey.top/js/v-_baseIsEqualDeep.js.ae1e9633.js
IP 172.67.75.71:0
File type ASCII text, with very long lines (720), with no line terminators
Hash 48d77065e511aa157e7663aa09b5cd97
ecf02eca5cb33cf6453f847d3c2eeae41e9b9d93
35614946a97720c08ff98ae6a60b6c1b11953801fb0f7ae36f88faf1fbe3d9d0
Analyzer Verdict Alert fortinet Phishing
GET /js/v-_baseIsEqualDeep.js.ae1e9633.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-2d0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZTGqe5gyjO81BnIYoiimt8j5HhurpDdsS084I24LmwPHTv0NHALZgrFi9np9f4GRet%2BTPMNwWihT8v4WzvI0WfedWOKuBk6D840KTGex9Hv6z98FgTrUBXgsPJnlcg7LESx2PyrJxUE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f4081e3ab4f1-OSL
Content-Encoding: gzip
wr3.topprofitsurvey.top/js/v-_equalByTag.js.9d9f7d5b.js
172.67.75.71200 OK 494 B URL HTTP/1.1 wr3.topprofitsurvey.top/js/v-_equalByTag.js.9d9f7d5b.js
IP 172.67.75.71:0
File type ASCII text, with very long lines (935), with no line terminators
Hash 8ffe8441e8fdb9263f94a3e01f4453fe
7f82522d8a2a9ac6db2da3cfcf14f7eaca222c57
990daadf592ddee3fb7af328324946f38bc79ef89db3694258dd11ba957e9835
Analyzer Verdict Alert fortinet Phishing
GET /js/v-_equalByTag.js.9d9f7d5b.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-3a7"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdSYzHQUMKxv4HW55Z7d650Amnf9dK7M1dRWbhDRGxi1UrZD9wiB96HvWamqOyuCok2Y%2FvvLSzzx9LWBD0GOsPELejbM9wDj7jXgDi%2FnkpEGNGNs8eVTtqt26KNZ40E8TOrI2hfRARia"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f407dd750b41-OSL
Content-Encoding: gzip
wr3.topprofitsurvey.top/js/binom-pixel.b81fc939.js
172.67.75.71200 OK 668 B URL HTTP/1.1 wr3.topprofitsurvey.top/js/binom-pixel.b81fc939.js
IP 172.67.75.71:0
File type ASCII text, with very long lines (1359), with no line terminators
Hash 56957bc0413c8d9091f6a350d70c497a
8c3d93a0490a8ecdec7323618a76677edd76b000
ce7d86c75b99d1114fba378dd750aef35806b3f028281a15a07f177ffb78a020
Analyzer Verdict Alert fortinet Phishing
GET /js/binom-pixel.b81fc939.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-54f"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsfWWZFDFWEkfdLvyp22Qe%2Fgo65xTinVM1IaSzUsIljRYJC89Chp6F494JwfK8Y8XU5vZXeyue9zor6CZZeUVrugpvcn%2F3DHSBHYyTvDFvCm75G7vKwwQ0rXWwbFdkS%2BblDSbWSHhXol"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f4085fe3b4eb-OSL
wr3.topprofitsurvey.top/js/v-redux-toolkit.esm.js.39e58b74.js
172.67.75.71200 OK 4.1 kB URL HTTP/1.1 wr3.topprofitsurvey.top/js/v-redux-toolkit.esm.js.39e58b74.js
IP 172.67.75.71:0
File type ASCII text, with very long lines (10396), with no line terminators
Hash 87b60aa5dfc5fdd2bc94a8ff2a6d7bea
97a5288788a3917f7a04f2eb77159d345c869fab
35c29b3a5a86cd256d7480ed8d7b45781995c4e42e70969459e3450f3fdf1f48
Analyzer Verdict Alert fortinet Phishing
GET /js/v-redux-toolkit.esm.js.39e58b74.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-289c"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBX%2FDS8MLrCtni68KvXFidvch%2FU%2Fu7bE69ZLgsz84JdGcpdeDaZ%2BkVI%2FTJUk1iihxLMgRw%2BfYzaTsShF6e5%2FAFpaOXUAna0T7Ti%2BI9WmZb1VsA0a9IOmoPtnDf4zqneAUCWT1WkRdUm%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f4081ce5b50b-OSL
wr3.topprofitsurvey.top/assets/7645149297743cd29764.svg
172.67.75.71200 OK 798 B URL HTTP/1.1 wr3.topprofitsurvey.top/assets/7645149297743cd29764.svg
IP 172.67.75.71:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1080)
Hash cb2095909c32a62061d37b450797a5e0
22e2cbf314ef603360a2d8fd77916f551627f7cf
ffbd27b175424737af7d0a1e5311542946bff3449b2ecc8603939d7931657fd9
Analyzer Verdict Alert fortinet Phishing
GET /assets/7645149297743cd29764.svg HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-c19"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMGrp6YH8CRunnrZNpuv2yh2VhJEYuZyGGtN1BKjTfrSSZb3d1vM020rcKXvHiyJnWJ5Gn0EuYZ4zB7Swof74D1v7VwCprw7L9MJfP7%2F3nHzZBSUXwQUvwFjVENxanPgOt1cEGP8G21b"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f4086eb0b4f1-OSL
Content-Encoding: gzip
wr3.topprofitsurvey.top/survey.html?utm_content=zd_public_v2
172.67.75.71200 OK 2.5 kB URL HTTP/1.1 wr3.topprofitsurvey.top/survey.html?utm_content=zd_public_v2
IP 172.67.75.71:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2676)
Hash 8e11238834b3c4412b3fabbfeb3b15ff
daa8b3c72261e957680a26bf4fc973c03f24b3e4
b62da5aa1eddeaf497974424532255ad5ed28250549fc818b670f168918d6b02
GET /survey.html?utm_content=zd_public_v2 HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhHa0KlEnNbfd9fne9wlNYKdPvYwQYtBi7yAR8rG4Yhnoqy9WohgJAxSj5nuc%2BcqkhBMdSLqY6PwSDFisjFHWCeL8zelT8nfGIwTzDyD%2F7IQO1kB5lbKa%2FRIRGWidMfc8VCCg%2FJh%2BEta"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f4092fe9b4f1-OSL
Content-Encoding: gzip
wr3.topprofitsurvey.top/js/config/data/sd-1203056.js?v=10
172.67.75.71200 OK 1.7 kB URL HTTP/1.1 wr3.topprofitsurvey.top/js/config/data/sd-1203056.js?v=10
IP 172.67.75.71:0
File type ASCII text, with very long lines (8119), with no line terminators
Hash aeef0bb80d6e1218786bccb97e696821
578ab1169b38362deccb377e423c46a924932702
1d2ea1281d40d1ef911d39e5ffa9714fd96d0d57ebffbcdf8ef1996d2fe5b15b
Analyzer Verdict Alert fortinet Phishing
GET /js/config/data/sd-1203056.js?v=10 HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-1fb7"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kii3bRZPpJ7apqThKm9%2FuepfM4oKxH2udRrfBeq5toLwk%2F1zwASWKhqs4P4aqjHcAC2BuRlajLhdD0OqhtXqq1HX2hgL2FaWkH1YxiDojBO%2BTmP19SEhNpnkJsoUyeebkgLUrkURoB8g"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40928f4b4eb-OSL
wr3.topprofitsurvey.top/assets/7645149297743cd29764.svg
172.67.75.71200 OK 798 B URL HTTP/1.1 wr3.topprofitsurvey.top/assets/7645149297743cd29764.svg
IP 172.67.75.71:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1080)
Hash cb2095909c32a62061d37b450797a5e0
22e2cbf314ef603360a2d8fd77916f551627f7cf
ffbd27b175424737af7d0a1e5311542946bff3449b2ecc8603939d7931657fd9
Analyzer Verdict Alert fortinet Phishing
GET /assets/7645149297743cd29764.svg HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-c19"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uw24OdyLVVIpB2T6BVSHdL40DRi6unAg8DW6NQ%2BtDKhFJQ2K9Jper7%2FTLq7WFYtRIXludPW1xii%2B4JLknU0y8X46ZbxGi7antTKv%2B9a9U1Vc3huKzpqb1gYkh0L2BsoYowkP5QJgmnGV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f409c968b4f1-OSL
Content-Encoding: gzip
wr3.topprofitsurvey.top/js/survey.11.5284bce7.js
172.67.75.71200 OK 59 kB URL HTTP/1.1 wr3.topprofitsurvey.top/js/survey.11.5284bce7.js
IP 172.67.75.71:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash be79121fb7e33791fc461b9daf1b26fb
e29766bd4c47efc588dc9fa0da09119a82450818
6a4ce2ceb86d49d7e19e39eee51b64ae813e358900121236978e6b520d4c817c
Analyzer Verdict Alert fortinet Phishing
GET /js/survey.11.5284bce7.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-33c62"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hi49QdeGL%2BY9h96qHgWxnjNNJIhA5wcSvJneBtfcof965hOzSD1lR5GYDO%2FElXAzjgv77s1aBkkN1omg7qGdV01%2B5sFLzmcQr2XEgFInQQqqyOn5CIPzcmqBJgOBpBuuIAo8n22XhEaM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f409df530b41-OSL
wr3.topprofitsurvey.top/js/v-react-dom.production.min.js.53755026.js
172.67.75.71200 OK 42 kB URL HTTP/1.1 wr3.topprofitsurvey.top/js/v-react-dom.production.min.js.53755026.js
IP 172.67.75.71:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 06ac6cd2d86e69a88d49460d1865ea53
ce38b81d30aabffff32ce853beabfdf7d7c08293
c97cbff684ff926fb8028fc58218478736b1e3d2b41dd2df53ba0ad516d159c6
Analyzer Verdict Alert fortinet Phishing
GET /js/v-react-dom.production.min.js.53755026.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-1f8c5"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SK8P%2FlZtVZL%2FEfKBhXA%2BAtt7sjwK8EZ%2FeM%2FC1RTkSxE%2FnjVFxEl0id5TWx3VUbI5%2FeWpw%2B818Z9UOTsJyyMWD2CfQccefVAzTYFlMglWC77PpbLEuQxFuhCuTUYewE%2FVJToxKPTB7Ysw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f409d9e1b4eb-OSL
wr3.topprofitsurvey.top/js/config/comments/en.json
172.67.75.71200 OK 1.1 kB URL HTTP/1.1 wr3.topprofitsurvey.top/js/config/comments/en.json
IP 172.67.75.71:0
File type JSON data\012- , Unicode text, UTF-8 text
Hash ca66825a28c0e3d045d0388da4057a95
14b15bafa2b6281a027a9ae1ecf308543e343f82
00e181ffd7efe3fdecdec6bbbba59f55122825ec2dd6d38c52d3caef0023ccc1
Analyzer Verdict Alert fortinet Phishing
GET /js/config/comments/en.json HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-11ad"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnB6kq9y1XkWN8z%2FxHHjpbtrk7Lego%2B3z8feYbJUyOctu%2Fx49KeL%2BElbEx5QtalNiFP15ds%2BiyC6WuCZxOsqQxQpKI6EeL21JCg72Nq4P0gk17khlug5WC4JTSEcYHmVFmglbxwOhe7T"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40aa8730b41-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff0076f6a3e06bd68745da6bc14eb3bb
7ca7ae7986041dd62858f40306a9fb389ccd1330
f3dd0098c27cc629a34a0f9c96eb0b8db9e63f4b85ef28526693f83532749304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3DD0098C27CC629A34A0F9C96EB0B8DB9E63F4B85EF28526693F83532749304"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10589
Expires: Mon, 12 Dec 2022 11:01:37 GMT
Date: Mon, 12 Dec 2022 08:05:08 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f34d5d5ef96bb69bcd8a13ea1ff45645
dde3db64eacaa03bfba2f4e59689a7d0c9f04602
f639a67a5e3072de1a52591ab6a32ce08418be093f73bbe1ae21a1dc4f643f78
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F639A67A5E3072DE1A52591AB6A32CE08418BE093F73BBE1AE21A1DC4F643F78"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2707
Expires: Mon, 12 Dec 2022 08:50:16 GMT
Date: Mon, 12 Dec 2022 08:05:09 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f34d5d5ef96bb69bcd8a13ea1ff45645
dde3db64eacaa03bfba2f4e59689a7d0c9f04602
f639a67a5e3072de1a52591ab6a32ce08418be093f73bbe1ae21a1dc4f643f78
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F639A67A5E3072DE1A52591AB6A32CE08418BE093F73BBE1AE21A1DC4F643F78"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2707
Expires: Mon, 12 Dec 2022 08:50:16 GMT
Date: Mon, 12 Dec 2022 08:05:09 GMT
Connection: keep-alive
wr3.topprofitsurvey.top/js/survey.11.5284bce7.js
172.67.75.71200 OK 14 kB URL HTTP/1.1 wr3.topprofitsurvey.top/js/survey.11.5284bce7.js
IP 172.67.75.71:0
Hash 500356bb9959c0bb7633168192d4f06c
3011a5792a40df68828c137556e46bca8785c44b
88b2d39794e1b6147c9e338db4c5b136c08ebf0045740b45ba3e57354016c4d9
Analyzer Verdict Alert fortinet Phishing
GET /js/survey.11.5284bce7.js HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-33c62"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hd%2BTRXzz3EL8M3izaUUS2ojykDZwAN2ODWncWkDOXR9Zr3atyp2tQaHi49ukKDMd6Dan%2FC7gb47xzCPNWWHEDNJ7VEp2TeBjjIdvOcCNtUearC9yzllv01Kec95zSRe0TCnGRBf0jG5U"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f4084c690b51-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 07:07:56 GMT
age: 3433
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
wr3.topprofitsurvey.top/js/config/dict/cookie-consent-1.json?v=10
172.67.75.71200 OK 2.6 kB URL HTTP/1.1 wr3.topprofitsurvey.top/js/config/dict/cookie-consent-1.json?v=10
IP 172.67.75.71:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text
Hash 1156fce689f6cef0f34789e42f3a3c6d
4ebbe04058f4453f2e8c7f8232bc7e1464992f37
bb827c893fe29e8cfaafbba15fe13ccd66edfcdd8058da6885d35c5df444d0ca
Analyzer Verdict Alert fortinet Phishing
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-1760"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkdaTFNfbs42cddGs0d9yPlktvP0ZeNeV1FDnRQ6LddAm3Hl4izcUTQfdIzdlCD8zrqq1RsWOcXht1oZUxwUo5OybpQROloYBVpnwjwp%2BMhOWLkWlCCj8K8oy8t%2FLAwtIvZCEZbuiUo7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40b991e0b41-OSL
wr3.topprofitsurvey.top/favicon.ico
172.67.75.71200 OK 675 B URL HTTP/1.1 wr3.topprofitsurvey.top/favicon.ico
IP 172.67.75.71:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 6da489b2d1de398bcec77654ff426e01
5f46afffd66e70c1f8ac305f523181b09898a1d4
a86d53391d64b65e1821cebe26d664f24f9151c6848b4d4d1910999af4e3f79b
GET /favicon.ico HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: W/"639339f9-47e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOLw3%2BTNNsUmhlHBRsWH7RAHMWcmcJqKmLg6xT5zutaQRgoX31tGEEhtFR%2FY7RoipYAESsquLpkGL0XADCPISm6q3IXDceWq%2FGU5L7a7KkbLTDYo91wrOVtULh5hpf%2Ba2Y%2BgzmS6iZs1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40be97b0b41-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e12bb655426d080117693ba116f398cf
8fe1f7f8d0b191baed2decba3523656da97077f5
2c25ba0d1c806de98d5489934acd8e2f17487e4f7e40c7f0d39094ce49f91b8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 746
Cache-Control: max-age=90853
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 08:05:09 GMT
Etag: "63959db0-1d7"
Expires: Tue, 13 Dec 2022 09:19:22 GMT
Last-Modified: Sun, 11 Dec 2022 09:06:56 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 7203189ff76d45be102ec3cbd92c1663
e5e0fb66c0c70973be776b6ecddfca2cf1319fc7
42e68cd99c796961eec2387177c5e3bcc1ebb72c62027dd42cf2ef42fdd029a0
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 16 Dec 2022 06:36:02 GMT
ETag: "e5e0fb66c0c70973be776b6ecddfca2cf1319fc7"
Last-Modified: Mon, 12 Dec 2022 06:36:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1413
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7784f40c9d0f0b69-OSL
wr3.topprofitsurvey.top/img/comments/person-2.png
104.26.14.216200 OK 6.4 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/person-2.png
IP 104.26.14.216:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 3e6eaea87b2891590972dd11373b09a3
f038c6e6306ca708defa2b601bf9477f0cf78a3d
15aadd2e7f4f83e79f35e760da382fb8b5045d2cf506f531bdc15b7b27f699a5
GET /img/comments/person-2.png HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/png
Content-Length: 6428
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: "639339f9-191c"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WE6sqlOjcm0ViyuQglJ5EaNJU29nfA%2F3N0YuqdmXp22AcBdCEytiGxFgPaOp6LrF0HMxx1Dv8N0CN1scSAB0MwgeF35Z4haIH1PCKmXkOJm8DUXd9rzXulUaItpoXvLjniNGHljECVBj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40ce969fab4-OSL
wr3.topprofitsurvey.top/img/comments/person-14.jpg
104.26.14.216200 OK 5.4 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/person-14.jpg
IP 104.26.14.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 6012ff0d59aa6a34aaca1ea8f2fa88fc
ef59662c9b666106486039e9f1deb40fb4a8ff77
2c020310e91430067c7128425f14ac0ff1710aea5e67c144a8fceac46311182d
GET /img/comments/person-14.jpg HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/jpeg
Content-Length: 5392
Connection: keep-alive
Cf-Bgj: h2pri
ETag: "639339f9-1510"
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yy0cuiEEXIE91h%2BBZcd%2Bw2q7lAkC9CBvMjFkpjABfJl%2BuB4Najbyo4UFEwkMOZkhyIwuDEdIlSEwGmFvR6uFL2c5v1slF2DTxR6zDeXVKnliXD3dF8oaTa6I4yDVDtYqqxhgAfPU5JSM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40cea7d0b39-OSL
wr3.topprofitsurvey.top/img/comments/person-4.jpeg
104.26.14.216200 OK 2.7 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/person-4.jpeg
IP 104.26.14.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 6cf64555e2de0ff8b5391081b648b89a
a32008bacf7f8cd3859eb86c6c8d36eeb15dbdf0
d4f513bf3a5691b900739cf79285d18ef09ef4b81eca648261b15a693d21818d
Analyzer Verdict Alert fortinet Phishing
GET /img/comments/person-4.jpeg HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/jpeg
Content-Length: 2709
Connection: keep-alive
Cf-Bgj: h2pri
ETag: "639339f9-a95"
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUFYFiOu1SrqLf43o8hKSjC0D7VEecjt8ZS60wPhTAAyjWeA6ZToEpL8RxLeLGK2PXvsdhhIVbR3QOsIAKjCTwKFRiwB1vyusVPaMphLMyNPmZKCUqFFW7uoI2VMKYpNC1gu9JEtOE%2B3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40cff8f0af6-OSL
wr3.topprofitsurvey.top/img/comments/unnamed.jpg
104.26.14.216200 OK 1.4 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/unnamed.jpg
IP 104.26.14.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 449aaf5a54e3fe3aa4f0f5875bede090
b2b897362626700277b7f8baca8b1f292d08b7e5
4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59
GET /img/comments/unnamed.jpg HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/jpeg
Content-Length: 1378
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: "639339f9-562"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cR6%2Bvuvkfqr1mCM3RSXKfa4aQn21FOiQOT6QEnymoTGSwDeahc0nulLgMeoMCnR4b%2FgwHmAgAmYpRyR2veZb1x1QF8NglzHBIn1pd0yoxsPRfx3sPkIcSsASFf8OolOzj4jVdwqhfds%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40ce9e8b512-OSL
wr3.topprofitsurvey.top/img/comments/person-1.png
104.26.14.216200 OK 6.6 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/person-1.png
IP 104.26.14.216:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 8f9a954bf05965bb41cf97a7ddb7a375
de9db936bbea75043e08a55d1f371678fca2270c
a787bd40650924a7bbc61d6ea0bbcaddae4b3129fd8028b68c3629210e41e26d
GET /img/comments/person-1.png HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/png
Content-Length: 6577
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: "639339f9-19b1"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udnuN54cqXMFikXQHWt065WYoAcyPVJMRVoX0GtjXZnbBFEIW%2FNjs7ycKkjQGPFDmVbm9NKecXoFySlHsEockEQEUfHDPLYMuRpxLkFgmyrT%2FVmBUkbvJGgy8wLOKwRvSf3U78CdfHBp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40ceee9b521-OSL
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (598)
Hash 1a5da2d1a98a493b4c8afe8b03c8c406
8a359aebaeb96faf18be6ab782a56db7d47de607
fe720067e49fb7bbc23b61b978352d26dee95d035f69bde667df72e1ecf7e346
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73711
date: Mon, 12 Dec 2022 08:05:09 GMT
access-control-allow-origin: *
etag: "6392ed22-11fef"
expires: Mon, 12 Dec 2022 09:05:09 GMT
last-modified: Fri, 09 Dec 2022 11:09:06 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
wr3.topprofitsurvey.top/img/comments/person-3.png
104.26.14.216200 OK 7.4 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/person-3.png
IP 104.26.14.216:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 2f62e53b6333bc904be22a37a1fd0ace
6e972fefcbe0193d9b28817c47c1ceab2a0235d1
9128194f1b1bf44435a3e80f994157b94a40a3365cd8f0794dcadb41a24c3b41
GET /img/comments/person-3.png HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/png
Content-Length: 7368
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: "639339f9-1cc8"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1D2C4zr7Wm9BQx7V9XF4ICiZaFaQd3N8sz%2BtIgot2y77Jp8lZwMh7WQsGQv0RxMF1thkUeXs3TwnCq4DCK7WemOKprzdvpFoeUCdRFx7de3aTI5GZeQpWUZq6DOoJ0exz7L7RjM%2F1fI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40d3fc60af6-OSL
wr3.topprofitsurvey.top/img/comments/person-8.jpg
104.26.14.216200 OK 5.7 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/person-8.jpg
IP 104.26.14.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash 6b10e71656e51e27520e854712b44f1c
f78b92dded977e9f275aba726453138155420bcf
64588485da7d470991fdba6c20a6d05c7ad39f92cca72769a95cbe3d873e8edc
GET /img/comments/person-8.jpg HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/jpeg
Content-Length: 5748
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: "639339f9-1674"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7j8IVKGS2CVkaCWRBiehvgYFbIGOsj%2Fofaq31FaLzxe%2BJPlaJ9fx5x1mCFpevpvmYj%2FLaBfc8iFPN2BS2DxhwlpNAaKwVuKE8SrsF68hiWTBLPsXuKqXgc%2FVCHTM5Si5AZgowDUUiou"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40cf8e60b45-OSL
wr3.topprofitsurvey.top/img/comments/person-5.jpg
104.26.14.216200 OK 4.3 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/person-5.jpg
IP 104.26.14.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 21fd6ef6d69b527c02e92a8c23d28d52
5980b75edc23f7fa2f57fa257cb67c9efb86fa58
f37490dbef620959d7124e3de027c5b5c43a57dc90737163947a6725444051eb
GET /img/comments/person-5.jpg HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/jpeg
Content-Length: 4333
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: "639339f9-10ed"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lS2%2FNrjcG8HmUrdlkruRPyfRETzNdee8vfhw77%2BymYcA9Mze0qSgoIFmiNxdhd2mnIfFkJ3qs6wgkvR9GR4j2ql5ULTfrBz%2Fw4R62iGF1wGj1Ba5Ysu209gl6gFPa%2FmthhE3IYuSkjdk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40d29aafab4-OSL
wr3.topprofitsurvey.top/img/comments/person-10.jpg
104.26.14.216200 OK 6.2 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/person-10.jpg
IP 104.26.14.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash 044ab37551bfe632f53b8f15d991f36e
77fdc6210608e5e36e1d36ac7fd867104cb20d9e
36adcb32026c016feaff678063911fcc9e7985e9f0c56bb1daa776f98964ef91
GET /img/comments/person-10.jpg HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/jpeg
Content-Length: 6178
Connection: keep-alive
Cf-Bgj: h2pri
ETag: "639339f9-1822"
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsl8wzDpo7iP9gIMNNk311dXAFmPCdFuNzhZXXS4hRnlLagFRQzCiFzRchs1UotPg7Lwt%2ByLiROIRgzu%2FvpkbTuKedMnZhssdZgC2RlpmsIesQj4tvEYygP4vagf1kQXdnAEiKuOa2w9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40d6fec0af6-OSL
wr3.topprofitsurvey.top/img/comments/person-6.jpg
104.26.14.216200 OK 4.4 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/person-6.jpg
IP 104.26.14.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash be9ff88491a5bc0745579a3813eb2cbe
870f88a7fae9fdd928af33f47c5ffdddc6a4082b
698d413ddf6b2ec37acf0e982237d239bd912cb097e243cb355855ac2b8548d3
GET /img/comments/person-6.jpg HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/jpeg
Content-Length: 4392
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: "639339f9-1128"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuZ9FLnAAV5TPomNKPi7hCJjazmR0SqVWVqkFVNgIerMMLQyxBdsUWHR7QdddkWlLf8%2BFz57vc5catIfwYsmCf%2FIvYveR7gSw652UNCGL3osCh9Os2kbf54utMgWVLKj6ucclXPRnzyv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40d3ac00b39-OSL
wr3.topprofitsurvey.top/img/comments/person-11.jpeg
104.26.14.216200 OK 4.2 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/person-11.jpeg
IP 104.26.14.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 3924bdc784dc4947f52b779aa4d5a0aa
1e3f3fdd99490addd60014aa7327fe27c6bd5589
b3f882f57f9a213d85eb1c5c6a8a1451bd16dfcd9e4bd00e0a74584422dbd950
Analyzer Verdict Alert fortinet Phishing
GET /img/comments/person-11.jpeg HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/jpeg
Content-Length: 4175
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: "639339f9-104f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HI6X7qj%2BTm6cF7%2B0Z7rTHb%2B4BZk%2FXxhKxgpqp3wSxsT8Rxpjhkpb9LwiKOkz5J5rBy7k1EYVxKNUUU%2F95Z9wPEdYn6HApoZQyQgYLNALHNTPwWk42%2BQWuCkNkhK20vD4Q%2BweF9eObbf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40d6f62b521-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 849e7d14c79720f2ab4168c416effd9c
764bcd5ba64a4fd23bfef15e4401bb741e0e515f
a219f07e6ab39a84155b8956d651925de6ec8328acedb5e636c94bff6f6efc85
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:33:26 GMT
Expires: Fri, 16 Dec 2022 13:33:25 GMT
Etag: "764bcd5ba64a4fd23bfef15e4401bb741e0e515f"
Cache-Control: max-age=364695,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7784f40d9a56b4ff-OSL
wr3.topprofitsurvey.top/img/comments/person-13.jpg
104.26.14.216200 OK 3.2 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/person-13.jpg
IP 104.26.14.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash a3364ed9e772ae6f696b814072001bf8
b8f34c657c31bf1e4d42b5d864b2519493d80e92
88f30b8552d0ab928d895390b337a0049405f3b1e8446631e606ba787e1205e1
GET /img/comments/person-13.jpg HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/jpeg
Content-Length: 3172
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: "639339f9-c64"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTob8x8TDOFX3rrjKyzO5%2BiO6%2F0N1HulUP0kilFWiL5M0UuyESNJYqW1Ai6UAFPtD2mMkW8ErWKvVgANLPTHzzFwkeHS2cra48w%2Bqi2JMGNBYL9rHy2zoDxE4mXsT%2Fpz7vUo2pmXqAEO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40d9a9ab512-OSL
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 902
Origin: http://wr3.topprofitsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://wr3.topprofitsurvey.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
wr3.topprofitsurvey.top/img/comments/person-12.jpeg
104.26.14.216200 OK 3.5 kB URL HTTP/1.1 wr3.topprofitsurvey.top/img/comments/person-12.jpeg
IP 104.26.14.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash c937339f4ba54ff7dc150b9865c29084
44206828ca23cbed303193bde1dfe47bdc532972
8e872daac17de58d352c9f4082e6e35af76a8b2138c142a8cf0fbacea195c73e
Analyzer Verdict Alert fortinet Phishing
GET /img/comments/person-12.jpeg HTTP/1.1
Host: wr3.topprofitsurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ym_uid=1670832294781548895; _ym_d=1670832294; _ym_isad=2; _ym_visorc=b
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 08:05:09 GMT
Content-Type: image/jpeg
Content-Length: 3519
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 13:36:57 GMT
Vary: Accept-Encoding
ETag: "639339f9-dbf"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKzf4o5eaSFnbSpVyYtjjn0lH4cd1GDPxlusW7spYomF4N3nsv6kAoK6ffaVaNKM4c1NdjxV9PM6v9S5DGO7d%2B24rGWbddN8we81INlX9xjTxe3Vw9Kc6obfpUgcYDUSi7%2FeR3WcEqQU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7784f40d99880b45-OSL
push.services.mozilla.com/
34.210.158.59101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kK9GA18g9IFfmk3FxviY2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZohQ803JFZhvzGEX7F1R4sXg8fI=
mc.yandex.ru/watch/66423859?wmode=7&page-url=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A162%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A1041667327%3Arqn%3A1%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C48%2C1%2C%2C0%2C%2C106%2C2%2C%2C%2C%2C291%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/66423859?wmode=7&page-url=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A162%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A1041667327%3Arqn%3A1%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C48%2C1%2C%2C0%2C%2C106%2C2%2C%2C%2C%2C291%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 3c1298ba8dc13d0af7930e8d33880c9b
54006975878264103919638785b9aa7b24898d70
e031f30ae50e672b58738ac53366b3e9a81aaa0cdc894b0cf99641a4401c86ef
GET /watch/66423859?wmode=7&page-url=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A162%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A1041667327%3Arqn%3A1%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C48%2C1%2C%2C0%2C%2C106%2C2%2C%2C%2C%2C291%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wr3.topprofitsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A162%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A1041667327%3Arqn%3A1%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C48%2C1%2C%2C0%2C%2C106%2C2%2C%2C%2C%2C291%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 12 Dec 2022 08:05:09 GMT
access-control-allow-origin: http://wr3.topprofitsurvey.top
set-cookie: yabs-sid=2224433441670832309; Path=/; SameSite=None; Secure
i=9qYtHZMB3LncI98cF5QQdrO2SWkM6krfBAI5at+a89/bLluQa5zEfZsGyPyZ6ikCP8M/Sn9tnL0t4jDBz1X3AYarWkU=; Expires=Thu, 09-Dec-2032 08:05:07 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1227150131670832309; Expires=Tue, 12-Dec-2023 08:05:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1227150131670832309; Expires=Tue, 12-Dec-2023 08:05:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702368309.yc.1670832309#1702368309.yrts.1670832309#1702368309.yrtsi.1670832309; Expires=Tue, 12-Dec-2023 08:05:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 08:05:09 GMT
last-modified: Mon, 12-Dec-2022 08:05:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonAdexCall&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A923970263%3Arqn%3A3%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonAdexCall&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A923970263%3Arqn%3A3%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonAdexCall&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A923970263%3Arqn%3A3%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: http://wr3.topprofitsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 12 Dec 2022 08:05:09 GMT
access-control-allow-origin: http://wr3.topprofitsurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 08:05:09 GMT
last-modified: Mon, 12-Dec-2022 08:05:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonSurveyStart&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A902776771%3Arqn%3A2%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C940%2C940%2C0%2C%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonSurveyStart&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A902776771%3Arqn%3A2%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C940%2C940%2C0%2C%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonSurveyStart&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A902776771%3Arqn%3A2%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C940%2C940%2C0%2C%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 44
Origin: http://wr3.topprofitsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 12 Dec 2022 08:05:09 GMT
access-control-allow-origin: http://wr3.topprofitsurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 08:05:09 GMT
last-modified: Mon, 12-Dec-2022 08:05:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonStepChange&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A647931042%3Arqn%3A5%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonStepChange&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A647931042%3Arqn%3A5%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonStepChange&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A647931042%3Arqn%3A5%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: http://wr3.topprofitsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 12 Dec 2022 08:05:09 GMT
access-control-allow-origin: http://wr3.topprofitsurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 08:05:09 GMT
last-modified: Mon, 12-Dec-2022 08:05:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonUnique&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A398590407%3Arqn%3A4%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonUnique&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A398590407%3Arqn%3A4%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonUnique&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A398590407%3Arqn%3A4%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: http://wr3.topprofitsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 12 Dec 2022 08:05:09 GMT
access-control-allow-origin: http://wr3.topprofitsurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 08:05:09 GMT
last-modified: Mon, 12-Dec-2022 08:05:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonAdexLoad&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A243014902%3Arqn%3A6%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonAdexLoad&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A243014902%3Arqn%3A6%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonAdexLoad&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A243014902%3Arqn%3A6%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: http://wr3.topprofitsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 12 Dec 2022 08:05:09 GMT
access-control-allow-origin: http://wr3.topprofitsurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 08:05:09 GMT
last-modified: Mon, 12-Dec-2022 08:05:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonTrafficQualityCheck&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A697652533%3Arqn%3A7%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonTrafficQualityCheck&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A697652533%3Arqn%3A7%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fwr3.topprofitsurvey.top%2FonTrafficQualityCheck&page-ref=http%3A%2F%2Fwr3.topprofitsurvey.top%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670832309_5bae6647f5a1ff4e1fea5f44226570ec0e88f362542600137ddc3f8a3add537d&browser-info=ar%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A942%3Acn%3A1%3Adp%3A0%3Als%3A207236804938%3Ahid%3A723978013%3Az%3A0%3Ai%3A20221212080507%3Aet%3A1670832308%3Ac%3A1%3Arn%3A697652533%3Arqn%3A7%3Au%3A1670832294781548895%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670832306868%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670832308%3At%3AWould%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&t=gdpr(14)mc(g-6)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: http://wr3.topprofitsurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 12 Dec 2022 08:05:09 GMT
access-control-allow-origin: http://wr3.topprofitsurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 08:05:09 GMT
last-modified: Mon, 12-Dec-2022 08:05:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16297
Expires: Mon, 12 Dec 2022 12:36:47 GMT
Date: Mon, 12 Dec 2022 08:05:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16297
Expires: Mon, 12 Dec 2022 12:36:47 GMT
Date: Mon, 12 Dec 2022 08:05:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16297
Expires: Mon, 12 Dec 2022 12:36:47 GMT
Date: Mon, 12 Dec 2022 08:05:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16297
Expires: Mon, 12 Dec 2022 12:36:47 GMT
Date: Mon, 12 Dec 2022 08:05:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38876d760ef06c8471468c474c1e28a7
d43cd03d5eb3e7618b6fb70c935010c2ac92ad32
a0747f29eb6084eef42d3c247594973b02c619c7ec56b6137e24b6d0362557a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4720
x-amzn-requestid: dd990fe1-8447-403e-b276-40889af5baa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENuF6SoAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d8a-59b5a8f92ef6111e64e16079;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SBYH2ZqOyZx6tB8u3g3dkimaCUGSWAMQhULpYs4gWrmZ6i3_1Br_zQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:57:39 GMT
etag: "d43cd03d5eb3e7618b6fb70c935010c2ac92ad32"
content-type: image/jpeg
age: 36451
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88407255-b58e-4d61-b541-1988ad75d924.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88407255-b58e-4d61-b541-1988ad75d924.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e59be0fbcd4346b5443bbdcef48ec35
c05a1da112086b95fdbf9e6708e3b18c31e86571
1ca6f638b2eb25ae571b7e90bb2608a9f58ff9bf19ef5b1a63d2139b58d4874e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88407255-b58e-4d61-b541-1988ad75d924.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5984
x-amzn-requestid: ed8f43e9-be23-4523-8b59-dd466ab09daa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENsHo5oAMFtLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d8a-7aaa2ff15d6a0e302b2872ed;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f6bt_c-6ENkvtjFeL8Qe1D5l8VrL1bC3vIk0TXSsAuVZGSa74SQwCA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 22:21:33 GMT
age: 35017
etag: "c05a1da112086b95fdbf9e6708e3b18c31e86571"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75dd1ecae61b991cd21929deb9244aac
4f14c9f7b36dfa356877251f1e6a0f5936286c4b
3435eda8961bb9954fcf5fd7c957ce58fd7aa4bb9e00525b8f42756adcf341e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6438
x-amzn-requestid: 517b1627-9789-48e8-b5df-106fee878820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENaGN6IAMFoUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d88-28cbd126745e8ab15d937936;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: amWbF9zOStURk7mvKoCOs0babDMecP7hOWzf4Hrn8RGThFiqv-_elg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:59:55 GMT
age: 36315
etag: "4f14c9f7b36dfa356877251f1e6a0f5936286c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2020df3404a4b7c3e142af4a1330b848
2fe69b52fe03128e86550bf08474ecac82682384
37a52c158d5cfdf3589e19163cf446c02ce1466f444656080b02da82d2bcefae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 46ccaee0-bde8-4be6-9dc8-46e3ae356dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUYH10oAMF8Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc1b-2440251f06cb950a57489555;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bgmOsF49y9d_oDWjQxm7toxsydgt9HBKZunUbe-BZfSmdfJ7q0Jo3A==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:52:33 GMT
age: 36757
etag: "2fe69b52fe03128e86550bf08474ecac82682384"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A--8wjYJWCj_JD6eaj3FoD0dLarj6gvH2uQrmsEDLgPwZdQgtUmaoA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:57:39 GMT
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
age: 36451
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f8d3e3c9e5d2ed74c3894b4825fcc2f
6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da
9e44f93e65206ae7095cf9177296f4f528f1c2597cffa4853b7d6dcabf032796
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5619
x-amzn-requestid: df7189d2-5cad-43a2-9511-20c5de53f710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEMPFCSIAMF4uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d81-729683c606fd6abc5bc70534;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kbfjvh64NjCUE-e-3z7W58vyJMisRwERUV_W99jn3vrErY4bF1SFsg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:58:39 GMT
etag: "6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da"
content-type: image/jpeg
age: 36391
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2