| manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2o0nu99840c37 | 172.67.192.143 | 301 Moved Permanently | 0 B |
URL HTTP/1.1manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2o0nu99840c37 IP172.67.192.143:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.top domain |
GET /sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2o0nu99840c37 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 05:09:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 Feb 2023 06:09:30 GMT
Location: https://manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2o0nu99840c37
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf4iwrOoycJBuaT%2FG3zuuLKZmirvqAxbXkPzglxtMI5sRXmo3GjDFtjmlEeO%2FNQ2fMryTpeYUkL1nOz%2FvNRH67uQusTr%2FC1qY0akIyHKq%2BSaW66Rbu2CWQ%2Fqz8AdjQGLTB3ofmE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7938a7a2da280b61-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd4e95d0d8982bcd07804baf6fc88231c 5027abda0875bd2529dd4d6691784c74da71a9ee 373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10224
Expires: Fri, 03 Feb 2023 07:59:54 GMT
Date: Fri, 03 Feb 2023 05:09:30 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashec47f9eed203ae063b9c210009de54a9 19ff156471b9cffbc2432c5b65543bdd18e36271 3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3618
Expires: Fri, 03 Feb 2023 06:09:48 GMT
Date: Fri, 03 Feb 2023 05:09:30 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 04:43:34 GMT
content-type: application/json
age: 1556
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7d2222d41721947297aaeb5a6e3d0714 04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065 de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6665
Expires: Fri, 03 Feb 2023 07:00:35 GMT
Date: Fri, 03 Feb 2023 05:09:30 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zZ7OM4q0/zLrGT5dUadV20jiUNxa9Az15ZdeeK19vYGO4EuwJl0fqyycbPtiUZyHHBIVdozlC6g=
x-amz-request-id: JAGAM2K94FXZR2DC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 04:23:24 GMT
age: 2766
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:09:31 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 05:07:19 GMT
age: 132
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8913af0be619500295008bb91f506660 a7b8068ba9aa506205a295b24458c2616997a0d1 6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4271
Expires: Fri, 03 Feb 2023 06:20:42 GMT
Date: Fri, 03 Feb 2023 05:09:31 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 52.88.101.41 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.88.101.41:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AvtNwRiyc1pArapLoUFeDQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gr1w3QSy7WFN1VMlZxVFb8lclG4=
|
|
| manylucksurvey.top/js/v-react-dom.production.min.js.46734935.js | 104.21.44.8 | 200 OK | 44 kB |
URL HTTP/2manylucksurvey.top/js/v-react-dom.production.min.js.46734935.js IP104.21.44.8:0
File typeASCII text, with very long lines (65536), with no line terminators Hash766e19f5f2a9b8c0cc2e78f2d2172a5e c2d8b23550ecdbf07a29cdfe3dc5d2404a43c2cf df9fae597b754c815040263ab26378e45ff2d06728f7d3ebbb3ab11b14abc1ec
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-react-dom.production.min.js.46734935.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:38 GMT
vary: Accept-Encoding
etag: W/"63db9e2a-1f8c5"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5R%2BVi%2FizqVlF8pHWrZ1JbTm7JpYSUPctSMTw%2Bwbs23kzUoZeXE%2B%2Bce9l%2FYdN42GfPieGKPN8ShS1ECNoaBp2xDdCywlmpLRDybEpUqQGLMK7IstOmBLfr7PqxpjzYPbKDMGCPus%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ac09f11bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/css/sweeps-survey.2de100f7.css | 104.21.44.8 | 200 OK | 33 kB |
URL HTTP/2manylucksurvey.top/css/sweeps-survey.2de100f7.css IP104.21.44.8:0
File typeASCII text, with very long lines (49143) Hash94d73552ba148e97d03844b99d7f4e12 04b3349ad70954d6eeeb0331ed464c825e87240a a7ee4488a323fd0bf58f827e6f1f2050e00f7b116eccd07e92d51bee5b972465
GET /css/sweeps-survey.2de100f7.css HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: text/css
last-modified: Thu, 02 Feb 2023 11:27:38 GMT
vary: Accept-Encoding
etag: W/"63db9e2a-1420c"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfN8xK50nyUDS0VxSTpmLAWHvmh%2Fxh%2BENjIeoeGwJQvh2tlakfPguWHqVS%2FX6%2BOCkXh7drKSzwqTPhGN0%2BlkkF5xDeTAVVAOahNroUTI6oryv9708R635XZS9rwyCYHYxDudsBA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ac19f51bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js | 139.45.195.8 | 200 OK | 65 B |
IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash3f3baeb6efc53540709c3d811ecf1fb3 7b6d44f9cb028d2a4664b49fa50d1889be7a679b dd84513037ba22487d2fb5fda1ee0a097beaa9e525af75af6d0b1b47b2c49b5a
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=da8ee845258546398a0dd0e87ec38697; expires=Sat, 03 Feb 2024 05:09:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash72bc8b38a880b438d2656dc27abe8cd1 e36cbd4c44cc878a4906086934335ef3e905abd6 3da0923a37f30b1822b9f756cc91aa55152f71e76fe488ec38fd94ef712f5575
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3980
Cache-Control: max-age=135612
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 05:09:32 GMT
Etag: "63dbf63c-117"
Expires: Sat, 04 Feb 2023 18:49:44 GMT
Last-Modified: Thu, 02 Feb 2023 17:43:24 GMT
Server: ECS (amb/6B95)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash72bc8b38a880b438d2656dc27abe8cd1 e36cbd4c44cc878a4906086934335ef3e905abd6 3da0923a37f30b1822b9f756cc91aa55152f71e76fe488ec38fd94ef712f5575
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3980
Cache-Control: max-age=135612
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 05:09:32 GMT
Etag: "63dbf63c-117"
Expires: Sat, 04 Feb 2023 18:49:44 GMT
Last-Modified: Thu, 02 Feb 2023 17:43:24 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashbbb33e035383353dd2bbedb52ab2776a 1db70a4c665c3a38a87e78f800b911713dd0dcde 3a0f4f9d8357fdadebf24872ae5733c0f1bb17f8b0c5498bb088045d70a3f6b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A0F4F9D8357FDADEBF24872AE5733C0F1BB17F8B0C5498BB088045D70A3F6B3"
Last-Modified: Wed, 01 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4078
Expires: Fri, 03 Feb 2023 06:17:30 GMT
Date: Fri, 03 Feb 2023 05:09:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6487e0d9e65f329fba8e8d2aaa1cd30c ccf347554ca041f476f82f002a1d2a391bc34c08 bd50e2aa1839f34221931c32d0c2b5264c40c946b11c44ef334a226a8efe9fd3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD50E2AA1839F34221931C32D0C2B5264C40C946B11C44EF334A226A8EFE9FD3"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=615
Expires: Fri, 03 Feb 2023 05:19:47 GMT
Date: Fri, 03 Feb 2023 05:09:32 GMT
Connection: keep-alive
|
|
| itcleffaom.com/track?offer_id=2755&z=4526262&request_var=1&variable2=2o0nu99840c37 | 139.45.197.237 | 200 OK | 148 B |
URL HTTP/2itcleffaom.com/track?offer_id=2755&z=4526262&request_var=1&variable2=2o0nu99840c37 IP139.45.197.237:0
File typeJSON data\012- , ASCII text, with no line terminators Hash673cfa6261713c037f5e6d0d8cebc7e5 3fa4ef98e3409901f9d51f1bd651a130506aed6b 546d54b13b6ae34900ec662401d1df42e740d9bc40c24cca29863414f9affe39
GET /track?offer_id=2755&z=4526262&request_var=1&variable2=2o0nu99840c37 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/json
content-length: 148
x-trace-id: f1534418655490d5409dfa2c80233721
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| laugoust.com/zone?&pub=0&zone_id=4843177&is_mobile=false&domain=manylucksurvey.top&var=4526262&ymid=1&var_3=null&dsig=&action=prerequest | 139.45.197.250 | 200 OK | 0 B |
URL HTTP/2laugoust.com/zone?&pub=0&zone_id=4843177&is_mobile=false&domain=manylucksurvey.top&var=4526262&ymid=1&var_3=null&dsig=&action=prerequest IP139.45.197.250:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /zone?&pub=0&zone_id=4843177&is_mobile=false&domain=manylucksurvey.top&var=4526262&ymid=1&var_3=null&dsig=&action=prerequest HTTP/1.1
Host: laugoust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:09:32 GMT
content-length: 0
x-trace-id: f477b7b174dc2c9129124be5d7c2b09c
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/_core-survey.71983b0a.js | 104.21.44.8 | 200 OK | 61 kB |
URL HTTP/2manylucksurvey.top/js/_core-survey.71983b0a.js IP104.21.44.8:0
File typeASCII text, with very long lines (65536), with no line terminators Hash8c98b1e0e9e4c90fe97b43ae02cbc2e3 4fd2d992428ce9fb6b4de3e2df8ca015a4c2b978 1c0c359b8ec58e35f397973bd69bd0b3adce51153307071cbbd1288246434a7d
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/_core-survey.71983b0a.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"63db9e29-2e109"
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KC%2B2ItmrtA3BG5BBrmbGSRwkuoDvDpr9zHL9TKpTy0HPqvPFBgjgj7O6W5lNbK6txg0MAkM3C8QUsG9ZQDgqD%2Fth%2BYDQgjtMWgI5IeIVq6II40VAucdlt29XTA%2FEyTZDq3W05W4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7adba581bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-2.jpg | 104.21.44.8 | 200 OK | 1.0 kB |
URL HTTP/2manylucksurvey.top/img/comments/person-sweep-2.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashe489d022a40ba80f51fb5acc1addea46 41c334f49c248783037ceaf6fc335acff62f760c c39b4bfbcc6aa147547ca922c4f80350b48dbfa59cbd5176f44373e3b20f3567
GET /img/comments/person-sweep-2.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 1042
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-412"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCbtrK3QAuewW%2FY%2FDw1YbvUSgv8Vu3s%2FNWR0ZqsrnnfzW5IBZiZvvJgOrudNoqCZtQWSV2htWDkfGYrknQvhO9ZXawTwqFRzAHmCQg9O9rQw9om9yrtZP%2Fr9Ua313b%2FTSSS5Lks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b00b2b1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-4.jpg | 104.21.44.8 | 200 OK | 3.7 kB |
URL HTTP/2manylucksurvey.top/img/comments/person-sweep-4.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x50, components 3\012- data Hash02eebe83bc6786ef27b852477d4c4998 205314ba911137b6f6be4eefd946a2c62229e591 a0038f9d5f6fe1ce8fe1bf1cc7256f05e16c11d27041739c55918b823744753c
GET /img/comments/person-sweep-4.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 3694
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-e6e"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpcjn%2FSTQHUEqq8AhlatpQjcMsPGy5LpufEDGsUBdunCTFRWOPpwpYPt79gwiuN4HoSkgvcDR2sl8gAyELEQtvq%2Ft2NRVd3uX60ErzHb9t5tLBTzbbz0gHFFY2AtuUiH%2FlHyyA4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b00b2d1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-3.jpg | 104.21.44.8 | 200 OK | 1.1 kB |
URL HTTP/2manylucksurvey.top/img/comments/person-sweep-3.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash72ab252d8ff828965ad984b8ab16991f e45ea3665e80feb2e6309b04e1ec2e8d41bb279b c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291
GET /img/comments/person-sweep-3.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 1063
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-427"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3hXknPqjqO3INiuN6DafXNVOZ0Aep7tEPlgfnMUzC7YmKolzetc4AXakBX4iNFbLyz54Nxirvm%2FDDG5zDtzZVANTk3wXtmNHEP1e1f%2FJKZwf%2Fs%2B9wj4DPlehnOGdBNjMc6MCME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b00b2c1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-15.jpg | 104.21.44.8 | 200 OK | 1.1 kB |
URL HTTP/2manylucksurvey.top/img/comments/person-sweep-15.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashca57a3f68e171ebeb7798679d5fb79ca 688e6a4ffeeae81c9e970e03081de1fe26afac9a f739552ded4074fa25475c5a5ed9c49dc0a769e791e9916b5d8bcbc044f8818a
GET /img/comments/person-sweep-15.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 1067
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-42b"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCYltyhrRH7uo7djfJl6sFy75bEIGzhI1qLlLOP4K34xa9CX%2F%2FS23O1ZFy3ehHA6rvhxGtjOupFJWxPt1U6t%2BJDvUNzHf5WSop2LXlH3txqVMMmMkDDMUN5WHCkBttkb6yfJPqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b01b391bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-12.jpg | 104.21.44.8 | 200 OK | 11 kB |
URL HTTP/2manylucksurvey.top/img/comments/person-sweep-12.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:34:12], baseline, precision 8, 50x50, components 3\012- data Hash85b4e587433a60e7d3e98b1ef93a71f8 c4c8600ce8a5be2640aacbac866bf8b1f8192f26 65e9048c6b09381baa8056de19ad758b2a302dbbc3fb1cdb509e414ed73c69b8
GET /img/comments/person-sweep-12.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 11188
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-2bb4"
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGubTD%2F8VtDPr59RFqJ7SEKmjwDWWowjDxtzO9t8AeRfAsbZ4CYpYbft4UycmSwGxKJ5g7aNSwLoQzVreEqR2T5Pe7056X90h%2FQMVL%2BozUQR7ySi%2BfxndBAJEIp9OH87%2FVyiwiA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b00b361bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-10.jpg | 104.21.44.8 | 200 OK | 11 kB |
URL HTTP/2manylucksurvey.top/img/comments/person-sweep-10.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:33:44], baseline, precision 8, 50x50, components 3\012- data Hash2f7d5d907d9e6d0250afbdbeb7f3cb0c 136703751a36b76b1fe599930ec855f90fde9f23 271e2dabe37ae76b27d28edfeaf49c9a4135f62dd24a3c0ff3387ea9354841f1
GET /img/comments/person-sweep-10.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 10828
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-2a4c"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJAuvwa9a8oZsgqHAZW6%2BsWNy6aAJjXbXQbJQ55CT1DE5P2pkW%2BKS55iIimWGIPffxJJ90BeuOUnFb44x5GtYKLkhcvwJuLizYxBRlX2OzPZwm6xYBZxhU%2F8cIJm%2FTzBjbxAusc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b00b341bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-16.jpg | 104.21.44.8 | 200 OK | 1.2 kB |
URL HTTP/2manylucksurvey.top/img/comments/person-sweep-16.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash9574e9e3f629fc4cc0f470f678a232ca 89412a05077b4eaa423f7790bd5fb4ee3efc84eb 15f660e8aec56d65e9da4efcd552984e5a623c25b8484c3efbdfa7567bdab17d
GET /img/comments/person-sweep-16.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 1208
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-4b8"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tB76yU22n1lgTmu9w6FJ%2FwQz8anhFYLjtm17qMaO%2FXh6d11cnlTBew4mt4mDoPU1ZGu%2B%2FtSNzjoevFLOMgq4174KmZr%2BwJBFu%2FtvGHbCVgI83iO5mx%2Bx4Q%2FbgrhWiApk6ReytO0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b01b3a1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdntechone.com/stattag.js | 188.114.97.1 | 200 OK | 8.2 kB |
URL HTTP/2cdntechone.com/stattag.js IP188.114.97.1:0
File typeASCII text, with very long lines (17952), with no line terminators Hash068f4626b979f20d4a5e3e01f57690f4 7fef70c5fcea45d26907ec84837b356ab75aceb0 a61fc2d56dd52bbcd23c4a91b3bc0b013026b115fa08d50c699923ffef6bb3d0
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 18:54:26 GMT
etag: W/"63dc06e2-4620"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 606
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7weFaBLmS51MahyTiB48%2BGd3XI1dYgmV21bvTVjJmfA%2FKW86e399aC3n7l0fewzIDvwC111WDatXK7Xuc%2BI4ItOq2JvGp8PruEpFsAKLrHVLxKhypaz7hB%2FuVtOYOfwAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938a7aefc46b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/unnamed.jpg | 104.21.44.8 | 200 OK | 1.4 kB |
URL HTTP/2manylucksurvey.top/img/comments/unnamed.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data Hash449aaf5a54e3fe3aa4f0f5875bede090 b2b897362626700277b7f8baca8b1f292d08b7e5 4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59
GET /img/comments/unnamed.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 1378
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-562"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbyNb11paGXInR4WbY%2Fi%2BNRETMzM22%2FVZOnPvDj%2FUPWxXMSa%2BY5lSe%2BusSvxsGfmUBDl%2BIqyW4NgkTwQKMXAG73SJL3G4ZV11v3wCDVFWC%2BUOWUhUvlV%2BF4FzEXdi%2FikmQcH%2Bwg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b00b281bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-1.jpg | 104.21.44.8 | 200 OK | 3.9 kB |
URL HTTP/2manylucksurvey.top/img/comments/person-sweep-1.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2017:06:15 10:57:43], baseline, precision 8, 50x52, components 3\012- data Hash72c067fe856886245e7c47c7ff84e041 5210cb05f897db334c61f8971ccec9a7396ea8a7 9a106ad9f340c7bafdd365ea1ad24b9336c304b1e72653eb58e84b5604471030
GET /img/comments/person-sweep-1.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 3900
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-f3c"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttThVZLEDg3xT5W6bDQ1etGe5G9APfd%2BnBL4xT3Sh1vaVxaJEppodFNA8Z9mKhHAA4g5hoGmJymqnteV5Q0iS1tW7YMcw7ZxRHA9L8NnwAOwrp6bZgc2rt5vb7qmqJXDbIqZX2w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b00b291bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/pfe/current/micro.tag.min.js?z=4843177&sw=/sw/sw4843177.js&var=4526262&var_3=null&ymid=1&cdn=1&domain=laugoust.com | 104.21.44.8 | 200 OK | 16 kB |
URL HTTP/2manylucksurvey.top/pfe/current/micro.tag.min.js?z=4843177&sw=/sw/sw4843177.js&var=4526262&var_3=null&ymid=1&cdn=1&domain=laugoust.com IP104.21.44.8:0
File typeC source, ASCII text, with very long lines (41467), with no line terminators Hash8e852587bd19088c387f45c1b897e323 417b1561ff25d9e1759120c3984d7d3d7796ad23 fc43ddcd58a1db999c7e6977f5a8c52a591c8c7bbe290fadea54f823509ac3ba
GET /pfe/current/micro.tag.min.js?z=4843177&sw=/sw/sw4843177.js&var=4526262&var_3=null&ymid=1&cdn=1&domain=laugoust.com HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: W/"63db9e29-a1fb"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9M5wRgEqtBv0VNoZipebUbt579B6mhlmPKqKCc3n9V2krqD3nwF0NZo3rqcVh%2FRCdQq0JEC7ayGtob3QL30F6JaCmwKFGjryEibWdOYQ2N9c5JkV5FjTlGkb3tg7%2FocNgpbhPk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ae2a711bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-8.jpg | 104.21.44.8 | 200 OK | 1.2 kB |
URL HTTP/2manylucksurvey.top/img/comments/person-sweep-8.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashf60b9c2d018d7a29d014742ae8e36839 1b59e7eec38eb9f620256742f83ae7938ac0bb07 ed7ea3a5c85d0ba010c783b9599441ba28fb4333cf1ef534f6ec07b5d81e7fd8
GET /img/comments/person-sweep-8.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 1182
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-49e"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtTuyqOqXWoL3P2JiBMaN02vnS7oEsbYH8pwgy0L%2FcIOgWIr3KzFdL2qsYXWlKx5ollrNrtFdPlHrY3OQ9ne3Mfts7boRkrm51qHiHwfEcr4C8VmtTZtBQ6xi43u4lSMHvyHU4A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b00b321bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-9.jpg | 104.21.44.8 | 200 OK | 12 kB |
URL HTTP/2manylucksurvey.top/img/comments/person-sweep-9.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:32:23], baseline, precision 8, 50x50, components 3\012- data Hashf950070b2582c8f9202b5d084e91905f 7154a29bb2ecd778435943cf02c88fb9b0a86183 ccfcb58ee86d9df13807286e232dd153f04c84527fd80d5efc2212157cb6386e
GET /img/comments/person-sweep-9.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 11871
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-2e5f"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WWVAyyRk8vwNzqXjY24SfbhWKS7A1S85vIR9Rwt2M20h%2F2DTEEiurp0hB0sJqew1c3Kz2HsXB7cxF%2FgPuqgX7TyfE84my71ZBqr5sHU6v3Rspp1RWCQnDi6zlNZB%2BRDUsotazw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b00b331bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-6.jpg | 104.21.44.8 | 200 OK | 10 kB |
URL HTTP/2manylucksurvey.top/img/comments/person-sweep-6.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:07:21 09:31:13], baseline, precision 8, 50x50, components 3\012- data Hasheecc2c7e1efc1d69f01f47b677666cf2 c4e909b86e22612ca4c5e599c7fc7204573b1baa 92aaaee44b9c6f7f69cd778106927274a9c6f0fec665555be6b020d220207fb6
GET /img/comments/person-sweep-6.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 10400
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-28a0"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BQ2p%2B%2FYC%2BQK4eq7lKqEvzaceEhDUB7Oi2uzaYWl0nWuO%2BrXA%2Fdt5%2FjGbuYi%2FvZPiv9l3OAeFaiW2VaaR9GgYCkQxtMon%2FEWgj03cbFHdL9MfRhz%2FXHUzCuHOCyfEkme2yGc%2BhA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b00b301bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/v-index.js.6b4da208.js | 104.21.44.8 | 200 OK | 23 kB |
URL HTTP/2manylucksurvey.top/js/v-index.js.6b4da208.js IP104.21.44.8:0
File typeASCII text, with very long lines (35207), with no line terminators Hash8249c09e589e231a0506309fb7309754 ed4e5e3660f63fd5090c910dfefb41971300e2d4 a12e67b2bdf4b793e5832822ff327e559868fda6ecfab326825ffba404e70991
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-index.js.6b4da208.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:38 GMT
vary: Accept-Encoding
etag: W/"63db9e2a-8987"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDA%2FmzXxRSIOIhkXOjTnAdFb3pFbbBs%2FTimEICUMGvtz408dUnkmEG9cr0SpvAoqxK68HACNx%2F8eLS3bB2MDtyFrTvNh4zErpgptvmj3pnnlywecW3rwEMu9ISr37AnZYWv35Rs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ac09ee1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/img/comments/person-sweep-14.jpg | 104.21.44.8 | 200 OK | 1.1 kB |
URL HTTP/2manylucksurvey.top/img/comments/person-sweep-14.jpg IP104.21.44.8:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash4248fa5ac54e7b0dfa5a791bd1dbd161 aa880bfbdca2ec69d93fd29606a64bdce6ee830c 174659ceb240363f2d31a6fd392f108ad714a592b0dc3192d1051c42237bf8b8
GET /img/comments/person-sweep-14.jpg HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: image/jpeg
content-length: 1146
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-47a"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wp8NHuS%2FmysJmIuOS6NZ6u%2B%2FScmlTqCF1sA7acbNRXSn308eD4bqIViAXwNzCLAcGdbINdJc0NTUL604bnGWaighYubPp0UqcJlYmI3xKxrB1ijOkzuDoSrIfxDEk%2F0knxVVkf4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b01b381bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hash1256fdd4da71b825a1e9c46e3c756d9f c2660abd47c71ceaec6012f9479299b4519201d4 128ecb38026476098b0316fad2927d5e8df5f6265ac5554ff6009c8b85a32985
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 05:09:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 05:19:52 GMT
Expires: Thu, 09 Feb 2023 05:19:51 GMT
Etag: "c2660abd47c71ceaec6012f9479299b4519201d4"
Cache-Control: max-age=518418,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7938a7b00be30b3d-OSL
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a | 37.48.68.71 | 200 OK | 12 B |
URL HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a IP37.48.68.71:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeJSON data\012- , ASCII text, with no line terminators Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1293
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 03 Feb 2023 05:09:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://manylucksurvey.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| manylucksurvey.top/img/sweep/tokens10k.png | 104.21.44.8 | 200 OK | 67 kB |
URL HTTP/2manylucksurvey.top/img/sweep/tokens10k.png IP104.21.44.8:0
File typePNG image data, 480 x 500, 8-bit colormap, non-interlaced\012- data Hash7226e7c7102de83aea128e7417e87779 1777a0c66bd17c26c4da8462efa8975342581a4d 2cb3f101f3327f07baf3bcd509372a6058d871da12ae0661771a5c7c339fff36
GET /img/sweep/tokens10k.png HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:33 GMT
content-type: image/png
content-length: 66622
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: "63db9e29-1043e"
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOAqG%2BZS4BT%2FaA3FGwpPyicUQ1dNpLKDGacFAoQznRniSGw5sB09%2BC%2F4fFYxvhKobuiOq%2BP6ldZI2klQ669xMbfllXmgK55FIkY%2BY%2BDzYmspTz4m6GNlAuFo%2Bu%2FIGC8QQqtiPf8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7b0bb601bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4829
Expires: Fri, 03 Feb 2023 06:30:02 GMT
Date: Fri, 03 Feb 2023 05:09:33 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4829
Expires: Fri, 03 Feb 2023 06:30:02 GMT
Date: Fri, 03 Feb 2023 05:09:33 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4829
Expires: Fri, 03 Feb 2023 06:30:02 GMT
Date: Fri, 03 Feb 2023 05:09:33 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d005c4-44bd-4c69-b179-e966a5e62bc4.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d005c4-44bd-4c69-b179-e966a5e62bc4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash08efac01fbe2d2949d81cfa427e8f360 e354cd76c38a72a10eddad9298b43415f8f04ed1 a5edf287aefdfb2f4c33d19b322b2574553fc9f5646f147359a3dcf8c1d75cb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d005c4-44bd-4c69-b179-e966a5e62bc4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7700
x-amzn-requestid: 11dd2ef1-f809-4a95-aeef-361cfa745eea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYyFIHUVIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d363ba-7841e2a6249f0e5d7aa91c8d;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 05:40:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gYmuJEgMngPXgeLlAQfRoP-EtCgH--hkvSt6OPTUlYXxetmf5zAtVg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 26492
etag: "e354cd76c38a72a10eddad9298b43415f8f04ed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe366b32074025aaf60bbae8bdb08d330 a52c2883bad98fa20333aa639a5dd3a5bf544c8e 9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 26492
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4a92e881554205ebbe3721a7bbaeab40 b620fc82bd15b55b581bd8c3a699e1b16563ad2e ff753b8411bfa0df54938a5f829ce25acbad863a2a3540b3bacca02baf9a2c7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6398
x-amzn-requestid: 843fefd3-8cf4-44ee-bb7c-a010d4149442
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv1XFXQoAMFe5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2cee-76739fd87b4c0d203eca4114;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cGZEXolULcBUgvrZ55IWnR825LgkHDFmJFJ5i9lcl4KYbDte3-N1g==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:43 GMT
age: 25910
etag: "b620fc82bd15b55b581bd8c3a699e1b16563ad2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg | 34.120.237.76 | 200 OK | 3.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0c1c2a5a291f23be6591c9b19db47b47 2f67cdba4a3d5a8cf6f6eb7951d2a1bda6e01619 327efb8c72421819992900ab0f8f267da7d28122c710b8694979116579d512c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3083
x-amzn-requestid: 7a4f094b-a423-401e-a9e7-8d9f130e2e40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi1drEtKIAMFuYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76924-66751080608a6cd2650b853d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:52:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UoXATdGOgEK3Unxszcp4ulAK3b1BuHS2MbUzTHe-qxjNZkb2eoxE-A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:44:49 GMT
age: 26684
etag: "2f67cdba4a3d5a8cf6f6eb7951d2a1bda6e01619"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3490571dd2de0a747987b9a0e18cccc8 18e9f8f160d3515f1cb31fc7538ac762a6cab344 1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg | 34.120.237.76 | 200 OK | 7.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd4242d4999b7b033873b81a482c319c2 bc4c004065ce9f558f210d508844c123a85737a1 ab35a5c1a7c1a0a548aee3b9c301893799680ec1922c13e7a16d44ca457cd91d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7237
x-amzn-requestid: f6aa0d26-8df4-40fe-8984-1aac7c76097e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVr4jEdeIAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2269c-58a038d6491d8f461e9168d4;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:07:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XNO6ArxsjiZTxcoSn1Fmhso5bpWNIvzT9nplF6UGTiHVxXlJiv7bJA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:58:40 GMT
age: 25853
etag: "bc4c004065ce9f558f210d508844c123a85737a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/gseccovsslca2018 | 104.18.20.226 | 200 OK | 939 B |
URL HTTP/1.1ocsp.globalsign.com/gseccovsslca2018 IP104.18.20.226:0
Hasha606f1de1033a0e31119a2919579e370 61f7b5df86f61c3323169d890a5e22ce644050f8 fdeb3175cd4c908e24f3d5014b269ceb45dfee438e9cd9da7e952af9ccdcdffa
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 05:09:33 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 07 Feb 2023 03:10:41 GMT
ETag: "61f7b5df86f61c3323169d890a5e22ce644050f8"
Last-Modified: Fri, 03 Feb 2023 03:10:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 36
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7938a7b259ebb505-OSL
|
|
| mc.yandex.ru/metrika/tag.js | 93.158.134.119 | 200 OK | 74 kB |
URL HTTP/2mc.yandex.ru/metrika/tag.js IP93.158.134.119:0
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (659) Hasha236c7014c1f1a1e52d356f59e5d665a b66c638eb2346287364c37725819bbab1f409d66 ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Fri, 03 Feb 2023 05:09:33 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Fri, 03 Feb 2023 06:09:33 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/metrika/advert.gif | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/metrika/advert.gif IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 03 Feb 2023 05:09:33 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Fri, 03 Feb 2023 06:09:33 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A163%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A86296787%3Arqn%3A1%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C43%2C0%2C%2C0%2C%2C91%2C0%2C%2C%2C%2C233%3Aco%3A0%3Ans%3A1675401001708%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 | 93.158.134.119 | 200 OK | 400 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A163%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A86296787%3Arqn%3A1%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C43%2C0%2C%2C0%2C%2C91%2C0%2C%2C%2C%2C233%3Aco%3A0%3Ans%3A1675401001708%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 IP93.158.134.119:0
File typeJSON data\012- , ASCII text, with very long lines (400), with no line terminators Hash7a6f181908be1c0fb99ce67bbb50c81c a944f68dbc49a45427517ed287caf7064dbec883 42928a48b811b8a3e6418bf899f5987d20bd5230f1c3bdb0e4ab410377e0ade2
GET /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A163%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A86296787%3Arqn%3A1%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C43%2C0%2C%2C0%2C%2C91%2C0%2C%2C%2C%2C233%3Aco%3A0%3Ans%3A1675401001708%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Fri, 03 Feb 2023 05:09:33 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 05:09:33 GMT
last-modified: Fri, 03-Feb-2023 05:09:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A785842977%3Arqn%3A3%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A785842977%3Arqn%3A3%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexCall&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A785842977%3Arqn%3A3%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 03 Feb 2023 05:09:33 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 05:09:33 GMT
last-modified: Fri, 03-Feb-2023 05:09:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A244167305%3Arqn%3A2%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1124%2C1124%2C0%2C%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A244167305%3Arqn%3A2%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1124%2C1124%2C0%2C%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonSurveyStart&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A244167305%3Arqn%3A2%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1124%2C1124%2C0%2C%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 77
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 03 Feb 2023 05:09:33 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 05:09:33 GMT
last-modified: Fri, 03-Feb-2023 05:09:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A497236011%3Arqn%3A5%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A497236011%3Arqn%3A5%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonStepChange&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A497236011%3Arqn%3A5%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 03 Feb 2023 05:09:33 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 05:09:33 GMT
last-modified: Fri, 03-Feb-2023 05:09:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonUnique&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A416866769%3Arqn%3A4%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonUnique&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A416866769%3Arqn%3A4%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonUnique&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A416866769%3Arqn%3A4%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 03 Feb 2023 05:09:33 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 05:09:33 GMT
last-modified: Fri, 03-Feb-2023 05:09:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A390447311%3Arqn%3A6%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A390447311%3Arqn%3A6%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonNotificationPermission&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A390447311%3Arqn%3A6%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 53
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 03 Feb 2023 05:09:33 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 05:09:33 GMT
last-modified: Fri, 03-Feb-2023 05:09:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A729620797%3Arqn%3A8%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A729620797%3Arqn%3A8%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrackImpression&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A729620797%3Arqn%3A8%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 199
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 03 Feb 2023 05:09:33 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 05:09:33 GMT
last-modified: Fri, 03-Feb-2023 05:09:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A938578416%3Arqn%3A7%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A938578416%3Arqn%3A7%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonAdexLoad&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A938578416%3Arqn%3A7%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 16
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 03 Feb 2023 05:09:33 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 05:09:33 GMT
last-modified: Fri, 03-Feb-2023 05:09:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A163%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A86296787%3Arqn%3A1%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C43%2C0%2C%2C0%2C%2C91%2C0%2C%2C%2C%2C233%3Aco%3A0%3Ans%3A1675401001708%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) | 93.158.134.119 | 302 Found | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A163%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A86296787%3Arqn%3A1%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C43%2C0%2C%2C0%2C%2C91%2C0%2C%2C%2C%2C233%3Aco%3A0%3Ans%3A1675401001708%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A163%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A86296787%3Arqn%3A1%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C43%2C0%2C%2C0%2C%2C91%2C0%2C%2C%2C%2C233%3Aco%3A0%3Ans%3A1675401001708%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A163%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A86296787%3Arqn%3A1%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C43%2C0%2C%2C0%2C%2C91%2C0%2C%2C%2C%2C233%3Aco%3A0%3Ans%3A1675401001708%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 03 Feb 2023 05:09:33 GMT
access-control-allow-origin: https://manylucksurvey.top
set-cookie: yabs-sid=2047590921675400973; Path=/; SameSite=None; Secure
i=O+WDXwO0SBUf0I4nUCLleG32A8AkWLC5dqCG3NWplOp5NBQ4rkwF1BsFfZvc0ccPqvBAzUC5Xh5MmUPfM/03fnkPyMU=; Expires=Mon, 31-Jan-2033 05:09:29 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2823992831675400973; Expires=Sat, 03-Feb-2024 05:09:33 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2823992831675400973; Expires=Sat, 03-Feb-2024 05:09:33 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706936973.yc.1675400973#1706936973.yrts.1675400973#1706936973.yrtsi.1675400973; Expires=Sat, 03-Feb-2024 05:09:33 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 05:09:33 GMT
last-modified: Fri, 03-Feb-2023 05:09:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A278289001%3Arqn%3A9%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2) | 93.158.134.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A278289001%3Arqn%3A9%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2) IP93.158.134.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fmanylucksurvey.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fmanylucksurvey.top%2Fsweeps-survey.html%3Fz%3D4526262%26offer_id%3D2755%26var%3D1%26ymid%3D2o0nu99840c37%26utm_campaign%3D1%26utm_medium%3D4526262%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1675400973_97ff5c9f9527eef31ceb81ea10758b0f073252705a14e67bdc5cd68ece768bca&browser-info=ar%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A230355899427%3Ahid%3A382419913%3Az%3A0%3Ai%3A20230203051002%3Aet%3A1675401003%3Ac%3A1%3Arn%3A278289001%3Arqn%3A9%3Au%3A1675401003396327544%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675401001708%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675401003%3At%3ADear%20user&t=gdpr(14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 03 Feb 2023 05:09:33 GMT
access-control-allow-origin: https://manylucksurvey.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 05:09:33 GMT
last-modified: Fri, 03-Feb-2023 05:09:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/_is-browser-supported.caa18280.js | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/_is-browser-supported.caa18280.js IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/_is-browser-supported.caa18280.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: W/"63db9e29-3ee"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQk%2BS0aH1%2BM9zmqUGWITUT%2FKDfZHzeu5jkKixW0gDWKC56xKYPS2a1a2kfia0CRBU8AHk%2Fw2Nczrr%2BWbQdnFGgQVOWsZ8JiVpxsbmx2ywSR1L1Mt4vwDsh7PxhPXee5K3QtKc6A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ac09e81bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/sweeps-survey.9f607bfa.js | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/sweeps-survey.9f607bfa.js IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/sweeps-survey.9f607bfa.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: W/"63db9e29-20a"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOOhndYFEZwJa%2FK9pAFKFfGJCl0hEpeoJbu3zh1jl%2B6F8osfwskAxfGmKMKVJ6BzG288gorWwI4q8AnDKTf9Nqo5QHVaAmWH4zm4q4tXmkoEyyu6sIWd1ONijCZrkFRDEdWb7wY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ac19f41bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/v-_baseIsEqualDeep.js.5278aac9.js | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/v-_baseIsEqualDeep.js.5278aac9.js IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-_baseIsEqualDeep.js.5278aac9.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: W/"63db9e29-2cf"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mbZiRcxgDavZwZnO3vAp177THGO3ycSIcRYHQg4KM7CGvVtDyTcav3zq5aEqkGnmPpqPeEG6ScuD%2BV4B0lOFTDs9jcl2q818%2FFTgoCI2FmvZWKuuY5bq8bykoT0mElsIpTPv3k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ac09f01bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/v-_equalByTag.js.b5f56871.js | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/v-_equalByTag.js.b5f56871.js IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-_equalByTag.js.b5f56871.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:38 GMT
vary: Accept-Encoding
etag: W/"63db9e2a-3a6"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmmVttswTTfpjGfl0PFDeKBUPGRHPxUlMf9FqsxdVE1PSaFUV7vWysQDTdZoAhtXJLLB7vaK%2BZGKmt%2FPvzYPjo3kcGIh8NIjrQSyqS9%2FYBeq9OOwBldNSSrzdJOQnnVqiWhU5Ho%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ac09ef1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/_each-land-config.08c6454a.js | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/_each-land-config.08c6454a.js IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/_each-land-config.08c6454a.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: W/"63db9e29-a2d7"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfkWywgTdVgVqMiY2N4LEsEuMZ38XH6s2rjuJ%2B%2BI7RJ0LQh4zlsNFM7bRNawKtQvOxMQiCa3kLVEkJTzGJLaoquZmzFtQFNPsHrw7w2ObB1InyFjgc1eOXf6THUrXbVybEEbMAI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ac09ed1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/config/data/sd-2755601.js?v=10 | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/config/data/sd-2755601.js?v=10 IP104.21.44.8:0
GET /js/config/data/sd-2755601.js?v=10 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: W/"63db9e29-175f"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BjnLi1JGn4V9oAr7X4mny3UNCtcmeM%2BwY6RDcZevZVctwnSSM1ds7R5xxVg2P5DMjIoVng5io3YuknDKuXDS1vQkT90JDdets6oHLogu%2BUfKNl4Q5Ixaw5VJ2aB6PpXs%2B8f3n8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ad3a361bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2o0nu99840c37 | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2o0nu99840c37 IP104.21.44.8:0
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.top domain |
GET /sweeps-survey.html?z=4526262&offer_id=2755&var=1&ymid=2o0nu99840c37 HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: text/html
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoyHiTWbnn3S1zQLh0CjaVvboqkpaA7iSDZiryGogqSxkb%2FBtMZ11LacoXlSB8U5jjfIW5hNoUbzFNDr%2FiZ6vQQM7WMzp3G%2FjfdsEK%2FmeJhLI1oCr2d7aBOdLPu8cbyaLnOAwHs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7aaf9891bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/_global-config-sd.fac48b69.js | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/_global-config-sd.fac48b69.js IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/_global-config-sd.fac48b69.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: W/"63db9e29-3c4"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INKuqZSgbeBzTJaElx4cO%2FJKYe%2BwTnOYJotxEaU%2FDvA1%2FaI%2BXW3TZhnCHFE%2FoIGRTWwkEIVqdph6dLahs0hATcl2AJB8hI5j19Ukgoul9iwGrQv4tJlfN3mRzkb55WhUb%2FGZz5E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ac09e91bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/_rtc.30a54484.js | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/_rtc.30a54484.js IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/_rtc.30a54484.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:38 GMT
vary: Accept-Encoding
etag: W/"63db9e2a-2bb5"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxa0aWuiC4LNM3RvgJQbD9i%2BXz%2FBWTxmyltk9oRToPqGzm45C5%2F49hsaycDPEqg3hPG7IzIfuwxD%2Fu5NWLN1ORBsxNCWxsU5QoZXt8hhPMqmdEudnyI%2FtMObG3gfA8j10s4yfP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ac09ea1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/v-redux-toolkit.esm.js.6f0811f7.js | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/v-redux-toolkit.esm.js.6f0811f7.js IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/v-redux-toolkit.esm.js.6f0811f7.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: W/"63db9e29-289c"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rb2duG08CoHFdvtghgGbmtmRI6cgUlIL7biI9V0xVsnSyHVGte9PqQllT597HDwYxz8miWSXAh1ULDM%2FxWuYz2Wd67xdTgTbGL%2BzQKZwP8YzFpgO5cOReGHeePGGIAPFvWMB1I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ac09f21bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/config/comments/en-sweep.json | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/config/comments/en-sweep.json IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/config/comments/en-sweep.json HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dev_debug=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/json
last-modified: Thu, 02 Feb 2023 11:27:37 GMT
vary: Accept-Encoding
etag: W/"63db9e29-12f9"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4VcEYyX3tUTxyG3mMLyP41XyYLyS40vAeuFN5B8Be2Fsmv86H2HFlz4prWm3NJP9VY8r9zTDeYg0CMuzIdJT7%2F2SARzYWWdC5WPr5QuFLu7HeC3hvaddOCGxf%2FtV6yVEZp%2BfxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ae7a821bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| manylucksurvey.top/js/s-storageService.js.c2d14bf0.js | 104.21.44.8 | 200 OK | 0 B |
URL HTTP/2manylucksurvey.top/js/s-storageService.js.c2d14bf0.js IP104.21.44.8:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/s-storageService.js.c2d14bf0.js HTTP/1.1
Host: manylucksurvey.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:09:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 11:27:38 GMT
vary: Accept-Encoding
etag: W/"63db9e2a-a0c"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eioQJwdmC9qZ%2FVhDWcrKsuHY1t3KYLVwUw8NJcFXK%2FDZjf8u8020cEyF1Lg0yEEHUWItrT9Em7SCxSobRJ1O5VrkP5imdQlSG2RBTDYfWV3ydje0lqfrKmCmNkWnAtgyqte1hLw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938a7ac09eb1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| itcleffaom.com/rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5428259;5426182&var=4526262&ymid=1&uid=da8ee845258546398a0dd0e87ec38697 | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2itcleffaom.com/rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5428259;5426182&var=4526262&ymid=1&uid=da8ee845258546398a0dd0e87ec38697 IP139.45.197.237:0
GET /rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5428259;5426182&var=4526262&ymid=1&uid=da8ee845258546398a0dd0e87ec38697 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://manylucksurvey.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:09:33 GMT
content-type: application/javascript
x-trace-id: af05d4ad8f624138aca0521b5441ee00
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://manylucksurvey.top
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=da8ee845258546398a0dd0e87ec38697; expires=Sat, 03 Feb 2024 05:09:33 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|