urlscan.io logo urlscan.io
SecurityTrails logo

haijezoa.top Open in urlscan Pro
104.21.54.140  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://evgeniya629.socro-ad.club/
Effective URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&...
Submission: On January 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 34 HTTP transactions. The main IP is 104.21.54.140, located in and belongs to CLOUDFLARENET, US. The main domain is haijezoa.top.
TLS certificate: Issued by GTS CA 1P5 on December 21st 2023. Valid for: 3 months.
This is the only time haijezoa.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.65.40 54113 (FASTLY)
1 1 139.45.196.64 9002 (RETN-AS)
16 104.21.54.140 13335 (CLOUDFLAR...)
3 10 2a02:6b8::1:119 13238 (YANDEX)
1 139.45.195.8 9002 (RETN-AS)
2 139.45.197.248 9002 (RETN-AS)
34 11
3    2606:4700:3030::6815:1276 (United States)

ASN13335 (CLOUDFLARENET, US)
evgeniya629.socro-ad.club
1    2607:f8b0:4006:81c::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:141b:1c00:d8b::523 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
res.cloudinary.com
1    2606:4700:3033::6815:5291 (United States)

ASN13335 (CLOUDFLARENET, US)
socrobotic.store
1    2607:f8b0:4006:81d::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.65.40 (United States)

ASN54113 (FASTLY, US)
captcha.px-cdn.net
1    139.45.196.64 (United Kingdom)

ASN9002 (RETN-AS, GB)
eekighoo.com
16    104.21.54.140 (None, )

ASN13335 (CLOUDFLARENET, US)
haijezoa.top
10    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    139.45.197.248 (United Kingdom)

ASN9002 (RETN-AS, GB)
dortmark.net
Apex Domain
Subdomains		 Transfer
16 haijezoa.top
haijezoa.top
177 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8747
4 KB
3 socro-ad.club
evgeniya629.socro-ad.club
3 KB
2 dortmark.net
dortmark.net — Cisco Umbrella Rank: 66666
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3982
71 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663
544 B
1 eekighoo.com
eekighoo.com — Cisco Umbrella Rank: 289427
840 B
1 px-cdn.net
captcha.px-cdn.net — Cisco Umbrella Rank: 514968
499 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 socrobotic.store
socrobotic.store
3 KB
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2467
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
34 12
Domain Requested by
16 haijezoa.top haijezoa.top
8 mc.yandex.com 2 redirects haijezoa.top
mc.yandex.ru
3 evgeniya629.socro-ad.club evgeniya629.socro-ad.club
captcha.px-cdn.net
2 dortmark.net haijezoa.top
2 mc.yandex.ru 1 redirects haijezoa.top
1 my.rtmark.net haijezoa.top
1 eekighoo.com 1 redirects
1 captcha.px-cdn.net evgeniya629.socro-ad.club
1 fonts.gstatic.com fonts.googleapis.com
1 socrobotic.store evgeniya629.socro-ad.club
1 res.cloudinary.com evgeniya629.socro-ad.club
1 fonts.googleapis.com evgeniya629.socro-ad.club
34 12

This site contains links to these domains. Also see Links.

Domain
vuolobnhqb.com
Subject Issuer Validity Valid
socro-ad.club
GTS CA 1P5		 2023-12-02 -
2024-03-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-12-18 -
2025-01-13		 a year crt.sh
socrobotic.store
GTS CA 1P5		 2024-01-03 -
2024-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.perimeterx.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-25 -
2024-09-25		 a year crt.sh
haijezoa.top
GTS CA 1P5		 2023-12-21 -
2024-03-20		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
dortmark.net
R3		 2023-12-26 -
2024-03-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Frame ID: BAB981C9FE0C5052B96F6B25650A5906
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Test $$$

Page URL History Show full URLs

  1. https://evgeniya629.socro-ad.club/ Page URL
  2. https://eekighoo.com/link?z=6591460&var=ft&ymid=qb3m6u18rfph HTTP 302
    https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

34
Requests

94 %
HTTPS

55 %
IPv6

12
Domains

12
Subdomains

11
IPs

4
Countries

777 kB
Transfer

1278 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://evgeniya629.socro-ad.club/ Page URL
  2. https://eekighoo.com/link?z=6591460&var=ft&ymid=qb3m6u18rfph HTTP 302
    https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10248.E7hNv3dJDuRl6FHwWqFUDjg5v5QlSsJF3kYyGaciFB_U9zFhh3h87c_9ms0bgeIl.lvPtj_DZ_qzuPUvk795mx4pCbFQ%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10248.8PO7PFVnOkA0wiGxNajQ_jdzkUn1WVuvI0SHNBBCedTPwrfptDeUwp-8SZOZch8CVXoQQrCdxsD6mUWNprs4QmGa37I8dgEoAXH_4EZjWMlYfCuGr4wXm0fIyTEaYv3pTl8w_nYiScBxk0T1XtdCBsev7JJHCLXumVVVTXHQ_mpWfVpDgpO1uhEytzVw2zI9lbDnsX_iyZogl7OYld3zdlz4uGFIoLZ1IQUy5kUjrhc%2C.xp5VfV4gaFrLd1IuRpHO7OKwJw4%2C
Request Chain 31
  • https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D770540827081712177%26b%3D19240138%26campaignid%3D7526076%26var%3Dft%26ymid%3D770540827081712177%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A96292448372%3Ahid%3A135248301%3Az%3A-600%3Ai%3A20240114132625%3Aet%3A1705274785%3Ac%3A1%3Arn%3A540612567%3Arqn%3A1%3Au%3A1705274785555299538%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C71%2C254%2C1%2C797%2C0%2C%2C64%2C1%2C%2C%2C%2C1281%3Aco%3A0%3Acpf%3A1%3Ans%3A1705274783073%3Afp%3A1254%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705274786%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14)mc(g-3)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D770540827081712177%26b%3D19240138%26campaignid%3D7526076%26var%3Dft%26ymid%3D770540827081712177%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A96292448372%3Ahid%3A135248301%3Az%3A-600%3Ai%3A20240114132625%3Aet%3A1705274785%3Ac%3A1%3Arn%3A540612567%3Arqn%3A1%3Au%3A1705274785555299538%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C71%2C254%2C1%2C797%2C0%2C%2C64%2C1%2C%2C%2C%2C1281%3Aco%3A0%3Acpf%3A1%3Ans%3A1705274783073%3Afp%3A1254%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705274786%3At%3AOnline%20Test%20%24%24%24&t=gdpr%2814%29mc%28g-3%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
evgeniya629.socro-ad.club/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://evgeniya629.socro-ad.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f478ed77959ea20c09129f7f704ebcf6fb38dc14dc592a4583df39da4af74763

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8459a4b56ee82876-MIA
content-encoding
br
content-type
text/html
date
Sun, 14 Jan 2024 23:26:21 GMT
last-modified
Fri, 15 Dec 2023 11:16:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sz8CqbLBzvzMHkKAPQCEULUgs%2Fkmyms1f8PO2Qo32S81PD9LG1jmHbfjmKJAmkJ1Wj73nc%2F9%2F%2Fk7z5e%2BvV4rx5YTglhJe%2B6vx28bdoTCKu6zj9rOfyeOQfzu%2Fq8oQX8kmtkjBAmrStzSy62IrSQ%2FT%2BCN2Ft60689"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300
Requested by
Host: evgeniya629.socro-ad.club
URL: https://evgeniya629.socro-ad.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c93254c3b38a544885ef7418366c3895b1a9871669f56ef2c9ac9f1315525b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://evgeniya629.socro-ad.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 23:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 22:38:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 23:26:21 GMT
ssense_logo_v2.svg
res.cloudinary.com/ssenseweb/image/upload/v1471963917/web/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/ssenseweb/image/upload/v1471963917/web/ssense_logo_v2.svg
Requested by
Host: evgeniya629.socro-ad.club
URL: https://evgeniya629.socro-ad.club/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:d8b::523 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
d72bd5954d7f907b3789b72ce0d6529e14f98d3a22aec30e16ed387122806ddc
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://evgeniya629.socro-ad.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=604800
content-disposition
attachment; filename="ssense_logo_v2.svg"
server-timing
cld-akam;dur=6;start=2024-01-14T23:26:21.711Z;desc=hit,rtt;dur=63
content-length
668
last-modified
Fri, 16 Jun 2017 15:59:08 GMT
server
Cloudinary
etag
W/"165a98cd78afa862ce95b155ddeef13a"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5f17b302ec4f91ede66b8ae2b31b3dea2fd8ac9d32b7052023c9a50e50fc310

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
text/javascript
fQWb4JtJ
socrobotic.store/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://socrobotic.store/fQWb4JtJ?return=js.client&&se_referrer=&default_keyword=Access%20to%20this%20page%20has%20been%20denied.&landing_url=evgeniya629.socro-ad.club%2F&name=_28g2MYFKwwG32v9P&host=https%3A%2F%2Fsocrobotic.store%2FfQWb4JtJ
Requested by
Host: evgeniya629.socro-ad.club
URL: https://evgeniya629.socro-ad.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5291 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://evgeniya629.socro-ad.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtrH7Qh6vjEJYFVsrwNOPB6MKqM9vSVZspYxKuFmoZl4OlkccYJYhnm3n3TgSzR76l3AB%2ByOBWltoW7rhD1AwH9gThIQYjYz97pKxOKrTpxwLcx2RZST1FhMmpUwjlBVh0fvDqxfJyQZmrtA7zDL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8459a4bcdfd58de4-MIA
alt-svc
h3=":443"; ma=86400
expires
Sun, 14 Jan 2024 23:26:22 GMT
captcha.js
evgeniya629.socro-ad.club/58Asv359/captcha/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://evgeniya629.socro-ad.club/58Asv359/captcha/captcha.js?a=c&u=baff9429-c4ac-11ec-aebb-6a766354456e&v=&m=0
Requested by
Host: evgeniya629.socro-ad.club
URL: https://evgeniya629.socro-ad.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://evgeniya629.socro-ad.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:22 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPCTXBHKeRZUz1yVuDSEnXgvq6wKsc3GGM95%2F3KG5yr%2FGXJXpKryAEf8uWIT5AGHctG26Nd8pS1bnCc2IW2%2BPOgUPq%2BDJX6epqHnI5MeV7vEVRoBFZZlIXQfR5Nwo%2FO4hsD8hkZamRbKXmnbxZME3pT98qS5p13%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8459a4b9cf172876-MIA
alt-svc
h3=":443"; ma=86400
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
758015e3cb56989df5cfcf912d2c3861a62e623d386ef12d4bacf15891a4eb81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://evgeniya629.socro-ad.club
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 13:06:12 GMT
x-content-type-options
nosniff
age
382810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18704
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 13:06:12 GMT
captcha.js
captcha.px-cdn.net/PX58Asv359/ 		499 KB
499 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.px-cdn.net/PX58Asv359/captcha.js?a=c&u=baff9429-c4ac-11ec-aebb-6a766354456e&v=&m=0
Requested by
Host: evgeniya629.socro-ad.club
URL: https://evgeniya629.socro-ad.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.40 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
080868a636dfeaa0cb67e7b5e6a6566aa39261ac2278869a3662c68324f9c174

Request headers

accept-language
en-US,en;q=0.9
Referer
https://evgeniya629.socro-ad.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760092-MIA
date
Sun, 14 Jan 2024 23:26:22 GMT
via
1.1 varnish
age
86
x-timer
S1705274782.297513,VS0,VE2
etag
W/"7caff-uzSh8al8HGzxgyls0UKjOH1X40o"
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
content-length
510719
x-cache-hits
1
init.js
evgeniya629.socro-ad.club/58Asv359/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://evgeniya629.socro-ad.club/58Asv359/init.js
Requested by
Host: captcha.px-cdn.net
URL: https://captcha.px-cdn.net/PX58Asv359/captcha.js?a=c&u=baff9429-c4ac-11ec-aebb-6a766354456e&v=&m=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://evgeniya629.socro-ad.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:23 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNrxhK4V18ZHvZTlWHJGH7Syln3naXgNtcAcOWV%2FOH00Z2KWYnOrxujRZfKSW%2ByNceyWQj8RT9GlXaOlUPne46waivPzUL60zAA5UIwi12%2FeOOlg1kU7mD2d77sWU%2FlnkacBLcvXYcY3rTq6iS1q%2BIVcQJzibrkh"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8459a4c06f99b3b6-MIA
alt-svc
h3=":443"; ma=86400
Primary Request sweeps-survey.html
haijezoa.top/
Redirect Chain
  • https://eekighoo.com/link?z=6591460&var=ft&ymid=qb3m6u18rfph
  • https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=s...
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84fd54d408c4465524f34448f8172596565dcd5a01e30f766e1b3e58997bdab2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://evgeniya629.socro-ad.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8459a4c7e9c9d9b9-MIA
content-encoding
br
content-type
text/html
date
Sun, 14 Jan 2024 23:26:24 GMT
last-modified
Fri, 12 Jan 2024 13:27:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y75eHjvxkWOvSrtXGXNq4KI4NeeUU3l1VyjGXj1XpET%2FQEmCHqQRtHRUkeogA5WbAkL%2B4I0Sv4%2BQSgO8nztM%2Bgl83x%2FX8e1wyTLxdv86oagFBLdzIISg6rCubBE1opo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Sun, 14 Jan 2024 23:26:23 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://haijezoa.top>; rel="dns-prefetch preconnect"
location
https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
x-content-type-options
nosniff
x-trace-id
bb8d2f44d2458d7723e812a36d6ccedd
_rtc.0531893f.js
haijezoa.top/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/_rtc.0531893f.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac2da5daf8bf4064af6e75b7a36011df0e7d61155f64ace94b036da9684bbb5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3001
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 13:27:52 GMT
server
cloudflare
etag
W/"65a13e58-2fbe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3MGd9GCIT6P0L2zE3wWUwOFgYEeo%2FH06DX%2BuOYrqA9piAO%2BekZKehADAE%2F7FbTTOwbLS4HgpmsTwqDejXDjhYTbNL5TYQ%2F0%2FGDMR6Qcs%2FLQM9aiTyR9wAlwqVrFZJM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8459a4c98bcbd9b9-MIA
v-index.js.0dfb1c57.js
haijezoa.top/js/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/v-index.js.0dfb1c57.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ce6e91e8255eab3139594ce651692e6f13d897265bafa50dbe0a2bf5e9d8d2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3001
cf-polished
origSize=40988
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 13:27:52 GMT
server
cloudflare
etag
W/"65a13e58-a01c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TxEqBh8SlilIX9Evv0HT84rT%2B58%2BTPER5AaJlxhR0dpeTClhFXK5vcH84zXQOKi3zK7QH4f1GndqTZSqq%2FuaAD0DWEsb4h5PlrQj6Axmn9yifdiNcJetCuOW5hCGLI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8459a4c98bccd9b9-MIA
s-storageService.js.94a9828d.js
haijezoa.top/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/s-storageService.js.94a9828d.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa4afdae78b947b37f2948051af739a8cd0f0fda02ef18a96e16e451dbd717e6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 13:27:53 GMT
server
cloudflare
etag
W/"65a13e59-87a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuYuEq1zfhiAFBxueLLp3VWmfgJhtAW%2FQ8xSycgQfJqM4DCCzDycWYClwlgGgU8b4QBDQPMTUy6G4uMpBWoZecvMWxy8EZFYRk%2Fifd%2Fd4lapqtV%2FZi0iecKfjzhd218%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8459a4c9abe7d9b9-MIA
s-checkSessionStorageAvailable.ts.763cdf5c.js
haijezoa.top/js/ 		330 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/s-checkSessionStorageAvailable.ts.763cdf5c.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44388c8ebb08d2296ca4ac05b0c0097965f80f389acda7b29c8c65781dabde29
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3001
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 13:27:52 GMT
server
cloudflare
etag
W/"65a13e58-14a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5uNSwNXDlY%2B9ROeHB5AaLpxQCDOSjIK7gSvEKqu9%2FVtLOmEUBWzsm6cuN8jcppxq1lg0QYAtdWXc57XktYC05Y7z5x76BT%2FhEgFw7i7OlqGwQlU9UJeVST5HrAY1wU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8459a4c9abe8d9b9-MIA
s-checkLocalStorageAvailable.ts.9c47adc8.js
haijezoa.top/js/ 		330 B
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/s-checkLocalStorageAvailable.ts.9c47adc8.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215914ade870853a19affd6731afb905bdeb0ee3cfe780b0c4473b895bb6031a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3001
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 13:27:54 GMT
server
cloudflare
etag
W/"65a13e5a-14a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmavJsUzmYnt4Jiol9HgYh6SxCsNyUiskg5cDZInGQZ8KiSb9yDecBgTQmR4JS%2B%2BHWqFZmC38LxpFfcJKTys8MPGOtlsouDJnemOo%2BvgfnE95XyroCql%2Bimp0XRFfYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8459a4c9abe9d9b9-MIA
v-redux-toolkit.esm.js.8edd0513.js
haijezoa.top/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/v-redux-toolkit.esm.js.8edd0513.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
958adae3998fe21f15b941d983be4a8c31a815f159c8c52f13f90bff8b24b33c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 13:27:53 GMT
server
cloudflare
etag
W/"65a13e59-2c37"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Q97%2BhtNrOx9oYZs7T7Cvb11kbhhwlKLTUi7LA515jj4nHzxq%2F6%2Btct3s8EQdem0ptd5BF9%2FiV2NardsM9cPlqmK96JcwRCaG%2FROqSqXlUD%2BDpXavcA%2FER8%2FUhbTsA4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8459a4c9abead9b9-MIA
_each-land-config.c666fa2e.js
haijezoa.top/js/ 		71 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/_each-land-config.c666fa2e.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d295875b2dadf2fc125731fcca36f8729509fe436a3af2e71c885db3bc966ac5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3001
cf-polished
origSize=72332
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 13:27:53 GMT
server
cloudflare
etag
W/"65a13e59-11a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAuhxGdmJdvWopquKkvhkDhm0ESJlazy46xTvnZiKHhgZYJ6gQAoOiFtSkQdH72l0%2FzgA7ysds1hBYqSUrdw7hO2wnuckeEBehF1n%2BZOH6bIumiCOnJ0xrbC7SZqU0w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8459a4c9abecd9b9-MIA
v-react-dom.production.min.js.51baa145.js
haijezoa.top/js/ 		126 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/v-react-dom.production.min.js.51baa145.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
624a517e2c8d9973d6d11d56a13c45e457e26adb088ee02066cdc65af73b8dff
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3001
cf-polished
origSize=129359
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 13:27:52 GMT
server
cloudflare
etag
W/"65a13e58-1f94f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDirEgmIxCSAs67ooA9GAemf%2FDvZUxWRE5ZA25gT4hsbvPCYMh3%2FqWL9c%2FpCv4XVd1DI1tCcZn0R9aCUIV%2F5hZtBj4WshGgXFQFEN4HZRt3D1xeb1Ahj7VE0cWw9OpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8459a4c9abedd9b9-MIA
_core-survey.dffedff4.js
haijezoa.top/js/ 		166 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/_core-survey.dffedff4.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7954cc268e14a5c78a06a22ec5ad17d885ace8c8513bdae0179beb2b546c01b7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3001
cf-polished
origSize=169679
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 13:27:53 GMT
server
cloudflare
etag
W/"65a13e59-296cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9PauL%2FJFlR3ywSqxxI6x7BUB0JMXN2HZrpwrNhym3%2BQnu55H2R24yFoUyh69k5%2FbtPROvWdurgk7ZQ7wWtTmnBQf8htN0fY7MEp%2F1zXUUNn6f5ei1xi8cwlIklwoIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8459a4c9bc04d9b9-MIA
sweeps-survey.9b2f3eb0.js
haijezoa.top/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/sweeps-survey.9b2f3eb0.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a43ce185f6ef8b5b74bf511adf8366826c95446b606aa5bb4759a3ea7dfcb15
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 13:27:54 GMT
server
cloudflare
etag
W/"65a13e5a-1144"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvDi8uerf7SlnV8WDGgD1vy%2BWeI5RNpjZwqZPa8hIYGwshxMKWgMnj32Qz0%2F8ic8hzKUekbUh5XQJJ%2BdCCrwwnHLJjVSVWeNy8UMx4R8%2BtppomvKa1zbpSOyBC63VXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8459a4c9bc05d9b9-MIA
_core-survey.d3ac2ee0.css
haijezoa.top/css/ 		83 B
410 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/css/_core-survey.d3ac2ee0.css
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3001
cf-polished
origSize=84
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 13:27:53 GMT
server
cloudflare
etag
W/"65a13e59-54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqQkdz3X8f03qez%2F8cZjK0Jvhj5AdGK42JhcNy3xcY0mGOviFY1uLMmEP7pVlr6r2M60%2BeBw2vPK2l7oMADnDVcqxaHG%2FAdc3TDAUaAT9riVwaZnykahwqWB9yJ1E8M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
8459a4c98bc7d9b9-MIA
sweeps-survey.3ba9579d.css
haijezoa.top/css/ 		85 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/css/sweeps-survey.3ba9579d.css
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f870a6af6e850e5942690b7d536a57b8f9040cc2d95241cfa910d75a4c1972ba
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3001
cf-polished
origSize=86973
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jan 2024 13:27:53 GMT
server
cloudflare
etag
W/"65a13e59-153bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaDJo%2Bn80PSX2wMuUR60N%2FusePuToEUjNLswWDRYP4DHCfYehEF60dyl0d1J5TCpvqVLT0xnSMIR7SKXUu49%2BSwp3sRRxGiBwArwQyGXOTHtb3Za%2BzZ5RDsIYr68ARo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
8459a4c98bc9d9b9-MIA
tag.js
mc.yandex.ru/metrika/ 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 27 Dec 2023 07:32:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"658bd2fc-11627"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71207
expires
Mon, 15 Jan 2024 00:26:24 GMT
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=enj2sjrisy96839kihzpfu33amuck5dy
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.c666fa2e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ef0afce33ad42f4d7862f7b77e351fc37eea648c2d9141d1961f0ef67f736753
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://haijezoa.top
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
sd-554905-en.js
haijezoa.top/js/config/sd/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/config/sd/sd-554905-en.js?v=10
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.c666fa2e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
Origin
https://haijezoa.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyXZtxriN1zl81ciS6LiEGerV2PX5X2m%2BG1ZnkYKpX77slACHb0WYsI7KJHjJ9bWtjTuzR4kxIJdjcMbEcKr78Mzgvse7gmAxI1Xds8j3I1RPD2BoYrO%2Fv1Wa0EQsjk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=1800
cf-ray
8459a4ca28c28df7-MIA
alt-svc
h3=":443"; ma=86400
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/webp
cookie-consent-1.json
haijezoa.top/js/config/dict/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/config/dict/cookie-consent-1.json?v=10
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.c666fa2e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Fri, 12 Jan 2024 13:27:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"65a13e59-1a65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHchzx2Ou%2BhhyPI6mfuEOJL4DkjUCrAzJO%2FUCHwTMyjTBauGqTts5hKFCMniT5mbgez1fCShVB67rmn%2B3bAJpwBheC6kFaHilvZkRYijN7DWt4BfPfALibWvRdvOwMA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
8459a4ca59018df7-MIA
alt-svc
h3=":443"; ma=86400
sync-metrics
dortmark.net/ 		17 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dortmark.net/sync-metrics
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.c666fa2e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
ea94dbe1ea794474f626d654cb5849f9
pragma
no-cache
date
Sun, 14 Jan 2024 23:26:25 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://haijezoa.top
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length
17
expires
Tue, 11 Jan 1994 10:00:00 GMT
sd-554905.js
haijezoa.top/js/config/data/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/config/data/sd-554905.js?v=10
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.c666fa2e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36afa47da0fa561ad04f256f78e46685a8046ec83acaef61b6e6b3b71d48160
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://haijezoa.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Fri, 12 Jan 2024 13:27:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"65a13e29-1671"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDM8ZaCIs0k2NvjvLWzG2Wirwe%2BuqiapegxBeZsB3Fp9qTOaZldaU9OGyT3fi4eor7FuX6cRz6uSVuBwhOpXpQb4yvk%2BpwXqAQ2y5anfq%2BTRj154qnDioTOoyl7jgXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8459a4cbcab88df7-MIA
alt-svc
h3=":443"; ma=86400
sync-metrics
dortmark.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dortmark.net/sync-metrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://haijezoa.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://haijezoa.top
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Sun, 14 Jan 2024 23:26:24 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10248.E7hNv3dJDuRl6FHwWqFUDjg5v5QlSsJF3kYyGaciFB_U9zFhh3h87c_9ms0bgeIl.lvPtj_DZ_qzuPUvk795mx4pCbFQ%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10248.8PO7PFVnOkA0wiGxNajQ_jdzkUn1WVuvI0SHNBBCedTPwrfptDeUwp-8SZOZch8CVXoQQrCdxsD6mUWNprs4QmGa37I8dgEoAXH_4EZjWMlYfCuGr4wXm0fIyTEaYv3pTl8w_nYiSc...
43 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10248.8PO7PFVnOkA0wiGxNajQ_jdzkUn1WVuvI0SHNBBCedTPwrfptDeUwp-8SZOZch8CVXoQQrCdxsD6mUWNprs4QmGa37I8dgEoAXH_4EZjWMlYfCuGr4wXm0fIyTEaYv3pTl8w_nYiScBxk0T1XtdCBsev7JJHCLXumVVVTXHQ_mpWfVpDgpO1uhEytzVw2zI9lbDnsX_iyZogl7OYld3zdlz4uGFIoLZ1IQUy5kUjrhc%2C.xp5VfV4gaFrLd1IuRpHO7OKwJw4%2C
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest&utm_campaign=ft&utm_medium=6591460&utm_source=zd_7526076&utm_term=19240138&utm_content=zd_public_v2
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:25 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10248.8PO7PFVnOkA0wiGxNajQ_jdzkUn1WVuvI0SHNBBCedTPwrfptDeUwp-8SZOZch8CVXoQQrCdxsD6mUWNprs4QmGa37I8dgEoAXH_4EZjWMlYfCuGr4wXm0fIyTEaYv3pTl8w_nYiScBxk0T1XtdCBsev7JJHCLXumVVVTXHQ_mpWfVpDgpO1uhEytzVw2zI9lbDnsX_iyZogl7OYld3zdlz4uGFIoLZ1IQUy5kUjrhc%2C.xp5VfV4gaFrLd1IuRpHO7OKwJw4%2C
date
Sun, 14 Jan 2024 23:26:25 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=770540827081712177&b=19240138&campaignid=7526076&var=ft&ymid=770540827081712177&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest&utm_campaign=ft&utm_medium=6591460&utm_source=zd_7526076&utm_term=19240138&utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 23:26:25 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 25 Dec 2023 13:57:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65898a2e-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 15 Jan 2024 00:26:25 GMT
1
mc.yandex.com/watch/66423859/
Redirect Chain
  • https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D770540827081712177%26b%3D19240138%26campaignid%3D752607...
  • https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D770540827081712177%26b%3D19240138%26campaignid%3D7526...
420 B
583 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D770540827081712177%26b%3D19240138%26campaignid%3D7526076%26var%3Dft%26ymid%3D770540827081712177%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A96292448372%3Ahid%3A135248301%3Az%3A-600%3Ai%3A20240114132625%3Aet%3A1705274785%3Ac%3A1%3Arn%3A540612567%3Arqn%3A1%3Au%3A1705274785555299538%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C71%2C254%2C1%2C797%2C0%2C%2C64%2C1%2C%2C%2C%2C1281%3Aco%3A0%3Acpf%3A1%3Ans%3A1705274783073%3Afp%3A1254%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705274786%3At%3AOnline%20Test%20%24%24%24&t=gdpr%2814%29mc%28g-3%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
bb548427e1fcb21afbe0f04082f102ad8bccf8af9a6ab99c629d038851cd4f9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:26:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 14-Jan-2024 23:26:26 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://haijezoa.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
420
x-xss-protection
1; mode=block
expires
Sun, 14-Jan-2024 23:26:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:26:25 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 14-Jan-2024 23:26:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D770540827081712177%26b%3D19240138%26campaignid%3D7526076%26var%3Dft%26ymid%3D770540827081712177%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A96292448372%3Ahid%3A135248301%3Az%3A-600%3Ai%3A20240114132625%3Aet%3A1705274785%3Ac%3A1%3Arn%3A540612567%3Arqn%3A1%3Au%3A1705274785555299538%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C71%2C254%2C1%2C797%2C0%2C%2C64%2C1%2C%2C%2C%2C1281%3Aco%3A0%3Acpf%3A1%3Ans%3A1705274783073%3Afp%3A1254%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705274786%3At%3AOnline%20Test%20%24%24%24&t=gdpr%2814%29mc%28g-3%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
https://haijezoa.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 14-Jan-2024 23:26:25 GMT
1
mc.yandex.com/watch/66423859/ 		43 B
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonSurveyStart&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D770540827081712177%26b%3D19240138%26campaignid%3D7526076%26var%3Dft%26ymid%3D770540827081712177%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1705274786_0e5a5cfb4d4e6c575053623fea004a4af4b846c73278c34b65a7e5eac1f44b4b&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A96292448372%3Ahid%3A135248301%3Az%3A-600%3Ai%3A20240114132626%3Aet%3A1705274786%3Ac%3A1%3Arn%3A690435394%3Arqn%3A2%3Au%3A1705274785555299538%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2712%2C2712%2C0%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1705274783073%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705274786%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14)mc(g-3)clc(0-0-0)rqnt(2)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22userOfferId%22%3A%22554905%22%2C%22userSurveyId%22%3A%22554905%22%2C%22vertical%22%3A%22sweep%22%2C%22zone%22%3A%226591460%22%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:26:26 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 14-Jan-2024 23:26:26 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://haijezoa.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 14-Jan-2024 23:26:26 GMT
1
mc.yandex.com/watch/66423859/ 		43 B
86 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonGidratorAddUrlParam&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D770540827081712177%26b%3D19240138%26campaignid%3D7526076%26var%3Dft%26ymid%3D770540827081712177%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1705274786_0e5a5cfb4d4e6c575053623fea004a4af4b846c73278c34b65a7e5eac1f44b4b&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A96292448372%3Ahid%3A135248301%3Az%3A-600%3Ai%3A20240114132626%3Aet%3A1705274786%3Ac%3A1%3Arn%3A1044976089%3Arqn%3A3%3Au%3A1705274785555299538%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1705274783073%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705274786%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14%2C14)mc(g-3)clc(0-0-0)rqnt(3)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22isGidratorUnique%22%3Afalse%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:26:26 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 14-Jan-2024 23:26:26 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://haijezoa.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 14-Jan-2024 23:26:26 GMT
1
mc.yandex.com/watch/66423859/ 		43 B
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonLanguageSelect&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D770540827081712177%26b%3D19240138%26campaignid%3D7526076%26var%3Dft%26ymid%3D770540827081712177%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1705274786_0e5a5cfb4d4e6c575053623fea004a4af4b846c73278c34b65a7e5eac1f44b4b&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A96292448372%3Ahid%3A135248301%3Az%3A-600%3Ai%3A20240114132626%3Aet%3A1705274786%3Ac%3A1%3Arn%3A1052278398%3Arqn%3A4%3Au%3A1705274785555299538%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1705274783073%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705274786%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14%2C14%2C14)mc(g-3)clc(0-0-0)rqnt(4)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22languageCode%22%3Anull%2C%22languageSource%22%3A%22old%20config%22%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 23:26:26 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 14-Jan-2024 23:26:26 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://haijezoa.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 14-Jan-2024 23:26:26 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| wtop object| dataLayer function| ym object| global_vars function| createAtr object| realtimeConfig object| webpackChunkwebpack_survey_cdn object| storageService object| urlParams function| doAlert object| $alert object| Ya object| yaCounter66423859

25 Cookies

Domain/Path Name / Value
eekighoo.com/ Name: OAID
Value: 699efed5a80c4bd08f825274990b90f6
eekighoo.com/ Name: oaidts
Value: 1705274783
eekighoo.com/ Name: OXCCLK
Value: 7526076.1
eekighoo.com/ Name: allcnt
Value: 1
my.rtmark.net/ Name: ID
Value: enj2sjrisy96839kihzpfu33amuck5dy
.haijezoa.top/ Name: OAID
Value: enj2sjrisy96839kihzpfu33amuck5dy
.haijezoa.top/ Name: syncedCookie
Value: true
.haijezoa.top/ Name: oaidts
Value: 1705274784
.haijezoa.top/ Name: ID
Value: enj2sjrisy96839kihzpfu33amuck5dy
.yandex.ru/ Name: i
Value: kkM2EELXapPX3523pOfL7lJEOKSeZr+p07T6bf1ROEYX0gYbpmpb+GPFXTTxUyISdY8W/6gS6w9ben0YymHd0k5xqCU=
.yandex.ru/ Name: yandexuid
Value: 2566242591705274784
.haijezoa.top/ Name: _ym_uid
Value: 1705274785555299538
.haijezoa.top/ Name: _ym_d
Value: 1705274785
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2160337132fake
.haijezoa.top/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1064290670fake
.yandex.com/ Name: yandexuid
Value: 2566242591705274784
.yandex.com/ Name: yuidss
Value: 2566242591705274784
.yandex.com/ Name: i
Value: kkM2EELXapPX3523pOfL7lJEOKSeZr+p07T6bf1ROEYX0gYbpmpb+GPFXTTxUyISdY8W/6gS6w9ben0YymHd0k5xqCU=
.yandex.com/ Name: yp
Value: 1705361185.yu.3663277171705274785
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 306059541705274785
.yandex.com/ Name: ymex
Value: 1707866785.oyu.3663277171705274785#1736810785.yrts.1705274785
.yandex.com/ Name: bh
Value: KgI/MA==
.haijezoa.top/ Name: _ym_visorc
Value: b

3 Console Messages

Source Level URL
Text
network error URL: https://evgeniya629.socro-ad.club/58Asv359/captcha/captcha.js?a=c&u=baff9429-c4ac-11ec-aebb-6a766354456e&v=&m=0
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://evgeniya629.socro-ad.club/58Asv359/init.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://haijezoa.top/js/config/sd/sd-554905-en.js?v=10
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

captcha.px-cdn.net
dortmark.net
eekighoo.com
evgeniya629.socro-ad.club
fonts.googleapis.com
fonts.gstatic.com
haijezoa.top
mc.yandex.com
mc.yandex.ru
my.rtmark.net
res.cloudinary.com
socrobotic.store
104.21.54.140
139.45.195.8
139.45.196.64
139.45.197.248
151.101.65.40
2600:141b:1c00:d8b::523
2606:4700:3030::6815:1276
2606:4700:3033::6815:5291
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2003
2a02:6b8::1:119
080868a636dfeaa0cb67e7b5e6a6566aa39261ac2278869a3662c68324f9c174
215914ade870853a19affd6731afb905bdeb0ee3cfe780b0c4473b895bb6031a
2ac2da5daf8bf4064af6e75b7a36011df0e7d61155f64ace94b036da9684bbb5
2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6
30ce6e91e8255eab3139594ce651692e6f13d897265bafa50dbe0a2bf5e9d8d2
44388c8ebb08d2296ca4ac05b0c0097965f80f389acda7b29c8c65781dabde29
4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a43ce185f6ef8b5b74bf511adf8366826c95446b606aa5bb4759a3ea7dfcb15
624a517e2c8d9973d6d11d56a13c45e457e26adb088ee02066cdc65af73b8dff
758015e3cb56989df5cfcf912d2c3861a62e623d386ef12d4bacf15891a4eb81
7954cc268e14a5c78a06a22ec5ad17d885ace8c8513bdae0179beb2b546c01b7
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
84fd54d408c4465524f34448f8172596565dcd5a01e30f766e1b3e58997bdab2
958adae3998fe21f15b941d983be4a8c31a815f159c8c52f13f90bff8b24b33c
a5f17b302ec4f91ede66b8ae2b31b3dea2fd8ac9d32b7052023c9a50e50fc310
aa4afdae78b947b37f2948051af739a8cd0f0fda02ef18a96e16e451dbd717e6
bb548427e1fcb21afbe0f04082f102ad8bccf8af9a6ab99c629d038851cd4f9a
c93254c3b38a544885ef7418366c3895b1a9871669f56ef2c9ac9f1315525b5d
d295875b2dadf2fc125731fcca36f8729509fe436a3af2e71c885db3bc966ac5
d36afa47da0fa561ad04f256f78e46685a8046ec83acaef61b6e6b3b71d48160
d72bd5954d7f907b3789b72ce0d6529e14f98d3a22aec30e16ed387122806ddc
ef0afce33ad42f4d7862f7b77e351fc37eea648c2d9141d1961f0ef67f736753
f478ed77959ea20c09129f7f704ebcf6fb38dc14dc592a4583df39da4af74763
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
f870a6af6e850e5942690b7d536a57b8f9040cc2d95241cfa910d75a4c1972ba