haijezoa.top Open in urlscan Pro
104.21.54.140 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://masha428.socro-ad.club/
Effective URL:
https://haijezoa.top/sweeps-survey.html?offer_id=5549&z=6591460&s=774492385553166375&b=19240139&campaignid=7526076&va...
Submission: On January 25 via api (January 25th 2024, 9:08:26 pm UTC) from US — Scanned from US

Summary HTTP 91 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 16 domains to perform 91 HTTP transactions. The main IP is 104.21.54.140, located in and belongs to CLOUDFLARENET, US. The main domain is haijezoa.top.
TLS certificate: Issued by GTS CA 1P5 on December 21st 2023. Valid for: 3 months.

This is the only time haijezoa.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3030::6815:1276	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:a641	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:5291	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
1	151.101.65.40 151.101.65.40	54113 (FASTLY) (FASTLY)
1 1	139.45.196.64 139.45.196.64	9002 (RETN-AS) (RETN-AS)
52	104.21.54.140 104.21.54.140	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 16	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
10	139.45.197.248 139.45.197.248	9002 (RETN-AS) (RETN-AS)
1	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
2	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
1	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
91	16

3 2606:4700:3030::6815:1276 (United States)

ASN13335 (CLOUDFLARENET, US)

masha428.socro-ad.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:a641 (United States)

ASN13335 (CLOUDFLARENET, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5291 (United States)

ASN13335 (CLOUDFLARENET, US)

socrobotic.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.40 (United States)

ASN54113 (FASTLY, US)

captcha.px-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.64 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

eekighoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 104.21.54.140 (None, )

ASN13335 (CLOUDFLARENET, US)

haijezoa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:6b8::1:119 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.197.248 (United Kingdom)

ASN9002 (RETN-AS, GB)

dortmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

datatechonert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

laugoust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

offpichuan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	haijezoa.top haijezoa.top	359 KB
14	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	4 KB
10	dortmark.net dortmark.net — Cisco Umbrella Rank: 66666	655 B
3	socro-ad.club masha428.socro-ad.club	3 KB
2	laugoust.com laugoust.com — Cisco Umbrella Rank: 67028	693 B
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11663	1 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982	71 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	212 KB
1	offpichuan.com offpichuan.com — Cisco Umbrella Rank: 66068	1 KB
1	datatechonert.com datatechonert.com — Cisco Umbrella Rank: 28565	482 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	eekighoo.com 1 redirects eekighoo.com — Cisco Umbrella Rank: 289427	840 B
1	px-cdn.net captcha.px-cdn.net — Cisco Umbrella Rank: 514968	499 KB
1	socrobotic.store socrobotic.store	3 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2467	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
91	16

	Domain	Requested by
52	haijezoa.top	haijezoa.top
14	mc.yandex.com	2 redirects haijezoa.top mc.yandex.ru
10	dortmark.net	haijezoa.top
3	masha428.socro-ad.club	masha428.socro-ad.club captcha.px-cdn.net
2	laugoust.com	haijezoa.top
2	my.rtmark.net	haijezoa.top
2	mc.yandex.ru	1 redirects haijezoa.top
1	offpichuan.com	haijezoa.top
1	www.gstatic.com	www.google.com
1	datatechonert.com	haijezoa.top
1	www.google.com	haijezoa.top
1	eekighoo.com	1 redirects
1	captcha.px-cdn.net	masha428.socro-ad.club
1	fonts.gstatic.com	fonts.googleapis.com
1	socrobotic.store	masha428.socro-ad.club
1	res.cloudinary.com	masha428.socro-ad.club
1	fonts.googleapis.com	masha428.socro-ad.club
91	17

This site contains links to these domains. Also see Links.

Domain
vuolobnhqb.com

Subject Issuer	Validity	Valid
socro-ad.club GTS CA 1P5	`2023-12-02` - `2024-03-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-14` - `2024-06-22`	6 months	crt.sh
socrobotic.store GTS CA 1P5	`2024-01-03` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.perimeterx.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-25` - `2024-09-25`	a year	crt.sh
haijezoa.top GTS CA 1P5	`2023-12-21` - `2024-03-20`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
dortmark.net R3	`2023-12-26` - `2024-03-25`	3 months	crt.sh
datatechonert.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
laugoust.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
offpichuan.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://haijezoa.top/sweeps-survey.html?offer_id=5549&z=6591460&s=774492385553166375&b=19240139&campaignid=7526076&var=ft&ymid=774492385553166375&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
Frame ID: 2ADE647C6187F0A966EB8684FDDB4EA6
Requests: 88 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Test $$$

Page URL History Show full URLs

https://masha428.socro-ad.club/ Page URL
https://eekighoo.com/link?z=6591460&var=ft&ymid=10to3g61c6go0 HTTP 302
https://haijezoa.top/sweeps-survey.html?offer_id=5549&z=6591460&s=774492385553166375&b=19240139&c... Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

91
Requests

98 %
HTTPS

50 %
IPv6

16
Domains

17
Subdomains

16
IPs

5
Countries

1157 kB
Transfer

2039 kB
Size

25
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vuolobnhqb.com/4180207/?var=6591460&ymid=ft

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://masha428.socro-ad.club/ Page URL
https://eekighoo.com/link?z=6591460&var=ft&ymid=10to3g61c6go0 HTTP 302
https://haijezoa.top/sweeps-survey.html?offer_id=5549&z=6591460&s=774492385553166375&b=19240139&campaignid=7526076&var=ft&ymid=774492385553166375&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10259.Ea2QUpWDIRgj8hy7hlHSgFgHoxCM6GSb9OZsFYA1wNnQYCU9PkMg7_SGEtm_fEtT.JHUm99psGNQaoLxteELjv7WdbEc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10259._p2ZLZIXoMAXdSiGuONRvWWvS2MjwJA48RSDFd1cvd3nRvhMOyQ2zyykiOq0WEWv77DraO1Y40a4b0GAHRQekcmKF29ZaDXKpGbWrud5BSpvlzfN647HD8R1XDCuYLuj1tkruvJvMVjNMrbmY1EKAkE4d6arWuIkdr1lBCphjqBMqfLL6I3rPs2wpJSDgZrz2CaDw2RnoueIEKmcKqaYcEZTx-_XbxjZWYzf6_87dKc%2C.38viFGPE1E4RYhQdMIIF-f0OHBg%2C

Request Chain 80

https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110823%3Aet%3A1706216903%3Ac%3A1%3Arn%3A896313514%3Arqn%3A1%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C45%2C210%2C1%2C593%2C0%2C%2C45%2C1%2C%2C%2C%2C1127%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Afp%3A935%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110823%3Aet%3A1706216903%3Ac%3A1%3Arn%3A896313514%3Arqn%3A1%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C45%2C210%2C1%2C593%2C0%2C%2C45%2C1%2C%2C%2C%2C1127%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Afp%3A935%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr%2814%29mc%28g-8%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

91 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
masha428.socro-ad.club/ 7 KB
3 KB 469ms
272ms Document
text/html 2606:4700:3030::6815:1276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://masha428.socro-ad.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f478ed77959ea20c09129f7f704ebcf6fb38dc14dc592a4583df39da4af74763

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84b37da98e0e4bbb-BUF
content-encoding: br
content-type: text/html
date: Thu, 25 Jan 2024 21:08:20 GMT
last-modified: Fri, 15 Dec 2023 11:16:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSVhbgFilJxPb%2BcxnFQ8ihpxz5Y9vgPyS6X6ug00OwCZetWSvexKegsCaUdDlZ8eyqIpB8TlCTgt%2FIzy7PFCc6mPp%2B1Ag4PJJqTILMoSCerXF3U9pw0G2WaPkkQNCajYZjZ1RgpE6SbSOZBhU4QsZdjU8e68"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 103ms
38ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300

Requested by

Host: masha428.socro-ad.club
URL: https://masha428.socro-ad.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c93254c3b38a544885ef7418366c3895b1a9871669f56ef2c9ac9f1315525b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://masha428.socro-ad.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 21:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 20:40:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jan 2024 21:08:20 GMT

GET
H2 200 ssense_logo_v2.svg
res.cloudinary.com/ssenseweb/image/upload/v1471963917/web/ 2 KB
1 KB 112ms
48ms Image
image/svg+xml 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/ssenseweb/image/upload/v1471963917/web/ssense_logo_v2.svg

Requested by

Host: masha428.socro-ad.club
URL: https://masha428.socro-ad.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d72bd5954d7f907b3789b72ce0d6529e14f98d3a22aec30e16ed387122806ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://masha428.socro-ad.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=604800
content-disposition: attachment; filename="ssense_logo_v2.svg"
server-timing: cld-cloudflare;dur=12;start=2024-01-25T21:08:20.463Z;desc=hit,rtt;dur=28
content-length: 727
last-modified: Fri, 16 Jun 2017 15:59:08 GMT
server: cloudflare
etag: W/"165a98cd78afa862ce95b155ddeef13a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
cf-ray: 84b37dabdc214bcf-BUF
timing-allow-origin: *

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5f17b302ec4f91ede66b8ae2b31b3dea2fd8ac9d32b7052023c9a50e50fc310

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 fQWb4JtJ
socrobotic.store/ 4 KB
3 KB 870ms
782ms Script
application/javascript 2606:4700:3033::6815:5291
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://socrobotic.store/fQWb4JtJ?return=js.client&&se_referrer=&default_keyword=Access%20to%20this%20page%20has%20been%20denied.&landing_url=masha428.socro-ad.club%2F&name=_28g2MYFKwwG32v9P&host=https%3A%2F%2Fsocrobotic.store%2FfQWb4JtJ
Requested by: Host: masha428.socro-ad.club
URL: https://masha428.socro-ad.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5291 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://masha428.socro-ad.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XX%2BG6TIG4OFDB5d4yJqi97QhV01VKq78G18lY8UATbaHGM74Mrgw0BrrJCsWT9QIiyVx1tWl%2B1bKl5SmKz%2BoYmOvEifpelbBmYeUlklYdGIfhxn0gWoDw9V3Tk7binnQYD%2BgTlW8m4UWarGzNrDA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 84b37dacac7f4bcf-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 21:08:21 GMT

GET
H2 404 captcha.js
masha428.socro-ad.club/58Asv359/captcha/ 0
0 241ms
241ms Script
text/html 2606:4700:3030::6815:1276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://masha428.socro-ad.club/58Asv359/captcha/captcha.js?a=c&u=baff9429-c4ac-11ec-aebb-6a766354456e&v=&m=0
Requested by: Host: masha428.socro-ad.club
URL: https://masha428.socro-ad.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://masha428.socro-ad.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:20 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5OzDLpp2ih4J04WwObm7cRdBIz08Z523KfLOYx%2BWTnu8yt8vLwkYIyHudJzZSZ70k63PxUWkPO8oPj4VOfbhpgOznuPVKxoKzw07WGNuRofsUEem1A3Uxr1zKnXUuNwyNhrzOWsomtIGQF0YU7VA%2BqbLSFl"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 84b37dac2fcf4bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
19 KB 97ms
31ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

758015e3cb56989df5cfcf912d2c3861a62e623d386ef12d4bacf15891a4eb81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://masha428.socro-ad.club
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:49:07 GMT
x-content-type-options: nosniff
age: 11953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18704
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:49:07 GMT

GET
H2 200 captcha.js Show response
captcha.px-cdn.net/PX58Asv359/ 499 KB
499 KB 100ms
20ms Script
application/javascript 151.101.65.40
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.px-cdn.net/PX58Asv359/captcha.js?a=c&u=baff9429-c4ac-11ec-aebb-6a766354456e&v=&m=0
Requested by: Host: masha428.socro-ad.club
URL: https://masha428.socro-ad.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.40 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 080868a636dfeaa0cb67e7b5e6a6566aa39261ac2278869a3662c68324f9c174

Request headers

accept-language: en-US,en;q=0.9
Referer: https://masha428.socro-ad.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-yyz4537-YYZ
date: Thu, 25 Jan 2024 21:08:20 GMT
via: 1.1 varnish
age: 464
x-timer: S1706216901.824440,VS0,VE1
etag: W/"7caff-uzSh8al8HGzxgyls0UKjOH1X40o"
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 510719
x-cache-hits: 1

GET
H3 404 init.js
masha428.socro-ad.club/58Asv359/ 0
0 241ms
241ms Script
text/html 2606:4700:3030::6815:1276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://masha428.socro-ad.club/58Asv359/init.js
Requested by: Host: captcha.px-cdn.net
URL: https://captcha.px-cdn.net/PX58Asv359/captcha.js?a=c&u=baff9429-c4ac-11ec-aebb-6a766354456e&v=&m=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://masha428.socro-ad.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:21 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHp4pQnC%2BM6CFXkBa9Qn28iKFWIbSQVLoawsq6CFsojctbuSrXpY5kNfNpmguIMruNEtUxC4QEPkyvhAwOePvHtVxy7dY5yYJfpCQggA1xRchEliDhJVpyqZvqQ6i1V%2FaqCMH2OU%2B17nXVIZewHpZ4s07eFa"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 84b37db139a56aee-BUF
alt-svc: h3=":443"; ma=86400

GET
H2

200

Primary Request sweeps-survey.html Show response
haijezoa.top/
Redirect Chain

https://eekighoo.com/link?z=6591460&var=ft&ymid=10to3g61c6go0
https://haijezoa.top/sweeps-survey.html?offer_id=5549&z=6591460&s=774492385553166375&b=19240139&campaignid=7526076&var=ft&ymid=774492385553166375&var_3={var_3}&geo=US&testinapp=5051875&comments=swe...

8 KB
4 KB

275ms
210ms

Document
text/html

104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/sweeps-survey.html?offer_id=5549&z=6591460&s=774492385553166375&b=19240139&campaignid=7526076&var=ft&ymid=774492385553166375&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6f31b7251d47a0c6ca8ec26b21d727e44cc654090446e613c30baa340d60d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://masha428.socro-ad.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84b37db6ddd839dd-YYZ
content-encoding: br
content-type: text/html
date: Thu, 25 Jan 2024 21:08:22 GMT
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIhqnSAp1QLKUmay0IaKXfl5LDnYmfd0OseZIIIzFbNHsW3XzLuahtuWmVZ2FClfjE5bWPET0mlvYc1QwQkRyKhz%2Fy8pc5STWTLSwx4OESwQnx3SeTMXanmjPAqKcmY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Thu, 25 Jan 2024 21:08:22 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://haijezoa.top>; rel="dns-prefetch preconnect"
location: https://haijezoa.top/sweeps-survey.html?offer_id=5549&z=6591460&s=774492385553166375&b=19240139&campaignid=7526076&var=ft&ymid=774492385553166375&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
x-content-type-options: nosniff
x-trace-id: b0229b0fbca406bf5868208ad35e3ff3

GET
H2 200 _rtc.ba109c41.js Show response
haijezoa.top/js/ 12 KB
5 KB 37ms
33ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/_rtc.ba109c41.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/sweeps-survey.html?offer_id=5549&z=6591460&s=774492385553166375&b=19240139&campaignid=7526076&var=ft&ymid=774492385553166375&var_3={var_3}&geo=US&testinapp=5051875&comments=sweepTest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9769e21e099e405b98d4a099180378b7c75bb9f73d73d328b46aaa78eb1d3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-2fbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDmNkcX60hah9ut2ZYL9XNNwJDo%2BhQafAmc0aJDTBbb6xkEOdpEsjF6nw5KGU6FkYUrDcU%2Bit5qRL5Wh4xXmSzOYw4XVkq1qX9L1aW%2Faqr5J53Ms8XMcOpJBwfvodFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db8388739dd-YYZ

GET
H2 200 v-index.js.cd4e281e.js Show response
haijezoa.top/js/ 40 KB
14 KB 39ms
37ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/v-index.js.cd4e281e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

476692954f918675b13128f6bdfdec5f0a3e6a1934ca6518d3245c09875e4b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
cf-polished: origSize=40988
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-a01c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMTODnR7bGefbD3JKg9XYB31DcST90HDCKCVFqD8cS%2Fw6pKu9vvh4dwE122MKxgoqpdh6BCd8VHFvEcJIL%2B87LHdjwfaAC3RAfZ9PS27Owrqk74RPskjWPLT%2BRQJLyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db8388a39dd-YYZ

GET
H2 200 s-storageService.js.b5cf6f43.js Show response
haijezoa.top/js/ 2 KB
1 KB 31ms
25ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/s-storageService.js.b5cf6f43.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eceae0f59af1682a3faa891bdba387cc6f3899d8f671ec8ebcbae8b426b3148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:38 GMT
server: cloudflare
etag: W/"65b24b0e-87a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNNli19Ok3cCWGswpTnfLcq5BCOUryjx3jIXQty5ZkCZcECnR7Xtr9wRRAWpPfie9x7Q3ghwiDGE8Erxk0OIB1Qaex4J1hFeaDB%2B0znoYWjZa6JKSAZFGe%2Fz%2BbzM7Wc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db868cd39dd-YYZ

GET
H2 200 s-checkSessionStorageAvailable.ts.4b3b4e8b.js Show response
haijezoa.top/js/ 330 B
472 B 34ms
28ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/s-checkSessionStorageAvailable.ts.4b3b4e8b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89c507819bdc2ee997390a02489ddfaede2670c9cc076900ffabf03ac43be032

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: W/"65b24b0b-14a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjA4bZB19p41G%2F3gh80jYAVhTmm6ckx7uSVg1Jcye2sG2FB4lUwaDjIDUpQKZZjNMWY4O3wOTMcpxAYA037khTpd7Xqi%2Fo4OlGuWQ1vnNhhpzrVbSUaY6O9YFapXAJg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db868cf39dd-YYZ

GET
H2 200 s-checkLocalStorageAvailable.ts.a91bb8e3.js Show response
haijezoa.top/js/ 330 B
486 B 32ms
26ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/s-checkLocalStorageAvailable.ts.a91bb8e3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b081590b63f998f3b186679e2c0e57fad4f0c510cecdc447d30a50ec3e05e5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: W/"65b24b0b-14a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0BFQH4fYeP1TG9vTPWwAXmXQpMaDAMIRdKH8IHV3j0cHK91wl6z5bOthRsWlP1We9PXy4mZNed1JkaKIcjlJCM8n%2BQo2Q2s5Fvltho0q8NrmBKhiq41C9ElNUUW7hI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db868d139dd-YYZ

GET
H2 200 v-redux-toolkit.esm.js.84683224.js Show response
haijezoa.top/js/ 11 KB
4 KB 191ms
186ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/v-redux-toolkit.esm.js.84683224.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd6f3ae84d3416f99b8d919ba292643ab8d4e97915e7480c87f9f8aa0af71621

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-2c37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tt3fj4G6gtL3wrQR8wszvljaz7iKxLMT2d4RmHCkOm%2Fn8zrnscfAJoYXTdEj8X0BPbSnYZHOUs8Fltc%2Fa3c6qcEI3r3rqAvMIts8coIzaW1RkGb7EhZydavTSD4vCFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db868d239dd-YYZ

GET
H2 200 _each-land-config.ff0f7296.js Show response
haijezoa.top/js/ 70 KB
21 KB 36ms
30ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/_each-land-config.ff0f7296.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ef03483b32ada9328dd4433c0bf2fc17526fbc60f8c0b9e2d282553bab9ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
cf-polished: origSize=71225
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: W/"65b24b0b-11639"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rOJBucf1JQGVTMcTxITOG8%2BIhET%2F%2BFNLn8l9diPeyJxBx90S9y%2B2eYyoN7BXr48v%2FWL8Vj%2F0xa1ncwk3sUdd9NRRJgw1E3%2BtrwnZZ79ddB%2BxJmhqYQRXEvdz8nCG3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db868d439dd-YYZ

GET
H2 200 v-react-dom.production.min.js.9b2563b1.js Show response
haijezoa.top/js/ 126 KB
41 KB 47ms
42ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/v-react-dom.production.min.js.9b2563b1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06de71dc9d980755b2f9530f652abab081f5527345b61696a395a2dfa1478794

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
cf-polished: origSize=129359
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-1f94f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdlfcFd0Ez2hlLHRHTrOwmloQJU9h9D83OR8P4emqS9UnLSHJyTGcOep%2FWHkeRG%2BPAH%2BqkGyCyKJjuFSPnseBDLyoFDkMwRRkaPr0BPyQUshjSR%2BEBR%2FfgbV%2FScpeqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db868d539dd-YYZ

GET
H2 200 _core-survey.1f45551a.js Show response
haijezoa.top/js/ 163 KB
43 KB 49ms
44ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/_core-survey.1f45551a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7af23fe4e150dc93ee747d25a5bddd5a9430328c1d8bb6ffaeefb7c3d5b7832

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
cf-polished: origSize=167404
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: W/"65b24b0b-28dec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uk40jLbZM%2BwI1l%2BC9fMb65fTdWjhDjVqZ7pb8oWYBv5t2%2ByDJXDORIfgxD42GTH%2BEAdH5Uz%2F51iOUPAPTPXhHgZ0WZc5ULQ53ngDx3kGRfNpDno4EQVxSUeveOctnIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db868d839dd-YYZ

GET
H2 200 sweeps-survey.eb16e751.js Show response
haijezoa.top/js/ 6 KB
3 KB 34ms
29ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/sweeps-survey.eb16e751.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2d91d74414a0bb61ae39ba135be84e6a6224d52a783e89c23f820fa3c152eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-16ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mz5yVrQr8%2BzdqWGvUArDwgEbePd8jgiPLAvUUhXi2ulGDS2Sd4TO8WV8KRnaZBGB62y5iefjylVXKtM%2BPimsCJymx1mR76%2FQs6UEec%2FeUtKrg9gzKQk3E9%2B%2FFtRLMsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db868d939dd-YYZ

GET
H2 200 _core-survey.d3ac2ee0.css
haijezoa.top/css/ 83 B
410 B 28ms
27ms Stylesheet
text/css 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/css/_core-survey.d3ac2ee0.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
cf-polished: origSize=84
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: W/"65b24b0b-54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69QTYTEog1bVZvARQ2lTfjErdWAHuH0R3Tu5HSuVBK0MSKsO378BC29AO7KBhBjFubmRCJzMiMX%2BCmeRjnVT9VIc5R2iiJiabRr5sUDfxmYIq5oW4MTAVc63pQx1VG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 84b37db8388539dd-YYZ

GET
H2 200 sweeps-survey.3ba9579d.css
haijezoa.top/css/ 85 KB
33 KB 31ms
30ms Stylesheet
text/css 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/css/sweeps-survey.3ba9579d.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f870a6af6e850e5942690b7d536a57b8f9040cc2d95241cfa910d75a4c1972ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
cf-polished: origSize=86973
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-153bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sodVx%2B0NuIxq%2FInmxZPVxAh4%2ByUEB%2Fi8KfpklKKaFF3zwY6Z0vw7eKBm%2B%2Fvb54ufuoHvjdIy2WhOWvYsWZoQleEsjGw5fT0%2BkdMwjvhgM3D5HQlSi30ebF%2BwWSIrf5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 84b37db8388639dd-YYZ

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
71 KB 625ms
310ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 24 Jan 2024 18:45:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65b15ab8-11838"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71736
expires: Thu, 25 Jan 2024 22:08:22 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 423ms
97ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=q9kpoi13z9gmtlaydyeymhbj5ebrnwy4

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.ff0f7296.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6ee4272eb85a86b4fcef85124e3001c050476d7008a11ae6decba5bc4ad20ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://haijezoa.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 sd-5549-en.js Show response
haijezoa.top/js/config/sd/ 8 KB
3 KB 31ms
31ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/config/sd/sd-5549-en.js?v=10

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.ff0f7296.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aac8469fafa7e7ffd91da3c1fb684aa0e61d5b0fe4f05213e3bbfb687e43f62c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://haijezoa.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:37 GMT
server: cloudflare
etag: W/"65b24b0d-1f4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlK2bFcuZcOuNBSDXTLaWjZg1CAJ%2F%2B3ru7ze0Sf41wXt1tlPpXhUKypIoGKiSzUK6uCfBsYf68i%2FXEt7thgBN8WH6MTGvCcgWugI36xexi0fiVkJ%2BqghyEk89RpoPxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db9ad1d36af-YYZ

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 cookie-consent-1.json Show response
haijezoa.top/js/config/dict/ 7 KB
3 KB 208ms
207ms Fetch
application/json 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/config/dict/cookie-consent-1.json?v=10

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.ff0f7296.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"65b24b0b-1a65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfqokQbaEVcV4%2BRWFsYmDhUmcychNaC0RasXPwkn7rYHD%2B7el0Df%2BrR%2Ff1%2F%2F2hM9%2F9fr6wmQYdtZS81zN%2FW0LlrZmreEfbixSs6r%2BNqmoqqzSrLoTud1m2rav%2F6f1bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 84b37db9cd8436af-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 micro.tag.min.js Show response
haijezoa.top/pfe/current/ 27 KB
11 KB 204ms
204ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/pfe/current/micro.tag.min.js?z=6163386&sw=/sw/sw6163386.js&var=6591460&var_3=774492385553166375&var_4=null&ymid=ft&cdn=1&domain=laugoust.com&ab2_ttl=5184000000

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.ff0f7296.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9db5c92934b273ad485c58710d6fbc2d580c2923a99bb456b18cb5e1465f5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"65b24b0c-6a26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzdX4KjtiY3ByxAPC85xXNciOMf3jX5IIjiSZdrkilOgW2DiuKpvjQb9RnRgusQ0XBdtq%2FAPmj948hIVRihAPa%2FEkI8N5cSBuNq2VJfQ5EHb32aLTOKf455kNJU3ya8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db9edc036af-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 stattag.js Show response
haijezoa.top/pfe/current/ 19 KB
8 KB 33ms
33ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/pfe/current/stattag.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03405209d89a927b81d53eb13968663069760776389c5400bb79d11bd9f78f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-4a6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvJcEIvPZqVWuYFMCQUGjSMXEWv4p6GVWmZS7v0I4QpZPriQqmgJHEuA6Z5t7TXn1X5b84IXabfVwH4eYhIikyTbY1g2UGcO2rRVz5i9V%2FdPgzm%2BSDwyA2C2Hw6VQzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37db9edcb36af-YYZ

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 112ms
55ms Script
text/javascript 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&hl=en

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

632272cf8a123fc56aaa00ca62ff43511e743a546adbcc27d4b4aaf5b031a391

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 25 Jan 2024 21:08:22 GMT

GET
H3 200 en-sweep-3.json Show response
haijezoa.top/js/config/comments/ 6 KB
2 KB 218ms
217ms Fetch
application/json 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/config/comments/en-sweep-3.json

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa4c443b116762057e9860aa0c2045c3e6a85eabde1c86cd5c8b0899b09e6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"65b24b0b-174e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfN4j0wBECDhKt22WR5G6LZshNkJ4T194OtsAVLXxx4Vcm7pNRRBHlfreYQMD82p3gUktv99v1XLhMFuUIEocyf67uCpWtNkSyPOy7FLb2coSe3%2FItWQ5rOBfPXWoIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 84b37db9fdfc36af-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 SweepHeader.8e7220ee.css
haijezoa.top/css/ 369 B
683 B 34ms
34ms Stylesheet
text/css 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/css/SweepHeader.8e7220ee.css

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be1433fba47a27551a04629ff55f1a1d944922016569342433d79f0200d8959d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
cf-polished: origSize=370
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: W/"65b24b0b-172"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yfox3qWgipkdr5M2%2BXgA8YUoqT04aeRfpx%2Fh9Be0mVWLwFnW2zCZzPvWupXGQP6ovPLrBcWioZMcwTttkj5AQj644OilC9dHCnxJM5PiVh6iQz0U1WTDUdbxxaDFWag%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 84b37dba0e0936af-YYZ

GET
H3 200 SweepHeader.c2ea6039.js Show response
haijezoa.top/js/ 999 B
971 B 59ms
59ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/SweepHeader.c2ea6039.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca3b9717dece89453f1977ec557ec84934e35d02167620157808bc028e5aac8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-3e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEAAD0qXAcgSk%2FGPjRXVHb4D%2BF3lLBdTI8ByTqskBjTatBtlmzO35Rz8P%2F4rwoebdT7K0CYO8c4%2FCqLLK574qpmJjwP9t7uQd8andzzpBfagXDdcalKz%2BofFjDLWtHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37dba0e0d36af-YYZ

GET
H3 200 v-index.mjs.75da46c4.js Show response
haijezoa.top/js/ 34 KB
8 KB 35ms
35ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/v-index.mjs.75da46c4.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e131d37efee9e6744409e455e02fd1cf67078d6cf2293784802f534a269b53b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-89d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQYbw7VXfHeyVHTlnjt5CbJcpvRhlcTr6kjjKXbhFD309%2BqwP5Z1rRpru1kPO2SPMwLjaAumH%2FsNAXTIPcYGb6ihcToS2TOm2pCGeC6%2BPxNw6C9jdcDofOj7I3Q3Vk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37dba0e0f36af-YYZ

GET
H3 200 v-node.js.0afb5a77.js Show response
haijezoa.top/js/ 6 KB
2 KB 59ms
59ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/v-node.js.0afb5a77.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f695c47d563d991426da86fe2ef03faa1ffe499b1df2d7692f6998a0b9d2995

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:38 GMT
server: cloudflare
etag: W/"65b24b0e-186b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKSEIy0HVmBa8kKMlNZcKqaxi3wJpZ1o3KvcYM%2BCdkL1NHIAe5Vnl95%2BRmWzdg%2BVu802J6Buw60r4HM%2FQ666sEV22XSaxSK5WZ2Alj4kdhLWNuNxpNaY3xT3a8FhR9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37dba0e1336af-YYZ

GET
H3 200 v-possibleStandardNamesOptimized.js.e22145b5.js Show response
haijezoa.top/js/ 7 KB
3 KB 33ms
33ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/v-possibleStandardNamesOptimized.js.e22145b5.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ec4317222bcbc73a6a030625738765dfa032d72f313d94a141907088114b8a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-1d99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtuXFxGk%2BEuYsoqYvqvsOSdJxSDDXHzdidxwZU8ZRzxLiIYSiyGKFqNraapJsBfYcFQO24X9tSymDXXsCkIx%2BaWzMOlt2%2BDhJVv00kjGircL6lCtVVqeUehK9WTQ8N4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37dba0e1536af-YYZ

GET
H3 200 v-utilities.js.e248c3df.js Show response
haijezoa.top/js/ 3 KB
2 KB 59ms
59ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/v-utilities.js.e248c3df.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2376aa804073fc8a707c964f745009564e258c75bd5f1de5166f13636e6e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-a11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf83X2GnwnH86%2FJznMzOTh39ZcGblBWuuJ1LkQ%2BvTx%2BxUIDCywYBydBUtphFOL%2FY5tVhlymiM5ImRUhCPUdbSm0NaBfatDJDjsu4J5nIVPr8QETqCQd5LMJ%2BS64eeR0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37dba0e1836af-YYZ

GET
H3 200 v-domparser.js.c18d1b25.js Show response
haijezoa.top/js/ 2 KB
1 KB 60ms
59ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/v-domparser.js.c18d1b25.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a283c4869ffd239d47fb4615b55529a072465bc895376651f2ffa46962a5b355

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:38 GMT
server: cloudflare
etag: W/"65b24b0e-6b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eR7TV00nFx64uMG06t8sHWsK3fEFMVvn%2FjNlXQn%2BoOG%2BiWRzdb3nfKa%2B7Wr3IyBD%2BLAS1OUz%2BIQSc4k8DLR2v5GdkhKoMVj%2B5wvw9kWn%2B568mvfOwrU%2F3HvyKsbhvJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37dba0e1e36af-YYZ

GET
H3 200 v-dom-to-react.js.394854d9.js Show response
haijezoa.top/js/ 1 KB
1 KB 60ms
58ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/v-dom-to-react.js.394854d9.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

560304197dbc391b97117b95fc0259a3d404513997463ae00c39ff6b66867806

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-43d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lw5lHSPI%2BWn3YbibN1eTXSL6%2Ff8bmOMdSg8ZrknBpR6NYsC9M%2FoUNfxt2oPb9CrJSb%2B1fTIrO6UMUVt4ntnp52ZKI7D%2BpEbPU5nYiU%2B9dt9sncCPMlKr9It7GR0jqcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37dba0e2136af-YYZ

GET
H3 200 v-attributes-to-props.js.99c3b3d3.js Show response
haijezoa.top/js/ 702 B
933 B 61ms
59ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/v-attributes-to-props.js.99c3b3d3.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4dd626bad6a8ae920d306b4079560ffa0b0b0e16e0d607e2895fd357c60012e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-2be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgHnmy4dhflNu%2B0LaD5ZawfFXESB%2FjFntJBhbWotD%2FtgcKJlJwtF4DipgW9tYTN8tmOfHCH96CSW03Mm8%2BPsG6fWwvhjapRoR0uP25%2FG%2FDPFziPyMWUQCsFAZgsn8es%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37dba0e2236af-YYZ

GET
H3 200 v-html-to-dom.js.af852d8c.js Show response
haijezoa.top/js/ 364 B
724 B 31ms
30ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/v-html-to-dom.js.af852d8c.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a770a9254133c75a28336c9b30213f0b56be80af2f68beb5562f4f1b4ca00804

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-16c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkHUElLDRMWNiE%2Bsda5LXoGnBAB1rlaQBxrvSTG3ktpTXUIIBkatdsiiMf7z2VG8H0L6dabv6yrNJjkZjE2CusImuvNdy3bmZJzYCspxOEt2U5bqh5nLC7OpvyfKocA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37dba0e2436af-YYZ

GET
H3 200 v-constants.js.770cf3e0.js Show response
haijezoa.top/js/ 600 B
822 B 61ms
60ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/v-constants.js.770cf3e0.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dad8de00b7d2aa35dc32874f9d16c8e945d16f44186a1e7b4c584b3bd195af4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-258"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjpFW5QC%2Bjjux%2BbRCMzvsCOhHYiknuZVRh03orMPNhwuz3Jc6njhU7KYW2Z6JhTRTTMWJSortI9gD3fx%2BC1mrJhZcxiaCimjcKCa8QH62vF8uNpwwHQPPlDKaci4Afw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37dba0e2536af-YYZ

GET
H3 200 SurveyContainer.3ecec4eb.js Show response
haijezoa.top/js/ 55 KB
15 KB 61ms
60ms Script
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/js/SurveyContainer.3ecec4eb.js

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cc9b24a5c2f232dd0e63493a86e11eb8f1e950c61281bad94fffb89196a2000

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
cf-polished: origSize=56021
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: W/"65b24b0c-dad5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xmo0V4o6%2FtkEAzXG3Fi0WF0z07eGL3axwCHmtHZWWZA9029meCkRSpQELt%2BPCrzcAhxA3sbnzwUjTVhOECH4j09satxgP4RAvHGHRJLlqATWS1lBIc7x8XmR%2BEfWxxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37dba0e2736af-YYZ

OPTIONS
H2 200 sync-metrics
dortmark.net/ 0
0 341ms
101ms Preflight 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://haijezoa.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://haijezoa.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Thu, 25 Jan 2024 21:08:23 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

POST
H/1.1 200
OK add Show response
datatechonert.com/log/ 12 B
482 B 311ms
100ms XHR
application/json 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=f2aecd46-b7f1-4905-80cc-2186bc678ba1
Requested by: Host: haijezoa.top
URL: https://haijezoa.top/pfe/current/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 25 Jan 2024 21:08:23 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://haijezoa.top
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

POST
H2 200 sync-metrics
dortmark.net/ 17 B
0 422ms
232ms Fetch
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.ff0f7296.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 62d2e7ab8e83ed161728e4ac66a0af4b
pragma: no-cache
date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://haijezoa.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 17
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 tokens10k.png
haijezoa.top/img/sweep/ 80 KB
81 KB 40ms
40ms Image
image/png 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/sweep/tokens10k.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fef211dba7465da86e75019f78dcdf59af496394963b0bc6cc78b02286effe58

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 82163
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: "65b24b0c-140f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0PF2CZtQ6XzgpE8zy5tQYmPBOq4Jo3T%2BGM%2BdsNdqZfsjJJJt3bZ32X9qY%2BwGF%2BPTyjoF4xqAcUYRn%2BtjNEZl9kGASC8K8u2ojaziBcrDCQOvMlCXDbxyR6ix606wH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dba9f3336af-YYZ

POST
H2 200 sync-do Show response
dortmark.net/ 175 B
655 B 360ms
168ms Fetch
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-do

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

27abda38a3b61986ba145f4fc9a02407cc4649fb26b3cec1a4bda41b7cba21c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: d44b5d3e38b772ec587b013eabbec2b1
pragma: no-cache
date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://haijezoa.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 175
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ 481 KB
193 KB 149ms
25ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://haijezoa.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 13:57:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196969
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 13:57:55 GMT

GET
H3 200 sw6163386.js
haijezoa.top/sw/ 0
800 B 219ms
218ms Other
application/javascript 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://haijezoa.top/sw/sw6163386.js?var=6591460&var_3=774492385553166375&var_4=null&ymid=ft&ab2_ttl=5184000000

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/pfe/current/micro.tag.min.js?z=6163386&sw=/sw/sw6163386.js&var=6591460&var_3=774492385553166375&var_4=null&ymid=ft&cdn=1&domain=laugoust.com&ab2_ttl=5184000000

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"65b24b0b-529"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VauKlqleOufvLuDEhes7s1KI15c0QKEsvwsxMwwDSoM1HgW%2BQStAETCv36JmMKFjkPGir%2FBhNFZ%2BTWg%2FViUNycrCGYY5oxeoha7aYf%2Fvgx8%2FZ%2FsYfM2fU1YE4KPt3z0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 84b37dbb88b636af-YYZ
alt-svc: h3=":443"; ma=86400

POST
H2 200 zone
laugoust.com/ 0
257 B 336ms
99ms Ping
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://laugoust.com/zone?&pub=0&zone_id=6163386&is_mobile=false&domain=haijezoa.top&var=6591460&ymid=ft&var_3=774492385553166375&var_4=null&dsig=&tg=1&sw=3.1.472&action=prerequest

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id: 18e93904d352e76cc2ec87d15de27629
date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://haijezoa.top
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

GET
H3 200 sweep-3-2.jpg
haijezoa.top/img/comments/ 6 KB
6 KB 40ms
39ms Image
image/jpeg 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/sweep-3-2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c04503cea285bef96e3defe6ff7d2bc42327735df39122c33292717f0babc24

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 5649
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-1611"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Zcgvz0ytXo%2Fp8FKdxHZMSpwPNi2Cdm4hWBvbU7RhAFCAHr2qgUS1W0DdRoLHxQyb%2FzZjCxe1vzEvkaKEemiDOoveJ1IcJtS%2BrrxlMjVE34%2Ftv5GXyt7rXg7V5Tdj0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbb689436af-YYZ

GET
H3 200 sweep-3-1.jpg
haijezoa.top/img/comments/ 8 KB
8 KB 42ms
41ms Image
image/jpeg 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/sweep-3-1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ad02774682ffe8679d1e27a71cd6305bd525462edc300d17f71fd9e11f700cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 7841
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: "65b24b0c-1ea1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFDbTYiIKefFRkC3YnP98sav0h%2BqxEU2Af9Pv2blCoPXRbCZUWYx7yny5Kd7brh0TaZdI47B90ZAtKlLtQh4wUw%2BdJW5aRRqDWXKFUKbJDDRU2J%2BSQ7w599iGtT2fL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbb689836af-YYZ

GET
H3 200 sweep-3-3.jpg
haijezoa.top/img/comments/ 4 KB
5 KB 43ms
42ms Image
image/jpeg 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/sweep-3-3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23f7e33188e5cbf9f4b577eb2be328a8a8b1c7e95fbbd276695be541d41f22c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 4243
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-1093"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51pYFPRebbVZDG6w5bxZWnoW%2FmNkhmRGbpersA%2BkQ3TWTwoteZRzWg%2B%2FHbyIfCNoa6%2FN%2B2hMwaUucVTLpIk8jVN18dR5aV4%2BGkTGmVX1qSEMC8N11Uluw4R05dGmXIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbb689b36af-YYZ

OPTIONS
H2 200 sync-do
dortmark.net/ 0
0 269ms
100ms Preflight 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-do

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://haijezoa.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://haijezoa.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Thu, 25 Jan 2024 21:08:23 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

GET
H3 200 person-sweep-1.webp
haijezoa.top/img/comments/ 862 B
1 KB 32ms
31ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-sweep-1.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ae21006f04f15e16a8057644615cdf8a8a9b39db706f53ba9a925327a6a1635

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 862
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-35e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYkCopV6BAlAZtBZ%2F08PCDynfh7FyWCPzapdHHJjBFFs%2F7NFg0Ol%2FHOt1fwUmygjpK3cLSOBIidq2V4DeNfWkrcfp7iFHq2To3UrG39KSe0ltu35Qfmf%2Fh2cBi87SDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbb88c636af-YYZ

GET
H3 200 person-indian-man-4.webp
haijezoa.top/img/comments/ 3 KB
3 KB 54ms
35ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-indian-man-4.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c82bebd5183a5adaffc0ba24d28d33cc0e373282b3abc60aa2e71c2a15cedd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 3090
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-c12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hqEhat%2BAxE3idxtLcrIeLGT%2Boj7%2B%2FtsdndRdiDdd6c7fWjGbazNdkXzOOD0cOiBsUlMojQQA7ePUBpB7uOZo9o9posVGxE5cRDCLR1J%2BaVPHI3SGtFpGKUPnM0pexY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba8f436af-YYZ

GET
H3 200 m-1.webp
haijezoa.top/img/comments/ 1 KB
2 KB 56ms
37ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/m-1.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f829c04c9ea3985caf9891240614adb19a7d5f079f11f5c468d8b5401c2e4ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 1356
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-54c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBHHYw%2BhHhHZSrpAB7QfUEHYc2qqXHVWjjuc0gWUCD%2BBRr%2Fj9%2BvATsSC1W3FEspt5FVMWKj%2B%2FYuayKuECWSjzPN3qG64IBjBtLzIBEnWncVb%2FNf%2FNX2ZnZ34sldOw%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba8f836af-YYZ

GET
H3 200 person-sweep-3.webp
haijezoa.top/img/comments/ 582 B
1 KB 48ms
29ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-sweep-3.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

318e494a7bcf7cb28173e54feebeb44ba93b4c17a423c7036d2fcac40e4db6cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 582
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-246"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sb7h14RKgriysdkr6mTxfuTyI0OTDv493FdUf0uIMXwIFKEqOemuvkJ%2FxM2IuOJduMc0J9Xz1MhTNCsXI2UHd3TIrNavUKpDYwa1xiue%2F6k5n5IbYExZzDs9Z53Ik2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba8f936af-YYZ

GET
H3 200 person-sweep-4.webp
haijezoa.top/img/comments/ 800 B
1 KB 49ms
30ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-sweep-4.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e5987af9fd886b03617f6e4980035a877697b9ccdeb9f002c41baa1d6ee8912

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 800
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-320"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2RYimy7xsKfZUkXQCPDL9udUSSXu4Pa5qQLH1YTf8M5AXfvTMlplJKBRQOtQdR7CnO2WEprd%2BhgPtGEYp%2BOiE7QfftktU11c5%2BS%2Fe0MUBGcixYbjsaMWn9oq7xi%2By0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba8fb36af-YYZ

GET
H3 200 person-sweep-5.webp
haijezoa.top/img/comments/ 588 B
1 KB 61ms
42ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-sweep-5.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

935ec86b128c0bb7bfafc5915a46c0c3709c47b90509e26e4c994d8ef5587cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 588
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-24c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lr5At2ghW3La5wrmFs0ohfAW4zx3eBD3WF2iW7h3zERXYLaZU7F8iQo8pqdVlx6NjzQXND2%2FxlykHyOXxaf12WMB6QvEERuuJHlnfy3vjE%2Bhvg4PdQdzyb1NXuBou%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba8fc36af-YYZ

GET
H3 200 person-1.webp
haijezoa.top/img/comments/ 1 KB
2 KB 50ms
32ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-1.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be168d58cf2dc0e41bc5a9b386add0d57fee26848613ca601f0c31378a8ad02

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 1122
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: "65b24b0c-462"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcFwS98A82zB%2Fbub2uKaF1lZznnLeq1b4NH7mbl3CA6riGHDbgIMKRq0mEn%2B%2F6oVdP26r3nHrmI1ZEgYUPg5AJWUSrS9Ev%2B5F1vbIYbfjm1rLkEYR054G9WRxWZ2%2BVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba8ff36af-YYZ

GET
H3 200 person-6.webp
haijezoa.top/img/comments/ 2 KB
2 KB 54ms
39ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-6.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cfb6cdf94c080825e93d4bff72079fdca2d8f3d9f7d2e75badf48c29d4e31c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 1854
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-73e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLrphugYUaSGpfm%2BhR1fopbfiGcQlA0xrGVivgsIEIIvlwLzN46hvEJjAHS1nogxHvdahPQc7Y3XFNy1xcjs6Ln7Xik79CtFJ%2FrR0IN%2B4PHly100KWpcN7iIQnCMcDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba90136af-YYZ

GET
H3 200 person-sweep-7.webp
haijezoa.top/img/comments/ 610 B
1 KB 47ms
33ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-sweep-7.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e9c67781abf2cfbabb240bfd08ca836658063849f3303b85027203eec1d37c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 610
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-262"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWLRLumJeZI6%2F0IWShdc0QyNKuAq3p9GvbuUQtwLv5Rj6FsKh%2FJf4mLGWFvesu2NPx9FomOEzKesput5oS4agF4%2BTYrY4zUKpR9QUakhZZO1g29G9cq0jO90%2F81OeB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba90336af-YYZ

GET
H3 200 person-sweep-8.webp
haijezoa.top/img/comments/ 696 B
1 KB 48ms
35ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-sweep-8.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96bf5ed5aa8149269a215cf19a17889c762b8cddb2fe36229849c8379c2d4aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 696
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-2b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNKutG8JpotYLHEULnHDZPrEx5l8gPjF1AAgQR4oxhNO8fq%2B6AUC%2FEhjRgfpPbqQk%2BO%2BmSRY3TiWDqolcE3B3HGwuBJGSJo2Pxi6KGm%2BZiCpSW1zk8VYNx9yolEtLyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba90436af-YYZ

GET
H3 200 f-3.webp
haijezoa.top/img/comments/ 920 B
1 KB 51ms
38ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/f-3.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b9378ba77faeb67c5da0419584865e9ece8e82ac93ffd01e0ef389edba1ca5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 920
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: "65b24b0c-398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0aOmSfUKynZFbpjviATcxOhhznOj%2BqEmp9uWyqtI6EWKBATDNWpUwqpnBH9m%2BLaG7bJaPCbdeKFEm3yb9q%2BkhuevE9qmob6Ltifc6ugmftj73aoeBqu9MuKl1wLM8g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba90736af-YYZ

GET
H3 200 person-sweep-9.webp
haijezoa.top/img/comments/ 818 B
1 KB 50ms
37ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-sweep-9.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3de11ad2ace70aa9786af4a9e65db774466fe25aca16e16dabdfa7ec76b0a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 818
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-332"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83Pv6g3jN7WP9KYrGbV8J%2BVbQJLeYIWY06hapTVkUA%2FrINss4qLHysi01bDW5ZVPIvkRO1p4Yy2j3HHQRel00uwMBcj10Lf0Jlq9aJMrQGoiB6vybUvu4xVzxKyJZE4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba90836af-YYZ

GET
H3 200 person-sweep-10.webp
haijezoa.top/img/comments/ 572 B
1 KB 44ms
33ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-sweep-10.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4eed862cbcf8f9ce2bde63cf3e13e73ed3e58ac93ec4bb14301b248c4d58e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 572
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-23c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0mEVkFpWWvZaBKA3L2SFpl46pTtTapQgpMB6IZYcWMzYg2g8CEy3m7aoipzTrw1Ms9CuCrgM35GtUmea1%2BWJfnuysTm%2F1d2wrK2Pmjw5djWJ3Ri0nBjmhnse5GtGuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba90b36af-YYZ

GET
H3 200 person-sweep-11.webp
haijezoa.top/img/comments/ 502 B
970 B 53ms
43ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-sweep-11.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bb6b14a5a503d3c52bc6fc2e7c236a90e7971ceb41cb99e5245fcfc39ef328b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 502
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-1f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xfd%2BsgIfp0KDPwY4BESazRERIucpNrXyd0UZStPs2fapT%2FmJsAftvy4LoaV5wroLVr97AYujfnyMmq4chz%2BJhUx5xsZfGTjfokGKhDu%2B1Gk0GYAZ7j6feuk5sfxyIrk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba90c36af-YYZ

GET
H3 200 person-sweep-13.webp
haijezoa.top/img/comments/ 640 B
1 KB 39ms
35ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-sweep-13.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c45568c99b7782b240341ba6729ecacc59d41a8ced9b9846ca4ac51e50c5320

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 640
last-modified: Thu, 25 Jan 2024 11:50:36 GMT
server: cloudflare
etag: "65b24b0c-280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZ%2FmNZgoWTy6Uqz%2FGhUWbsOdvAR8UQyY%2F0dSuE%2BEEfux5uxm4vtbpJl%2F9Vh3mrx9Rt%2B9B1srtNkWUJj8o4J2832NjBrjPNqVts0e%2F1Cs%2BCiNKQZZ1WEVWYZlTuTRJ48%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba90d36af-YYZ

GET
H3 200 person-sweep-15.webp
haijezoa.top/img/comments/ 576 B
1 KB 46ms
42ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-sweep-15.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98ff0218f67c0bce5c834a0145c686f56d3a7ca1b948341a3181739da66883b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 576
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-240"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zckp2U7aIPNVVpVt2qjMsCSY0ClItU%2BSe3mSaldUb9HyamKkkNmV6FWJxlxbtn44ZDkWkRsjiivNqXdoZXw%2BigDWa4zPPEQoiFNP3iky0aCOef2jtAG4KMeOr%2FpF7%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba90f36af-YYZ

GET
H3 200 person-sweep-16.webp
haijezoa.top/img/comments/ 734 B
1 KB 43ms
38ms Image
image/webp 104.21.54.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://haijezoa.top/img/comments/person-sweep-16.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.54.140 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b1a144ec7d571b7a155cd2852da72e89b2954affca1448001e3fed2227cb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 764
alt-svc: h3=":443"; ma=86400
content-length: 734
last-modified: Thu, 25 Jan 2024 11:50:35 GMT
server: cloudflare
etag: "65b24b0b-2de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhQI8XCHyepTZRieVEqDXisuEXZy7vRV%2Fp8%2BwQCUXpL1%2Bd3oo1Ly8a4rlsGyzvxb%2FnGHT8WSvCMoLjxdRcysISiHSHYeegQsMINgL4nNT9MInENTRrLRBhLyhQQfr%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 84b37dbba91136af-YYZ

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 109ms
99ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=6163386&checkDuplicate=true&ymid=ft&var=6591460

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

1268045eb3dc23f07607c4aed8ba9b23888b9431cd31fc5888653f94d646bb43

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://haijezoa.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 zone Show response
laugoust.com/ 144 B
436 B 288ms
96ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://laugoust.com/zone?&pub=0&zone_id=6163386&is_mobile=false&domain=haijezoa.top&var=6591460&ymid=ft&var_3=774492385553166375&var_4=null&dsig=&tg=1&sw=3.1.472&action=settings

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3ab83e12e0096d62dfeb0b64e022272ec8560c817a9b02395c65064da53519ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id: 857b454c55f001a163b672d5e87c76a4
date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://haijezoa.top
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 144

POST
H2 200 sync-metrics
dortmark.net/ 17 B
0 332ms
154ms Fetch
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 17d75279dd8b25ba70241c4859056cef
pragma: no-cache
date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://haijezoa.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 17
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 sync-metrics
dortmark.net/ 0
0 99ms
98ms Preflight 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://haijezoa.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://haijezoa.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Thu, 25 Jan 2024 21:08:23 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

GET
H2 200 rotate Show response
offpichuan.com/ 976 B
1 KB 961ms
112ms Fetch
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offpichuan.com/rotate?zz=5051886;5051892;5051889;5051897;5426218;5428100;5426221&var=6591460&ymid=ft&uid=q9kpoi13z9gmtlaydyeymhbj5ebrnwy4&var_3={var_3}

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

15703b990c4fc452bb6fa086133430d822159e86a7ac71f9dd00926837559c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id: e711108f56ea50ccd28a7ab8a339b097
pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://haijezoa.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 976
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 sync-metrics
dortmark.net/ 17 B
0 172ms
156ms Fetch
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_each-land-config.ff0f7296.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: c0e72b7873737fcd935a290e555eeac3
pragma: no-cache
date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://haijezoa.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 17
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 sync-metrics
dortmark.net/ 0
0 99ms
99ms Preflight 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://haijezoa.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://haijezoa.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Thu, 25 Jan 2024 21:08:23 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10259.Ea2QUpWDIRgj8hy7hlHSgFgHoxCM6GSb9OZsFYA1wNnQYCU9PkMg7_SGEtm_fEtT.JHUm99psGNQaoLxteELjv7WdbEc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10259._p2ZLZIXoMAXdSiGuONRvWWvS2MjwJA48RSDFd1cvd3nRvhMOyQ2zyykiOq0WEWv77DraO1Y40a4b0GAHRQekcmKF29ZaDXKpGbWrud5BSpvlzfN647HD8R1XDCuYLuj1tkruvJvMV...

43 B
669 B

156ms
155ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10259._p2ZLZIXoMAXdSiGuONRvWWvS2MjwJA48RSDFd1cvd3nRvhMOyQ2zyykiOq0WEWv77DraO1Y40a4b0GAHRQekcmKF29ZaDXKpGbWrud5BSpvlzfN647HD8R1XDCuYLuj1tkruvJvMVjNMrbmY1EKAkE4d6arWuIkdr1lBCphjqBMqfLL6I3rPs2wpJSDgZrz2CaDw2RnoueIEKmcKqaYcEZTx-_XbxjZWYzf6_87dKc%2C.38viFGPE1E4RYhQdMIIF-f0OHBg%2C

Requested by

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10259._p2ZLZIXoMAXdSiGuONRvWWvS2MjwJA48RSDFd1cvd3nRvhMOyQ2zyykiOq0WEWv77DraO1Y40a4b0GAHRQekcmKF29ZaDXKpGbWrud5BSpvlzfN647HD8R1XDCuYLuj1tkruvJvMVjNMrbmY1EKAkE4d6arWuIkdr1lBCphjqBMqfLL6I3rPs2wpJSDgZrz2CaDw2RnoueIEKmcKqaYcEZTx-_XbxjZWYzf6_87dKc%2C.38viFGPE1E4RYhQdMIIF-f0OHBg%2C
date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
527 B 392ms
155ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:23 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 24 Jan 2024 18:45:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65b15ab8-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 25 Jan 2024 22:08:23 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/66423859/
Redirect Chain

https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%...
https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D752607...

440 B
556 B

156ms
156ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110823%3Aet%3A1706216903%3Ac%3A1%3Arn%3A896313514%3Arqn%3A1%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C45%2C210%2C1%2C593%2C0%2C%2C45%2C1%2C%2C%2C%2C1127%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Afp%3A935%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr%2814%29mc%28g-8%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d306c943cb252829bada79a834b2a1570196c281216882df0411c48c1f55f07f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 25-Jan-2024 21:08:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://haijezoa.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 440
x-xss-protection: 1; mode=block
expires: Thu, 25-Jan-2024 21:08:24 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 25-Jan-2024 21:08:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110823%3Aet%3A1706216903%3Ac%3A1%3Arn%3A896313514%3Arqn%3A1%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C45%2C210%2C1%2C593%2C0%2C%2C45%2C1%2C%2C%2C%2C1127%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Afp%3A935%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr%2814%29mc%28g-8%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://haijezoa.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 25-Jan-2024 21:08:24 GMT

OPTIONS
H2 200 sync-metrics
dortmark.net/ 0
0 100ms
100ms Preflight 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://haijezoa.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://haijezoa.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Thu, 25 Jan 2024 21:08:24 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

POST
H2 200 sync-metrics
dortmark.net/ 17 B
0 97ms
96ms Fetch
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dortmark.net/sync-metrics

Requested by

Host: haijezoa.top
URL: https://haijezoa.top/js/_core-survey.1f45551a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 2ece8e8e63c028cdeed9d1f98b7f0e32
pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://haijezoa.top
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length: 17
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
86 B 156ms
153ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonSurveyStart&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1706216904_71f9e910ce9b872541e55f2894d71ad6f06268efbc57e5a9f76778a31e6737d0&browser-info=ar%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A1%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110824%3Aet%3A1706216904%3Ac%3A1%3Arn%3A800344981%3Arqn%3A2%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2445%2C2445%2C0%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14)mc(g-9)clc(0-0-0)rqnt(2)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22userOfferId%22%3A%225549%22%2C%22userSurveyId%22%3A%225549%22%2C%22vertical%22%3A%22sweep%22%2C%22zone%22%3A%226591460%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 25-Jan-2024 21:08:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://haijezoa.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Jan-2024 21:08:24 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 158ms
155ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonLanguageSelect&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1706216904_71f9e910ce9b872541e55f2894d71ad6f06268efbc57e5a9f76778a31e6737d0&browser-info=ar%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A1%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110824%3Aet%3A1706216904%3Ac%3A1%3Arn%3A529714720%3Arqn%3A3%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(3)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22languageCode%22%3A%22en%22%2C%22languageSource%22%3A%22browser%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 25-Jan-2024 21:08:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://haijezoa.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Jan-2024 21:08:24 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 162ms
160ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonAdexCall&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1706216904_71f9e910ce9b872541e55f2894d71ad6f06268efbc57e5a9f76778a31e6737d0&browser-info=ar%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A1%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110824%3Aet%3A1706216904%3Ac%3A1%3Arn%3A226235645%3Arqn%3A4%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(4)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 25-Jan-2024 21:08:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://haijezoa.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Jan-2024 21:08:24 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 156ms
154ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonAdexLoad&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1706216904_71f9e910ce9b872541e55f2894d71ad6f06268efbc57e5a9f76778a31e6737d0&browser-info=ar%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A1%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110824%3Aet%3A1706216904%3Ac%3A1%3Arn%3A966667896%3Arqn%3A5%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(5)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 25-Jan-2024 21:08:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://haijezoa.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Jan-2024 21:08:24 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 161ms
159ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonStepChange&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1706216904_71f9e910ce9b872541e55f2894d71ad6f06268efbc57e5a9f76778a31e6737d0&browser-info=ar%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A1%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110824%3Aet%3A1706216904%3Ac%3A1%3Arn%3A733657282%3Arqn%3A6%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(6)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22stepName%22%3A%22main%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 25-Jan-2024 21:08:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://haijezoa.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Jan-2024 21:08:24 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 162ms
161ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonGidratorAddUrlParam&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1706216904_71f9e910ce9b872541e55f2894d71ad6f06268efbc57e5a9f76778a31e6737d0&browser-info=ar%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A1%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110824%3Aet%3A1706216904%3Ac%3A1%3Arn%3A183187404%3Arqn%3A7%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14%2C14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(7)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22isGidratorUnique%22%3Afalse%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 25-Jan-2024 21:08:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://haijezoa.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Jan-2024 21:08:24 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 158ms
156ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1706216904_71f9e910ce9b872541e55f2894d71ad6f06268efbc57e5a9f76778a31e6737d0&browser-info=ar%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A1%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110824%3Aet%3A1706216904%3Ac%3A1%3Arn%3A848506226%3Arqn%3A8%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14%2C14%2C14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(8)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22trafficQuality%22%3A%22alert%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 25-Jan-2024 21:08:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://haijezoa.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Jan-2024 21:08:24 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 160ms
159ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonNotificationEvent&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1706216904_71f9e910ce9b872541e55f2894d71ad6f06268efbc57e5a9f76778a31e6737d0&browser-info=ar%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A1%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110824%3Aet%3A1706216904%3Ac%3A1%3Arn%3A845415700%3Arqn%3A9%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14%2C14%2C14%2C14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(9)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22notificationEvent%22%3A%22onPermissionDefault%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 25-Jan-2024 21:08:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://haijezoa.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Jan-2024 21:08:24 GMT

POST
H2 200 1
mc.yandex.com/watch/66423859/ 43 B
74 B 160ms
160ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fhaijezoa.top%2FonGetIppRotate&page-ref=https%3A%2F%2Fhaijezoa.top%2Fsweeps-survey.html%3Foffer_id%3D5549%26z%3D6591460%26s%3D774492385553166375%26b%3D19240139%26campaignid%3D7526076%26var%3Dft%26ymid%3D774492385553166375%26var_3%3D%7Bvar_3%7D%26geo%3DUS%26testinapp%3D5051875%26comments%3DsweepTest%26utm_campaign%3Dft%26utm_medium%3D6591460%26utm_source%3Dzd_7526076%26utm_term%3D19240139%26utm_content%3Dzd_public_v2&charset=utf-8&uah=chm%0A%3F0&hittoken=1706216904_71f9e910ce9b872541e55f2894d71ad6f06268efbc57e5a9f76778a31e6737d0&browser-info=ar%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A1%3Als%3A103674995627%3Ahid%3A599477009%3Az%3A-600%3Ai%3A20240125110824%3Aet%3A1706216904%3Ac%3A1%3Arn%3A658221535%3Arqn%3A10%3Au%3A1706216903516413931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1706216901548%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706216904%3At%3AOnline%20Test%20%24%24%24&t=gdpr(14%2C14%2C14%2C14%2C14%2C14%2C14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(10)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22getIppLinkTime%22%3A1%2C%22mainExitDirection%22%3A%22onclick%22%2C%22teenageExitDirection%22%3A%22onclick%22%2C%22mainExitPopunderDirection%22%3A%22onclick%22%2C%22teenageExitPopunderDirection%22%3A%22onclick%22%2C%22notUniqueExitDirection%22%3A%22onclick%22%2C%22autoexitStep%22%3A%22onclick%22%2C%22inapp%22%3A%22onclick%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 21:08:24 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 25-Jan-2024 21:08:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://haijezoa.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Jan-2024 21:08:24 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eekighoo.com/	1970-01-21 02:42:32	Name: OAID Value: b380adfa48e34ece9d8ca30400968e50
eekighoo.com/	1970-01-21 02:42:32	Name: oaidts Value: 1706216902
eekighoo.com/	1970-01-21 02:42:32	Name: OXCCLK Value: 7526076.1
eekighoo.com/	1970-01-21 02:42:32	Name: allcnt Value: 1
.yandex.ru/	1970-01-21 03:32:56	Name: i Value: SLLe1O3qcJyvbwUxwisRllrlSNSgbUEvJQt517XZTIzKV8N1fsFlaliV3zqTnom3td36YaSliXkF2CpE3bNbuldEvEg=
.yandex.ru/	1970-01-21 03:32:56	Name: yandexuid Value: 2814589921706216902
my.rtmark.net/	1970-01-21 02:42:32	Name: ID Value: 0e5a57e972b8406b9a228f14c9f7f550
.haijezoa.top/	1970-01-20 19:23:20	Name: OAID Value: q9kpoi13z9gmtlaydyeymhbj5ebrnwy4
.haijezoa.top/	1970-01-20 18:07:01	Name: syncedCookie Value: true
.haijezoa.top/	1970-01-20 19:23:20	Name: oaidts Value: 1706216903
.haijezoa.top/	1970-01-20 19:23:20	Name: ID Value: q9kpoi13z9gmtlaydyeymhbj5ebrnwy4
.haijezoa.top/	1970-01-21 02:42:32	Name: _ym_uid Value: 1706216903516413931
.haijezoa.top/	1970-01-21 02:42:32	Name: _ym_d Value: 1706216903
.mc.yandex.com/	1970-01-20 17:56:57	Name: sync_cookie_csrf Value: 1973427379fake
.haijezoa.top/	1970-01-20 17:58:08	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:56:57	Name: sync_cookie_csrf Value: 3390648625fake
.yandex.com/	1970-01-21 02:42:32	Name: yandexuid Value: 2814589921706216902
.yandex.com/	1970-01-21 02:42:32	Name: yuidss Value: 2814589921706216902
.yandex.com/	1970-01-21 03:32:56	Name: i Value: SLLe1O3qcJyvbwUxwisRllrlSNSgbUEvJQt517XZTIzKV8N1fsFlaliV3zqTnom3td36YaSliXkF2CpE3bNbuldEvEg=
.yandex.com/	1970-01-21 03:32:56	Name: yp Value: 1706303303.yu.5511363721706216903
.mc.yandex.com/	1970-01-20 17:58:23	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2261383511706216904
.yandex.com/	1970-01-21 02:42:32	Name: ymex Value: 1708808903.oyu.5511363721706216903#1737752904.yrts.1706216904
.yandex.com/	1970-01-21 02:42:32	Name: bh Value: KgI/MA==
.haijezoa.top/	1970-01-20 17:56:58	Name: _ym_visorc Value: b

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://masha428.socro-ad.club/58Asv359/captcha/captcha.js?a=c&u=baff9429-c4ac-11ec-aebb-6a766354456e&v=&m=0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://masha428.socro-ad.club/58Asv359/init.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

captcha.px-cdn.net
datatechonert.com
dortmark.net
eekighoo.com
fonts.googleapis.com
fonts.gstatic.com
haijezoa.top
laugoust.com
masha428.socro-ad.club
mc.yandex.com
mc.yandex.ru
my.rtmark.net
offpichuan.com
res.cloudinary.com
socrobotic.store
www.google.com
www.gstatic.com
104.21.54.140
139.45.195.8
139.45.196.64
139.45.197.237
139.45.197.248
139.45.197.250
151.101.65.40
2606:4700:3030::6815:1276
2606:4700:3033::6815:5291
2606:4700::6813:a641
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c19::5f
2607:f8b0:4006:820::2003
2607:f8b0:4006:823::2004
2a02:6b8::1:119
37.48.68.71
03405209d89a927b81d53eb13968663069760776389c5400bb79d11bd9f78f78
06de71dc9d980755b2f9530f652abab081f5527345b61696a395a2dfa1478794
080868a636dfeaa0cb67e7b5e6a6566aa39261ac2278869a3662c68324f9c174
1268045eb3dc23f07607c4aed8ba9b23888b9431cd31fc5888653f94d646bb43
15703b990c4fc452bb6fa086133430d822159e86a7ac71f9dd00926837559c15
1ae21006f04f15e16a8057644615cdf8a8a9b39db706f53ba9a925327a6a1635
1c04503cea285bef96e3defe6ff7d2bc42327735df39122c33292717f0babc24
1cfb6cdf94c080825e93d4bff72079fdca2d8f3d9f7d2e75badf48c29d4e31c4
1e131d37efee9e6744409e455e02fd1cf67078d6cf2293784802f534a269b53b
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
23f7e33188e5cbf9f4b577eb2be328a8a8b1c7e95fbbd276695be541d41f22c2
27abda38a3b61986ba145f4fc9a02407cc4649fb26b3cec1a4bda41b7cba21c3
2b9378ba77faeb67c5da0419584865e9ece8e82ac93ffd01e0ef389edba1ca5d
2bfa8e9b4326caea44f0d0c0345a31f34f19d47ae2e60fbc7c557df9ceffdca6
2c82bebd5183a5adaffc0ba24d28d33cc0e373282b3abc60aa2e71c2a15cedd1
2e9c67781abf2cfbabb240bfd08ca836658063849f3303b85027203eec1d37c5
318e494a7bcf7cb28173e54feebeb44ba93b4c17a423c7036d2fcac40e4db6cd
35ef03483b32ada9328dd4433c0bf2fc17526fbc60f8c0b9e2d282553bab9ddb
39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5
3ab83e12e0096d62dfeb0b64e022272ec8560c817a9b02395c65064da53519ba
476692954f918675b13128f6bdfdec5f0a3e6a1934ca6518d3245c09875e4b06
4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
4cc9b24a5c2f232dd0e63493a86e11eb8f1e950c61281bad94fffb89196a2000
4f2376aa804073fc8a707c964f745009564e258c75bd5f1de5166f13636e6e50
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560304197dbc391b97117b95fc0259a3d404513997463ae00c39ff6b66867806
5ad02774682ffe8679d1e27a71cd6305bd525462edc300d17f71fd9e11f700cb
5be168d58cf2dc0e41bc5a9b386add0d57fee26848613ca601f0c31378a8ad02
5fa4c443b116762057e9860aa0c2045c3e6a85eabde1c86cd5c8b0899b09e6d7
632272cf8a123fc56aaa00ca62ff43511e743a546adbcc27d4b4aaf5b031a391
6ee4272eb85a86b4fcef85124e3001c050476d7008a11ae6decba5bc4ad20ea6
758015e3cb56989df5cfcf912d2c3861a62e623d386ef12d4bacf15891a4eb81
79b1a144ec7d571b7a155cd2852da72e89b2954affca1448001e3fed2227cb34
7dad8de00b7d2aa35dc32874f9d16c8e945d16f44186a1e7b4c584b3bd195af4
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
89c507819bdc2ee997390a02489ddfaede2670c9cc076900ffabf03ac43be032
8e5987af9fd886b03617f6e4980035a877697b9ccdeb9f002c41baa1d6ee8912
8ec4317222bcbc73a6a030625738765dfa032d72f313d94a141907088114b8a3
935ec86b128c0bb7bfafc5915a46c0c3709c47b90509e26e4c994d8ef5587cf2
96bf5ed5aa8149269a215cf19a17889c762b8cddb2fe36229849c8379c2d4aa6
9769e21e099e405b98d4a099180378b7c75bb9f73d73d328b46aaa78eb1d3c3f
98ff0218f67c0bce5c834a0145c686f56d3a7ca1b948341a3181739da66883b2
9bb6b14a5a503d3c52bc6fc2e7c236a90e7971ceb41cb99e5245fcfc39ef328b
9c45568c99b7782b240341ba6729ecacc59d41a8ced9b9846ca4ac51e50c5320
9f695c47d563d991426da86fe2ef03faa1ffe499b1df2d7692f6998a0b9d2995
a283c4869ffd239d47fb4615b55529a072465bc895376651f2ffa46962a5b355
a5f17b302ec4f91ede66b8ae2b31b3dea2fd8ac9d32b7052023c9a50e50fc310
a770a9254133c75a28336c9b30213f0b56be80af2f68beb5562f4f1b4ca00804
aac8469fafa7e7ffd91da3c1fb684aa0e61d5b0fe4f05213e3bbfb687e43f62c
b081590b63f998f3b186679e2c0e57fad4f0c510cecdc447d30a50ec3e05e5b0
b3de11ad2ace70aa9786af4a9e65db774466fe25aca16e16dabdfa7ec76b0a53
be1433fba47a27551a04629ff55f1a1d944922016569342433d79f0200d8959d
c93254c3b38a544885ef7418366c3895b1a9871669f56ef2c9ac9f1315525b5d
c9db5c92934b273ad485c58710d6fbc2d580c2923a99bb456b18cb5e1465f5cf
ca3b9717dece89453f1977ec557ec84934e35d02167620157808bc028e5aac8a
cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2
d306c943cb252829bada79a834b2a1570196c281216882df0411c48c1f55f07f
d72bd5954d7f907b3789b72ce0d6529e14f98d3a22aec30e16ed387122806ddc
d7af23fe4e150dc93ee747d25a5bddd5a9430328c1d8bb6ffaeefb7c3d5b7832
dd6f3ae84d3416f99b8d919ba292643ab8d4e97915e7480c87f9f8aa0af71621
e2d91d74414a0bb61ae39ba135be84e6a6224d52a783e89c23f820fa3c152eee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f31b7251d47a0c6ca8ec26b21d727e44cc654090446e613c30baa340d60d74
eceae0f59af1682a3faa891bdba387cc6f3899d8f671ec8ebcbae8b426b3148b
f478ed77959ea20c09129f7f704ebcf6fb38dc14dc592a4583df39da4af74763
f4dd626bad6a8ae920d306b4079560ffa0b0b0e16e0d607e2895fd357c60012e
f4eed862cbcf8f9ce2bde63cf3e13e73ed3e58ac93ec4bb14301b248c4d58e1f
f829c04c9ea3985caf9891240614adb19a7d5f079f11f5c468d8b5401c2e4ab0
f870a6af6e850e5942690b7d536a57b8f9040cc2d95241cfa910d75a4c1972ba
fef211dba7465da86e75019f78dcdf59af496394963b0bc6cc78b02286effe58

haijezoa.top Open in urlscan Pro 104.21.54.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

98 %HTTPS

50 %IPv6

16 Domains

17 Subdomains

16 IPs

5 Countries

1157 kBTransfer

2039 kBSize

25 Cookies

1 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

haijezoa.top Open in urlscan Pro
104.21.54.140 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

98 %
HTTPS

50 %
IPv6

16
Domains

17
Subdomains

16
IPs

5
Countries

1157 kB
Transfer

2039 kB
Size

25
Cookies

91 HTTP transactions
2 data transactions