urlscan.io logo urlscan.io
SecurityTrails logo

haijezoa.top Open in urlscan Pro
104.21.54.140  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dima190.socro-ad.club/
Effective URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&...
Submission: On December 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 35 HTTP transactions. The main IP is 104.21.54.140, located in and belongs to CLOUDFLARENET, US. The main domain is haijezoa.top. The Cisco Umbrella rank of the primary domain is 497681.
TLS certificate: Issued by GTS CA 1P5 on October 23rd 2023. Valid for: 3 months.
This is the only time haijezoa.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.1.40 54113 (FASTLY)
1 1 139.45.196.64 9002 (RETN-AS)
18 104.21.54.140 13335 (CLOUDFLAR...)
4 11 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 139.45.195.8 9002 (RETN-AS)
2 139.45.197.248 9002 (RETN-AS)
35 11
2    2606:4700:3035::ac43:b5cd (United States)

ASN13335 (CLOUDFLARENET, US)
dima190.socro-ad.club
1    2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6813:a741 (United States)

ASN13335 (CLOUDFLARENET, US)
res.cloudinary.com
1    2606:4700:3033::6815:5291 (United States)

ASN13335 (CLOUDFLARENET, US)
socrobotic.store
1    2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.1.40 (United States)

ASN54113 (FASTLY, US)
captcha.px-cdn.net
1    139.45.196.64 (United Kingdom)

ASN9002 (RETN-AS, GB)
utowhups.net
18    104.21.54.140 (None, )

ASN13335 (CLOUDFLARENET, US)
haijezoa.top
11    2a02:6b8::1:119 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    139.45.197.248 (United Kingdom)

ASN9002 (RETN-AS, GB)
dortmark.net
Apex Domain
Subdomains		 Transfer
18 haijezoa.top
haijezoa.top — Cisco Umbrella Rank: 497681
182 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8902
3 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4182
71 KB
2 dortmark.net
dortmark.net — Cisco Umbrella Rank: 60713
2 socro-ad.club
dima190.socro-ad.club
3 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331
544 B
1 utowhups.net
utowhups.net — Cisco Umbrella Rank: 428290
841 B
1 px-cdn.net
captcha.px-cdn.net — Cisco Umbrella Rank: 433654
487 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 socrobotic.store
socrobotic.store
3 KB
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2314
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
35 12
Domain Requested by
18 haijezoa.top haijezoa.top
8 mc.yandex.com 3 redirects haijezoa.top
mc.yandex.ru
3 mc.yandex.ru 1 redirects haijezoa.top
2 dortmark.net haijezoa.top
2 dima190.socro-ad.club dima190.socro-ad.club
1 my.rtmark.net haijezoa.top
1 utowhups.net 1 redirects
1 captcha.px-cdn.net dima190.socro-ad.club
1 fonts.gstatic.com fonts.googleapis.com
1 socrobotic.store dima190.socro-ad.club
1 res.cloudinary.com dima190.socro-ad.club
1 fonts.googleapis.com dima190.socro-ad.club
35 12

This site contains links to these domains. Also see Links.

Domain
vuolobnhqb.com
Subject Issuer Validity Valid
socro-ad.club
GTS CA 1P5		 2023-12-02 -
2024-03-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-06-21 -
2024-06-22		 a year crt.sh
socrobotic.store
GTS CA 1P5		 2023-11-05 -
2024-02-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.perimeterx.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-25 -
2024-09-25		 a year crt.sh
haijezoa.top
GTS CA 1P5		 2023-10-23 -
2024-01-21		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
dortmark.net
R3		 2023-09-27 -
2023-12-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Frame ID: 3C130ED82B587450045CB7B957B5CE48
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Test $$$

Page URL History Show full URLs

  1. https://dima190.socro-ad.club/ Page URL
  2. https://utowhups.net/link?z=6591460&var=fb&ymid=2p1dq6iuqqhv HTTP 302
    https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

35
Requests

94 %
HTTPS

55 %
IPv6

12
Domains

12
Subdomains

11
IPs

4
Countries

768 kB
Transfer

1272 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dima190.socro-ad.club/ Page URL
  2. https://utowhups.net/link?z=6591460&var=fb&ymid=2p1dq6iuqqhv HTTP 302
    https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10214.rVyISvWRWqvy4WO8O1w41y3_yRu1NMieAi1zmAMLu40mpmnl_-ud-SFOJRFyfFnG.4H14OA5GkCyG4XJBfnBS4dHJxbM%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10214.tuINrIlayKkEnwDOM4SMxJMNKoWUNmU-1gSqHSoLoDqGqJc5Hyh_sQeSJIn1QPzYyQzZWnWg8i3uX9t6SilujcdukZlQTr3uYpIPtrGCKyKC4ba7ZqBojsxxHfmV7yqdMoTxlnnGm47pw4A0McVQTECpYXkOMMfak9QjfgfzTGj7NvDZvndipSXs0n_4-8Y1-a1hudLsQ7bfuX0pHdmzDDbpEYcb1HBpZ3tBIG9Hkko%2C.Ne-efXiOpxcWLerpz3IE8tpb6QY%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10214.T5ta-qSgJ-kzbh-8Rke2LcoRj1GI5M5rD256TS3257qtE-bz2_6sT4DDjNVcNBB54_Rl33O9t1PjJsOeIJ2dbPo3tKG6xOLlSEae3lBrLLi9hv-atjSBzAzd-ef1iv56MVPTxxR3hs-qsAJbxT86zL5JNdxoCbvf35S0CdHxLXf3QjPICaOEb8OQv785i48oDmCxs-SgvC3VR0trjrCMSA%2C%2C.p8ytrRwySPOISVD_Y0iQpJd7aF0%2C
Request Chain 32
  • https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D757943352965730656%26b%3D19240138%26campaignid%3D7526076%26var%3Dfb%26ymid%3D757943352965730656%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dfb%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A1000%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A770611468961%3Ahid%3A425455972%3Az%3A-600%3Ai%3A20231210190828%3Aet%3A1702271309%3Ac%3A1%3Arn%3A640070599%3Arqn%3A1%3Au%3A1702271309803432431%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C72%2C146%2C1%2C457%2C0%2C%2C295%2C1%2C%2C%2C%2C1069%3Aco%3A0%3Acpf%3A1%3Ans%3A1702271306856%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702271309%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14)mc(g-3)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D757943352965730656%26b%3D19240138%26campaignid%3D7526076%26var%3Dfb%26ymid%3D757943352965730656%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dfb%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A1000%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A770611468961%3Ahid%3A425455972%3Az%3A-600%3Ai%3A20231210190828%3Aet%3A1702271309%3Ac%3A1%3Arn%3A640070599%3Arqn%3A1%3Au%3A1702271309803432431%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C72%2C146%2C1%2C457%2C0%2C%2C295%2C1%2C%2C%2C%2C1069%3Aco%3A0%3Acpf%3A1%3Ans%3A1702271306856%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702271309%3At%3AOnline%20Test%20%24%24%24&t=gdpr%2814%29mc%28g-3%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dima190.socro-ad.club/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dima190.socro-ad.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b5cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3a1e83dcaca786e3db36c98548288bc44d0fde41521c32feb52ab4a1805eeb4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
833b35abde8631ec-MIA
content-encoding
br
content-type
text/html
date
Mon, 11 Dec 2023 05:08:25 GMT
last-modified
Mon, 04 Dec 2023 08:40:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOJ3Vg11f89n%2FbPNz08c6fuSJAJ9y1abu3SHCm8Yr4SX1Qq3MWK%2BIbf5fiVYdaJq1vGqx6nkPnTc8qWz7w4f30VFN3RVcFgmUGpBiBzLDAJJ5%2BEYlWzD%2BAkfffp8S55dAV8PlOSpM%2FlVe7hrY4pe%2FqSg%2B2A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300
Requested by
Host: dima190.socro-ad.club
URL: https://dima190.socro-ad.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f549fbdb513ea89d318f82f49882050300fd313ac0de5c4f4df8f073dc230a0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dima190.socro-ad.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Dec 2023 05:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 04:29:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Dec 2023 05:08:26 GMT
ssense_logo_v2.svg
res.cloudinary.com/ssenseweb/image/upload/v1471963917/web/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/ssenseweb/image/upload/v1471963917/web/ssense_logo_v2.svg
Requested by
Host: dima190.socro-ad.club
URL: https://dima190.socro-ad.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a741 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d72bd5954d7f907b3789b72ce0d6529e14f98d3a22aec30e16ed387122806ddc
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dima190.socro-ad.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=604800
content-disposition
attachment; filename="ssense_logo_v2.svg"
server-timing
cld-cloudflare;dur=15;start=2023-12-11T05:08:26.019Z;desc=hit,rtt;dur=32
content-length
727
last-modified
Fri, 16 Jun 2017 15:59:08 GMT
server
cloudflare
etag
W/"165a98cd78afa862ce95b155ddeef13a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
cf-ray
833b35ae7e4eda73-MIA
timing-allow-origin
*
truncated
/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5f17b302ec4f91ede66b8ae2b31b3dea2fd8ac9d32b7052023c9a50e50fc310

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
text/javascript
fQWb4JtJ
socrobotic.store/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://socrobotic.store/fQWb4JtJ?return=js.client&&se_referrer=&default_keyword=Access%20to%20this%20page%20has%20been%20denied.&landing_url=dima190.socro-ad.club%2F&name=_28g2MYFKwwG32v9P&host=https%3A%2F%2Fsocrobotic.store%2FfQWb4JtJ
Requested by
Host: dima190.socro-ad.club
URL: https://dima190.socro-ad.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5291 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c72cc09ac805257e7b712296106627753a89346fa53fd5fbeb20c1cfc5defb9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dima190.socro-ad.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGbHQlADXXs4LeaSEelgkl7WahY3FPe6TVlNDX8fFt%2Fo0Qqo3WFtpqaykgxQski2mi4suomZnnZDtZ%2FOAMSSOvokzlqJI9hgBh7SxwZPvAi7DtpT%2BGYaho5I%2BqfsuBPn0iZk8nSJlB7o2KUQyVpU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
833b35afba5b4c22-MIA
alt-svc
h3=":443"; ma=86400
expires
Mon, 11 Dec 2023 05:08:26 GMT
captcha.js
dima190.socro-ad.club/58Asv359/captcha/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dima190.socro-ad.club/58Asv359/captcha/captcha.js?a=c&u=baff9429-c4ac-11ec-aebb-6a766354456e&v=&m=0
Requested by
Host: dima190.socro-ad.club
URL: https://dima190.socro-ad.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b5cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dima190.socro-ad.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:26 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGdV6pAOX%2FJNfv6srokclW5h9OHbKIm5k3v9sB7HK7nKMOLsYVkgFV2XPW9MkVeGmQf1Ft%2BBAKyk0dQeYdC5kkkOE%2BJ8JRnokbSGO0dkRSn4Xe%2Fk5biljnaXNTaG%2Fb8%2BALD8ceLniFfT8ehd%2Bp3zATjwq4A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
833b35af2a1a31ec-MIA
alt-svc
h3=":443"; ma=86400
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e88f421b2498fd4ff75eeb6df1d0e8b5e1f038007350ad968d4f258cbe50a02c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dima190.socro-ad.club
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 08:50:13 GMT
x-content-type-options
nosniff
age
418693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18656
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:30:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 08:50:13 GMT
captcha.js
captcha.px-cdn.net/PX58Asv359/ 		487 KB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.px-cdn.net/PX58Asv359/captcha.js?a=c&u=baff9429-c4ac-11ec-aebb-6a766354456e&v=&m=0
Requested by
Host: dima190.socro-ad.club
URL: https://dima190.socro-ad.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.40 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa65f9d96e77c77ab94a4de16a531ce7156e8dd9ab9998babd93e1bded05c31c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dima190.socro-ad.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by
cache-mia-kmia1760078-MIA
date
Mon, 11 Dec 2023 05:08:26 GMT
via
1.1 varnish
age
523
x-timer
S1702271306.499160,VS0,VE1
etag
W/"79a85-qc7uUPuEuipht0xp8n6b/lOPoNc"
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
content-length
498309
x-cache-hits
1
Primary Request sweeps-survey.html
haijezoa.top/
Redirect Chain
  • https://utowhups.net/link?z=6591460&var=fb&ymid=2p1dq6iuqqhv
  • https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=s...
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50864deb552e5ab4279db97c3e617b2d3226c58a64084957b84130ae599b6318
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://dima190.socro-ad.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
833b35b77904b3b6-MIA
content-encoding
br
content-type
text/html
date
Mon, 11 Dec 2023 05:08:27 GMT
last-modified
Fri, 08 Dec 2023 13:17:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2T0GWumcq5KYJtwHFmA1bCEOEDdaR4JQoefq%2BEDHMg876WFalxKUKN%2BykoqQlpm%2F7KcPTXjYwcbTSx3%2Fo%2FJKrrFz47JfcxUgsOkgYWXLOnONxfJN8i146kaAZtAqjg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Mon, 11 Dec 2023 05:08:27 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://haijezoa.top>; rel="dns-prefetch preconnect"
location
https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
x-content-type-options
nosniff
x-trace-id
8696859b3891b28b1b1383770ab199ae
_prefetcher.3614355a.js
haijezoa.top/js/ 		1 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/_prefetcher.3614355a.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05f31d6772c32c0f3eca3da7fffc56de88f99cb11fd022215ee95a80ba6798b7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
967
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:11 GMT
server
cloudflare
etag
W/"65731757-55b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSnOgsIcFxJut8osWHMpYaXhFTYtJGbwVIVdI39tgN6E%2Fk5Yj0je%2Brs56V1K6S0RpYpFxIruP0yuNN6%2BJfRFUSUxa4CCD5bKz5peC7akRvF36VU32DF0S8pmEilppMc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35b9eb67b3b6-MIA
_rtc.e5ad2fb2.js
haijezoa.top/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/_rtc.e5ad2fb2.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c602b670b6359a69967fca6788325db8a163e3ede3f336ccda3dce12322084
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
967
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:11 GMT
server
cloudflare
etag
W/"65731757-2fbe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeLEchaA0jjnd23A%2BELHQoR6pCzMhJa1gaLs%2F1QSrXkc7yD5w48XFAAJaBO8cc0lrDU%2Bl%2BK0y3PpgKhU8l4%2BYztePVgS0%2FdxGP2UNAT8mrw9W9PgXNW6p6eCrP2q7Ig%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35b9eb68b3b6-MIA
v-index.js.62b8985c.js
haijezoa.top/js/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/v-index.js.62b8985c.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e38119c9492e992206e97bb471687419d730221b3265251cbcd31095baa6edb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
967
cf-polished
origSize=40988
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:11 GMT
server
cloudflare
etag
W/"65731757-a01c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24ybO3XoKKCDEDCHk67okwkxYu3Lb46MiWa9xT3t%2BFj2%2BlztCm9UD76X9xttEtZdZCtl%2B2hQ8ha9Vje58JBBjTP%2BIbONBvLYyzKc6uE%2B4DYSdyTQs4L%2BzPn%2FPj626o4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35b9fb86b3b6-MIA
s-storageService.js.3bedbc45.js
haijezoa.top/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/s-storageService.js.3bedbc45.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3895e849fc23fe1662016aca3cc2cbf9ecbce01df27703230317dba50a2f134
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
967
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:11 GMT
server
cloudflare
etag
W/"65731757-87a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipoh624qIvDWRQEMZ82c%2FnlYk10Yj9aPMlznk5jnSNhxWzcHWr2OKNmbg683G5sQYcHBvt%2FKdA66GMx4yegrq53PTwBb7M2RlazAQ5ugYsJKCeyy9SPaW7WSK52Pciw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35b9fb89b3b6-MIA
s-checkSessionStorageAvailable.ts.42cc21e7.js
haijezoa.top/js/ 		330 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/s-checkSessionStorageAvailable.ts.42cc21e7.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b27e5190a829f6c424190da4501688c981156ef5f3711914a653c8a4328ec052
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
967
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:11 GMT
server
cloudflare
etag
W/"65731757-14a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cd4Uhq6yV1AhvK0GlEGChy01863eupL8%2FmKq9Q91xAm4HMRMbYTvcU1DT8Z1gjyRduIty4CJS88Vi2Z3cBh%2BuI4sfdOhC69cjZOsp%2F%2Fq4cenMCLnEpDZuPxVTb09Btk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35b9fb8ab3b6-MIA
s-checkLocalStorageAvailable.ts.127e6df5.js
haijezoa.top/js/ 		330 B
478 B 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/s-checkLocalStorageAvailable.ts.127e6df5.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e369cc05b4723ffdc69a339db6f5a84390c36eac6cee0b257b97a63328c81311
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
967
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:11 GMT
server
cloudflare
etag
W/"65731757-14a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSvi%2Fe8hVMx%2F5mWX4TQGUopPBSlkEa4VaMDYZhQuuY%2BpaNr49uQhpGFVvzjcQv5TY9ahxA7PLE7jZUZod1Fhu243kYTSI3WN42uJInDxNNbMVLHMWjCA4P%2FbnlOqTC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35b9fb8bb3b6-MIA
v-redux-toolkit.esm.js.1cbc70bc.js
haijezoa.top/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/v-redux-toolkit.esm.js.1cbc70bc.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f799eed81096e02f82c2816a45ef960daa43eb7250e56cdf5db69d634cb0fe07
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
967
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:12 GMT
server
cloudflare
etag
W/"65731758-2c37"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8J8afgK0xc6gjE3QkKoj5MM%2FF%2FwZZtYteHO%2FcA7m8kXEgB4LeyQ97crU9khJ8uqWMlXktLJW48Fd%2FGXM0SsF4IfRSZKvwirBkxYl4HR%2BiuT%2B3Y6CK0qjQyyygD4Ssw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35b9fb8cb3b6-MIA
_each-land-config.437c8893.js
haijezoa.top/js/ 		71 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/_each-land-config.437c8893.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0246a6bb91d6510aef18f651842020df99ee6b12c95afa092bc52f9fcc075df0
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
966
cf-polished
origSize=72207
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:11 GMT
server
cloudflare
etag
W/"65731757-11a0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8A8ijZ2reOJ%2By2ukrm64lOAZXJjw4fv7z6Qh1%2FjVQIYDbPkg4%2FQtP10x6ssgweaLQ3UY4qTuks%2BVGsKsH1IHUoTpPTFzP9miDcOCTSH5SGGMmYwRNZLbkQMEDmHkoo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35b9fb8eb3b6-MIA
v-react-dom.production.min.js.9fb1fc03.js
haijezoa.top/js/ 		126 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/v-react-dom.production.min.js.9fb1fc03.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8062ba0667c412693f00c3b7b67fc1176ae7c8c96ab1703e3c8db169aa49e298
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
966
cf-polished
origSize=129359
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:11 GMT
server
cloudflare
etag
W/"65731757-1f94f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNHUnakPdFQ%2FL9We5v1DMxuS7rj3sYHduzepO7Kg62BzCCXQuATML%2FGrTNmgr0EPF5%2Bu4qRZT33HtaOXUa75KLegkxanmMlMoog88LwSdwvqIGrFKERusUOYRXKZh2s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35ba1baab3b6-MIA
_core-survey.37b49ebd.js
haijezoa.top/js/ 		167 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/_core-survey.37b49ebd.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd7c876ae4085f1a05fc309a99b8cc4f405a2e5aa1addee5fe49377e111ada4f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
966
cf-polished
origSize=171375
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:11 GMT
server
cloudflare
etag
W/"65731757-29d6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3%2BLsRIEVMHRaCaPAz%2Fz3onMu3%2FOpK76%2FjonKgEuquF5RA2z284%2FRHw5vebeT17Cogp966I0aCBBNawmTJaJvxCGVGkrMQf3TJEbhn6AeQPfj%2F3sJNL3Ul3tE2A9Cgs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35ba1bacb3b6-MIA
sweeps-survey.9b2f3eb0.js
haijezoa.top/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/sweeps-survey.9b2f3eb0.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a43ce185f6ef8b5b74bf511adf8366826c95446b606aa5bb4759a3ea7dfcb15
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
966
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:12 GMT
server
cloudflare
etag
W/"65731758-1144"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPJGTdlAOlnudvhTeNnZ5EkXaOALRacmiptt3%2FSJPVzjYmWRMCyFbLnevgrDfkoGWBpAyFXzuLEvFAUdaMUkuCJadRsPcU%2B9v1RM%2BtC1n7A1nKx7BOGgOYTa4XBpHW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35ba1badb3b6-MIA
_core-survey.d3ac2ee0.css
haijezoa.top/css/ 		83 B
435 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/css/_core-survey.d3ac2ee0.css
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
967
cf-polished
origSize=84
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:12 GMT
server
cloudflare
etag
W/"65731758-54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irtcelAw1RNmQLF5Jz4ImADp3y9%2FkgbeIJEZN6ws83WYa8ghFS1uU6k7SZFnypWQAJA2zOWRT8ouLzAplyCbSxetPBI9n1rO%2Fo8caan3LIVpc5hQcSlGH%2Bg9dUXDFHY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
833b35b9eb69b3b6-MIA
sweeps-survey.7b4a1a62.css
haijezoa.top/css/ 		82 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/css/sweeps-survey.7b4a1a62.css
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ace3b405525121a2044403530a229edec43e44cf8b2e3e5f66ce0fba28fe81e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
967
cf-polished
origSize=84090
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:13 GMT
server
cloudflare
etag
W/"65731759-1487a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrptZUoSVDElDlcwqa4Wbz0tui%2Bp2CKTnxTCJQF9DrrebUnH4Kin5hc6ofaRTRA%2B3E7JuQe1zbl1clMI9IOVGOibpsvDpg0kwKgTwM7Ve6jQoZH8k9saAQK5trnwYvs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
833b35b9eb6ab3b6-MIA
tag.js
mc.yandex.ru/metrika/ 		200 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
579ff09d0cfe834581eb571dc5c49e854639c28af3c199857914d7cea9ba732b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 08 Dec 2023 08:26:31 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6572d337-1139b"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70555
expires
Mon, 11 Dec 2023 06:08:28 GMT
prefetcher.js
haijezoa.top/scripts/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/scripts/prefetcher.js
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/js/_prefetcher.3614355a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a444e5e431c2189cbf352c01d0b08dd505fe7fffa99dc0b12b4dbd0791fe564f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
966
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 13:17:12 GMT
server
cloudflare
etag
W/"65731758-2a09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkQuj6ABcMokssbiDam5X8WtvbVSt%2BF0nTahZUePCvgIUA2d816fFa5SPirz51u4bWoewCMyVQ5yAo6PLAnE3RnyFlv79JmrzGxW0F1cNy%2BpFjFWTt%2FqgZfaFwSv4%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35ba2bbbb3b6-MIA
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=3ertqbpxq3zg7zfuz3zssigxfneajrjk
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.437c8893.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
cca91e49f38877c518a38fd2aefb9b9f0113b2809b94a8f52c8ae3821786d960
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://haijezoa.top
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
sd-554905-en.js
haijezoa.top/js/config/sd/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/config/sd/sd-554905-en.js?v=10
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.437c8893.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
Origin
https://haijezoa.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:28 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cHHpcb7I42PlUK%2FRJuqJIAVIytpritITh6Y5GiXMgF2Esj6mOazOuNI2lEjH3yrMqxVAVneaWFuA7stlapY6SgKaKhOTGIGhVvGLyPOuAL1gQ5g3wYJhTnvkYynDxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=1800
cf-ray
833b35ba6e007436-MIA
alt-svc
h3=":443"; ma=86400
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/webp
cookie-consent-1.json
haijezoa.top/js/config/dict/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/config/dict/cookie-consent-1.json?v=10
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.437c8893.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Fri, 08 Dec 2023 13:17:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"65731757-1a65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3MtdNZEUUNdi3Dwj%2F0D8VKtc8Gct2RYQFNoSaolCj9heQkT0WTiNBpIK%2F9XcH6SqrliwUfY9bT4k9A2AJmrrRpfa4hYYihn9tLeBItRj%2FXMFMOmMwOl6LsZ9uw4H7g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
833b35baae567436-MIA
alt-svc
h3=":443"; ma=86400
sync-metrics
dortmark.net/ 		17 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dortmark.net/sync-metrics
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.437c8893.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
854ebddf226ee5562e19302bbc0cd29f
pragma
no-cache
date
Mon, 11 Dec 2023 05:08:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://haijezoa.top
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length
17
expires
Tue, 11 Jan 1994 10:00:00 GMT
sync-metrics
dortmark.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dortmark.net/sync-metrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://haijezoa.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://haijezoa.top
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Mon, 11 Dec 2023 05:08:28 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
sd-554905.js
haijezoa.top/js/config/data/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haijezoa.top/js/config/data/sd-554905.js?v=10
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.437c8893.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36afa47da0fa561ad04f256f78e46685a8046ec83acaef61b6e6b3b71d48160
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://haijezoa.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Fri, 08 Dec 2023 13:16:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"65731724-1671"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZkCVWLysL4eoEM5iueveGGaldr9lWEVrV9IBqYz0kIlvq4MSiBx6L2gIcL43qKt3evj1q6MgJ0EmNNYnxPBDZAWgerI6Vsgi5AKUehO%2BJilqUwx2pA%2BEl4sqWrwPFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
833b35bc081c7436-MIA
alt-svc
h3=":443"; ma=86400
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10214.rVyISvWRWqvy4WO8O1w41y3_yRu1NMieAi1zmAMLu40mpmnl_-ud-SFOJRFyfFnG.4H14OA5GkCyG4XJBfnBS4dHJxbM%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10214.tuINrIlayKkEnwDOM4SMxJMNKoWUNmU-1gSqHSoLoDqGqJc5Hyh_sQeSJIn1QPzYyQzZWnWg8i3uX9t6SilujcdukZlQTr3uYpIPtrGCKyKC4ba7ZqBojsxxHfmV7yqdMoTxlnnGm4...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10214.T5ta-qSgJ-kzbh-8Rke2LcoRj1GI5M5rD256TS3257qtE-bz2_6sT4DDjNVcNBB54_Rl33O9t1PjJsOeIJ2dbPo3tKG6xOLlSEae3lBrLLi9h...
43 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10214.T5ta-qSgJ-kzbh-8Rke2LcoRj1GI5M5rD256TS3257qtE-bz2_6sT4DDjNVcNBB54_Rl33O9t1PjJsOeIJ2dbPo3tKG6xOLlSEae3lBrLLi9hv-atjSBzAzd-ef1iv56MVPTxxR3hs-qsAJbxT86zL5JNdxoCbvf35S0CdHxLXf3QjPICaOEb8OQv785i48oDmCxs-SgvC3VR0trjrCMSA%2C%2C.p8ytrRwySPOISVD_Y0iQpJd7aF0%2C
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest&utm_campaign=fb&utm_medium=6591460&utm_source=zd_7526076&utm_term=19240138&utm_content=zd_public_v2
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:29 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10214.T5ta-qSgJ-kzbh-8Rke2LcoRj1GI5M5rD256TS3257qtE-bz2_6sT4DDjNVcNBB54_Rl33O9t1PjJsOeIJ2dbPo3tKG6xOLlSEae3lBrLLi9hv-atjSBzAzd-ef1iv56MVPTxxR3hs-qsAJbxT86zL5JNdxoCbvf35S0CdHxLXf3QjPICaOEb8OQv785i48oDmCxs-SgvC3VR0trjrCMSA%2C%2C.p8ytrRwySPOISVD_Y0iQpJd7aF0%2C
date
Mon, 11 Dec 2023 05:08:29 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=554905&z=6591460&s=757943352965730656&b=19240138&campaignid=7526076&var=fb&ymid=757943352965730656&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest&utm_campaign=fb&utm_medium=6591460&utm_source=zd_7526076&utm_term=19240138&utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:08:28 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 08 Dec 2023 08:26:31 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6572d337-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 11 Dec 2023 06:08:28 GMT
1
mc.yandex.com/watch/66423859/
Redirect Chain
  • https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D757943352965730656%26b%3D19240138%26campaignid%3D752607...
  • https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D757943352965730656%26b%3D19240138%26campaignid%3D7526...
420 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D757943352965730656%26b%3D19240138%26campaignid%3D7526076%26var%3Dfb%26ymid%3D757943352965730656%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dfb%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A1000%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A770611468961%3Ahid%3A425455972%3Az%3A-600%3Ai%3A20231210190828%3Aet%3A1702271309%3Ac%3A1%3Arn%3A640070599%3Arqn%3A1%3Au%3A1702271309803432431%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C72%2C146%2C1%2C457%2C0%2C%2C295%2C1%2C%2C%2C%2C1069%3Aco%3A0%3Acpf%3A1%3Ans%3A1702271306856%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702271309%3At%3AOnline%20Test%20%24%24%24&t=gdpr%2814%29mc%28g-3%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
dcffbfb694b3499c3cce885c16f4e3029486bdf282cdb31a69bafb4ff05bac71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 05:08:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 11-Dec-2023 05:08:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://haijezoa.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
420
x-xss-protection
1; mode=block
expires
Mon, 11-Dec-2023 05:08:29 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Dec 2023 05:08:29 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 11-Dec-2023 05:08:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D757943352965730656%26b%3D19240138%26campaignid%3D7526076%26var%3Dfb%26ymid%3D757943352965730656%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dfb%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A1000%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A770611468961%3Ahid%3A425455972%3Az%3A-600%3Ai%3A20231210190828%3Aet%3A1702271309%3Ac%3A1%3Arn%3A640070599%3Arqn%3A1%3Au%3A1702271309803432431%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C72%2C146%2C1%2C457%2C0%2C%2C295%2C1%2C%2C%2C%2C1069%3Aco%3A0%3Acpf%3A1%3Ans%3A1702271306856%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702271309%3At%3AOnline%20Test%20%24%24%24&t=gdpr%2814%29mc%28g-3%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://haijezoa.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 11-Dec-2023 05:08:29 GMT
1
mc.yandex.com/watch/66423859/ 		43 B
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonSurveyStart&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D757943352965730656%26b%3D19240138%26campaignid%3D7526076%26var%3Dfb%26ymid%3D757943352965730656%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dfb%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1702271309_da8626d7c4bc32b2ced5887b930f2fd7806e727738d2ead2234c555e101f5963&browser-info=ar%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A1%3Als%3A770611468961%3Ahid%3A425455972%3Az%3A-600%3Ai%3A20231210190829%3Aet%3A1702271310%3Ac%3A1%3Arn%3A78898678%3Arqn%3A2%3Au%3A1702271309803432431%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2641%2C2641%2C0%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1702271306856%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702271310%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14)mc(g-3)clc(0-0-0)rqnt(2)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22userOfferId%22%3A%22554905%22%2C%22userSurveyId%22%3A%22554905%22%2C%22vertical%22%3A%22sweep%22%2C%22zone%22%3A%226591460%22%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 05:08:29 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 11-Dec-2023 05:08:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://haijezoa.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 11-Dec-2023 05:08:29 GMT
1
mc.yandex.com/watch/66423859/ 		43 B
86 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonGidratorAddUrlParam&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D757943352965730656%26b%3D19240138%26campaignid%3D7526076%26var%3Dfb%26ymid%3D757943352965730656%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dfb%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1702271309_da8626d7c4bc32b2ced5887b930f2fd7806e727738d2ead2234c555e101f5963&browser-info=ar%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A1%3Als%3A770611468961%3Ahid%3A425455972%3Az%3A-600%3Ai%3A20231210190829%3Aet%3A1702271310%3Ac%3A1%3Arn%3A749286582%3Arqn%3A3%3Au%3A1702271309803432431%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1702271306856%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702271310%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14%2C14)mc(g-3)clc(0-0-0)rqnt(3)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22isGidratorUnique%22%3Afalse%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 05:08:29 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 11-Dec-2023 05:08:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://haijezoa.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 11-Dec-2023 05:08:29 GMT
1
mc.yandex.com/watch/66423859/ 		43 B
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonLanguageSelect&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D554905%26z%3D6591460%26s%3D757943352965730656%26b%3D19240138%26campaignid%3D7526076%26var%3Dfb%26ymid%3D757943352965730656%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dfb%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240138%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1702271309_da8626d7c4bc32b2ced5887b930f2fd7806e727738d2ead2234c555e101f5963&browser-info=ar%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A1%3Als%3A770611468961%3Ahid%3A425455972%3Az%3A-600%3Ai%3A20231210190829%3Aet%3A1702271310%3Ac%3A1%3Arn%3A133752225%3Arqn%3A4%3Au%3A1702271309803432431%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1702271306856%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702271310%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14%2C14%2C14)mc(g-3)clc(0-0-0)rqnt(4)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22languageCode%22%3Anull%2C%22languageSource%22%3A%22old%20config%22%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 05:08:29 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 11-Dec-2023 05:08:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://haijezoa.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 11-Dec-2023 05:08:29 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| wtop object| dataLayer function| ym object| global_vars function| createAtr object| realtimeConfig object| webpackChunkwebpack_survey_cdn object| storageService object| urlParams function| Prefetcher function| doAlert object| $alert object| Ya object| yaCounter66423859

27 Cookies

Domain/Path Name / Value
utowhups.net/ Name: OAID
Value: 1d2db48667664738afe1bb408224974a
utowhups.net/ Name: oaidts
Value: 1702271307
utowhups.net/ Name: OXCCLK
Value: 7526076.1
utowhups.net/ Name: allcnt
Value: 1
my.rtmark.net/ Name: ID
Value: 3ertqbpxq3zg7zfuz3zssigxfneajrjk
.haijezoa.top/ Name: OAID
Value: 3ertqbpxq3zg7zfuz3zssigxfneajrjk
.haijezoa.top/ Name: syncedCookie
Value: true
.haijezoa.top/ Name: oaidts
Value: 1702271308
.haijezoa.top/ Name: ID
Value: 3ertqbpxq3zg7zfuz3zssigxfneajrjk
.haijezoa.top/ Name: _ym_uid
Value: 1702271309803432431
.haijezoa.top/ Name: _ym_d
Value: 1702271309
.yandex.com/ Name: i
Value: qae8K6kYmUrNRf7IiO6JfJiy44DhuGgndvXL9BMbBZRvvadoTw80TBwOjHhKlHx4EzOjSdmeAqulfM9c9HXx1u6Mq1M=
.yandex.com/ Name: yandexuid
Value: 3122316231702271308
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2898911369fake
.haijezoa.top/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 270763331fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 3122316231702271308
.yandex.ru/ Name: yuidss
Value: 3122316231702271308
.yandex.ru/ Name: i
Value: qae8K6kYmUrNRf7IiO6JfJiy44DhuGgndvXL9BMbBZRvvadoTw80TBwOjHhKlHx4EzOjSdmeAqulfM9c9HXx1u6Mq1M=
.yandex.ru/ Name: yp
Value: 1702357709.yu.7004647141702271308
.yandex.ru/ Name: ymex
Value: 1704863309.oyu.7004647141702271308
mc.yandex.com/ Name: yabs-sid
Value: 1720593671702271309
.yandex.com/ Name: yuidss
Value: 3122316231702271308
.yandex.com/ Name: ymex
Value: 1733807309.yrts.1702271309
.yandex.com/ Name: bh
Value: KgI/MA==
.haijezoa.top/ Name: _ym_visorc
Value: b

2 Console Messages

Source Level URL
Text
network error URL: https://dima190.socro-ad.club/58Asv359/captcha/captcha.js?a=c&u=baff9429-c4ac-11ec-aebb-6a766354456e&v=&m=0
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://haijezoa.top/js/config/sd/sd-554905-en.js?v=10
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

captcha.px-cdn.net
dima190.socro-ad.club
dortmark.net
fonts.googleapis.com
fonts.gstatic.com
haijezoa.top
mc.yandex.com
mc.yandex.ru
my.rtmark.net
res.cloudinary.com
socrobotic.store
utowhups.net
104.21.54.140
139.45.195.8
139.45.196.64
139.45.197.248
151.101.1.40
2606:4700:3033::6815:5291
2606:4700:3035::ac43:b5cd
2606:4700::6813:a741
2607:f8b0:4006:81e::2003
2607:f8b0:4006:823::200a
2a02:6b8::1:119
0246a6bb91d6510aef18f651842020df99ee6b12c95afa092bc52f9fcc075df0
05f31d6772c32c0f3eca3da7fffc56de88f99cb11fd022215ee95a80ba6798b7
15c602b670b6359a69967fca6788325db8a163e3ede3f336ccda3dce12322084
2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6
3e38119c9492e992206e97bb471687419d730221b3265251cbcd31095baa6edb
4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
50864deb552e5ab4279db97c3e617b2d3226c58a64084957b84130ae599b6318
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579ff09d0cfe834581eb571dc5c49e854639c28af3c199857914d7cea9ba732b
5a43ce185f6ef8b5b74bf511adf8366826c95446b606aa5bb4759a3ea7dfcb15
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
8062ba0667c412693f00c3b7b67fc1176ae7c8c96ab1703e3c8db169aa49e298
8ace3b405525121a2044403530a229edec43e44cf8b2e3e5f66ce0fba28fe81e
8c72cc09ac805257e7b712296106627753a89346fa53fd5fbeb20c1cfc5defb9
a3a1e83dcaca786e3db36c98548288bc44d0fde41521c32feb52ab4a1805eeb4
a444e5e431c2189cbf352c01d0b08dd505fe7fffa99dc0b12b4dbd0791fe564f
a5f17b302ec4f91ede66b8ae2b31b3dea2fd8ac9d32b7052023c9a50e50fc310
aa65f9d96e77c77ab94a4de16a531ce7156e8dd9ab9998babd93e1bded05c31c
b27e5190a829f6c424190da4501688c981156ef5f3711914a653c8a4328ec052
bd7c876ae4085f1a05fc309a99b8cc4f405a2e5aa1addee5fe49377e111ada4f
cca91e49f38877c518a38fd2aefb9b9f0113b2809b94a8f52c8ae3821786d960
d36afa47da0fa561ad04f256f78e46685a8046ec83acaef61b6e6b3b71d48160
d3895e849fc23fe1662016aca3cc2cbf9ecbce01df27703230317dba50a2f134
d72bd5954d7f907b3789b72ce0d6529e14f98d3a22aec30e16ed387122806ddc
dcffbfb694b3499c3cce885c16f4e3029486bdf282cdb31a69bafb4ff05bac71
e369cc05b4723ffdc69a339db6f5a84390c36eac6cee0b257b97a63328c81311
e88f421b2498fd4ff75eeb6df1d0e8b5e1f038007350ad968d4f258cbe50a02c
f549fbdb513ea89d318f82f49882050300fd313ac0de5c4f4df8f073dc230a0d
f799eed81096e02f82c2816a45ef960daa43eb7250e56cdf5db69d634cb0fe07