Report - dollarsurvey.site/captcha1.html

Report Overview

Submitted URL
dollarsurvey.site/captcha1.html
IP
172.67.71.163
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-12 02:45:09
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdn.taboola.com	1040	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	183 kB	151.101.85.44
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
cds.taboola.com	1068	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	152 B	141.226.224.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.212.13.96
gum.criteo.com	381	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	11 kB	178.250.2.146
il-trc-events.taboola.com	22667	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	489 B	185.106.33.48
trc.taboola.com	602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	1.7 kB	151.101.85.44
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.65
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.2 kB	79 kB	77.88.21.119
trc-events.taboola.com	1779	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	1.1 kB	141.226.228.48
ag.gbc.criteo.com	5925	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	1.0 kB	178.250.6.118
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	746 B	139.45.195.8
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.6 kB	93.184.220.29
images.taboola.com	1621	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	172 kB	151.101.85.44
pips.taboola.com	1840	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	336 B	347 B	151.101.85.44
dollarsurvey.site	442579	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	11 kB	104.26.3.231
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	347 B	1.4 kB	104.18.20.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-12	medium	dollarsurvey.site/captcha1.html	Phishing
2022-10-12	medium	dollarsurvey.site/captcha1.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	dollarsurvey.site/js/data/_global-config-sd.js?v=3	651 B	2023-03-08	2023-03-10
Pretty URL dollarsurvey.site/js/data/_global-config-sd.js?v=3 IP 104.26.2.231 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:42:09 Last Seen2023-03-10 14:11:48 Times Seen1 Hash 57147bdcb9b014876c4692547246d7d6 2c8c83fae4a1e17c6c2c78a18b51b68bad585be4 bebb2db3d52a4431b9912c22e20f4fd2799d3e92f097e25ac0ddc840e1f6dbd6 Loading...

	dollarsurvey.site/captcha1.html	1.2 kB	2023-03-07	2023-03-11
Pretty URL dollarsurvey.site/captcha1.html IP 104.26.3.231 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:48:08 Last Seen2023-03-11 14:36:48 Times Seen1 Hash 2a29357b03306f0b02184dd3d4016f27 c0646f66b7add9c1dafbe02c7e37d300667594de b7e00634052894ab4253f6e14b8d0f504ee9d247f187e3239fb3b502fd3dad2f Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 00:04:29 Times Seen36968883 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mc.yandex.ru/metrika/tag.js	213 kB	2023-03-08	2023-05-04
Pretty URL mc.yandex.ru/metrika/tag.js IP 77.88.21.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:14:19 Last Seen2023-05-04 17:35:27 Times Seen2 Hash cdb00ea7b9083e60cf15798d8b196ad4 b4697f3648927f715312ce7f0f49800c845004c4 c01ee4ad73a35630310a11d10b6d654586843d9bf863efea29b231541b409006 Loading...

	gum.criteo.com/syncframe?origin=rtus&topUrl=dollarsurvey.site#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22dollarsurvey.site%22,%22topUrl%22:%22dollarsurvey.site%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.046173798638701635%22%7D	14 kB	2023-03-07	2023-05-06
Pretty URL gum.criteo.com/syncframe?origin=rtus&topUrl=dollarsurvey.site#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22dollarsurvey.site%22,%22topUrl%22:%22dollarsurvey.site%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.046173798638701635%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:36 Last Seen2023-05-06 00:14:31 Times Seen2035 Hash 49e65b540d43d40997ce3844d41b2dd0 b7331c5edc086ee2c7731b1b36e937e7c44450a7 f185c1b78d87a007d9492a85c6ce64c06cc851ef9f13ca3caf8aaafe243b0ac2 Loading...

	cdn.taboola.com/libtrc/cta-component.20221011-3-RELEASE.es6.js	19 kB	2023-03-08	2023-03-08
Pretty URL cdn.taboola.com/libtrc/cta-component.20221011-3-RELEASE.es6.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:16:30 Last Seen2023-03-08 13:18:12 Times Seen1 Hash 0fa2c82c025b3b4ce5604f0d02a382e2 1f9f647f565bd7c1f747431920adfa9c7f4dba32 7c4993a682711d9a9d9f7379784646d91e2d45793cc617eb708d74f156401ae0 Loading...

	dollarsurvey.site/captcha1.html?utm_content=zd_public_v2	112 B	2023-03-07	2023-04-05
Pretty URL dollarsurvey.site/captcha1.html?utm_content=zd_public_v2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:33 Last Seen2023-04-05 02:10:30 Times Seen82 Hash e47ee79f740c9eae02464288746f765d 9f2a84ab535d0c773c2d822221917b26446c6d46 24ca2d2952aa702f4191a162f59fbad191c648e851dae7876434baf548af95a7 Loading...

	cdn.taboola.com/scripts/cds-pips.js	2.3 kB	2023-03-07	2023-03-17
Pretty URL cdn.taboola.com/scripts/cds-pips.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:16:15 Last Seen2023-03-17 12:40:57 Times Seen1 Hash 8cbcf8a5c724c32aa9be09d14a4c624d 75263978c8803fa7d78be424409e1a29740bcba7 70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac Loading...

	dollarsurvey.site/js/taboola.js	1.4 kB	2023-03-08	2023-03-10
Pretty URL dollarsurvey.site/js/taboola.js IP 104.26.2.231 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:18:12 Last Seen2023-03-10 18:32:31 Times Seen1 Hash 4a35f33903a850dd927bc16a82108f5c 78e5273cf72234b38f16dd10ecf67493b6ad8567 f735ede4917bb7662036c83e15c87ee3e18813324ff62db969b28997642f014d Loading...

	dollarsurvey.site/captcha1.html	237 B	2023-03-08	2023-03-12
Pretty URL dollarsurvey.site/captcha1.html IP 104.26.3.231 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:19:24 Last Seen2023-03-12 21:16:07 Times Seen1 Hash 19b8722efab4e2bec7b1aaab4b5d9ab0 92dba16dc1812ec42b43aa97cc31c97138dea642 b972d04cd1cd17737b5ae248abe902f2defab803e7465a3eec21c92c05e6218a Loading...

	dollarsurvey.site/js/data/sd-301.js?v=4	437 B	2023-03-07	2023-03-17
Pretty URL dollarsurvey.site/js/data/sd-301.js?v=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:10 Last Seen2023-03-17 11:32:30 Times Seen1 Hash 1d2ee779aa577d20c3519e937114f12b 399da7122776f2137f6191a70881f3b5a7d1ece1 c751fc69a9f1eb6ae04d9e3ad969ce02dcb57802d78d810c88d0676c352b5a24 Loading...

	gum.criteo.com/syncframe?origin=rtus&topUrl=dollarsurvey.site#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22dollarsurvey.site%22,%22topUrl%22:%22dollarsurvey.site%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.046173798638701635%22%7D	418 B	2023-03-07	2023-03-17
Pretty URL gum.criteo.com/syncframe?origin=rtus&topUrl=dollarsurvey.site#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22dollarsurvey.site%22,%22topUrl%22:%22dollarsurvey.site%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.046173798638701635%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:53:17 Last Seen2023-03-17 21:47:34 Times Seen1 Hash 72ad3a00c4af14e8c301e9eafbe741ea 63dc5435a78e8b86fb54fa8be021d2f54b1903b1 d05385301aef1a77fd22c1c56c08102835063c8221b753de58aff20a800c95eb Loading...

	dollarsurvey.site/captcha1.html	512 B	2023-03-08	2023-03-11
Pretty URL dollarsurvey.site/captcha1.html IP 104.26.3.231 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:19:24 Last Seen2023-03-11 10:15:15 Times Seen1 Hash a1037e53db3060c76e3e815abcbabe97 45b2bad924322c980cb70dc120bc7bb8749ae593 84f98560bb7260892aa9d5cd59c00aa5202adc48d4a33b32afb25f9e24adc363 Loading...

	dollarsurvey.site/js/survey.js?v=14	304 kB	2023-03-08	2023-03-10
Pretty URL dollarsurvey.site/js/survey.js?v=14 IP 104.26.2.231 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:22:18 Last Seen2023-03-10 17:03:33 Times Seen1 Hash 5f2c4d7438ace059e06bb532f570cb0d 042aa04e3cc7927207f399a0640cdaf64a73e0bd eaf2577c84ecc1d9fa0282789ee1d28df695a656f05ea53f6347dcfaa6beba1f Loading...

	cdn.taboola.com/libtrc/socionicsurvey/loader.js	82 kB	2023-03-08	2023-03-08
Pretty URL cdn.taboola.com/libtrc/socionicsurvey/loader.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:18:12 Last Seen2023-03-08 13:18:12 Times Seen1 Hash 0b501bdcdac7970d260b68ae618f322b 6e15964fe7c28ab4ff0f46f0e09aaca80a4d27c3 f48d7fb8a5c60e5e105d06f83c0c4878e5f3b5145fadd58ccac377f48a804b39 Loading...

	gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS	30 kB	2023-03-07	2023-03-17
Pretty URL gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS IP 178.250.2.146 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:17:20 Last Seen2023-03-17 21:47:34 Times Seen1 Hash 49908b82b9e80d6ae18a2a5b3d383af9 b5fdbde84ebb8d44304a39a7eca9afc15fd0fc43 1294283dd1491c4767840ecaafa97659b0e3c560ef4048bd51907181c52af89e Loading...

	cdn.taboola.com/libtrc/userx.20221011-3-RELEASE.es6.js	18 kB	2023-03-08	2023-03-08
Pretty URL cdn.taboola.com/libtrc/userx.20221011-3-RELEASE.es6.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:16:30 Last Seen2023-03-08 13:18:12 Times Seen1 Hash 3db642fd6c3b5dd9c7c95bf6fc322b32 132330c090eeb0f6b8032e19c12e869f9e0f8f22 477287a9e647fa03000c45a08e9d27b93baf668fec3f37e13ae77332d16c2902 Loading...

	dollarsurvey.site/js/data/rtc.js?v=1	15 kB	2023-03-07	2023-03-11
Pretty URL dollarsurvey.site/js/data/rtc.js?v=1 IP 104.26.2.231 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:39:00 Last Seen2023-03-11 19:38:54 Times Seen1 Hash 576f1cb4158c59ea6c8f947e9c7faad9 35192691cb422e06181c7eb48091ae0846541012 37a1a00b4ec2e0fbba6b4e3b2cd762abfbfb94959631d64d9e0c37785537708c Loading...

	dollarsurvey.site/js/config.js?v=8	68 kB	2023-03-08	2023-03-10
Pretty URL dollarsurvey.site/js/config.js?v=8 IP 104.26.2.231 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:12:01 Last Seen2023-03-10 14:22:46 Times Seen1 Hash 89653056f8f6fb1ee030e75823753f72 37f2fd98180eefc9a17a201eee70d01a2b341eba cf3fe8f41a6be84115d07d5b911384f1809b9a75035bfd587ee351f12a824819 Loading...

	dollarsurvey.site/captcha1.html	40 B	2023-03-07	2024-04-19
Pretty URL dollarsurvey.site/captcha1.html IP 104.26.3.231 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-04-19 23:02:40 Times Seen4629 Hash 6bd43cf0ae158526c6ab93dc3be79f28 15c289e342bd3fdf5b1e95f7abf25a2bc78bf357 7a13d5ae0755d86c09084ec300c4a0f1a0a06921f74d9980eba9d966ff17ad38 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 37cd3bd2adbd29e7fafaf20f77f4bf43	18 B	2023-03-07	2024-04-15
Pretty Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-15 12:57:44 Times Seen656 Hash 37cd3bd2adbd29e7fafaf20f77f4bf43 d4a665f4bf3dc9a6f3ea3a55c50c5a37c6bd05f5 0f3342bc14063d9ed7a669eb067b50ea17b2cb7dcb51968939b72fa9ac862d91 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

	#2 Write - 2d6673eded37338627f4fc432783fc4d	759 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 12:04:33 Last Seen2023-05-06 00:14:31 Times Seen121 Hash 2d6673eded37338627f4fc432783fc4d bb226d552cec5533fb1d7fd8b486efa856d7f333 a7e9c7904cd65627b33964bbb90839a2fa154c33d9c353413da6dcdc4fba2295 Loading...

HTTP Transactions (77)

URL IP Response Size

dollarsurvey.site/captcha1.html

104.26.3.231

301 Moved Permanently

0 B

URL HTTP/1.1
dollarsurvey.site/captcha1.html
IP
104.26.3.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /captcha1.html HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 12 Oct 2022 02:44:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 12 Oct 2022 03:44:57 GMT
Location: https://dollarsurvey.site/captcha1.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfijmFw5epKkV%2BDXvD%2FeHjb%2BwbkKC6WmSPEtb%2BnCX11raGqypekQb6fmLJWfqC2Zr2WlzRl7R2Bz0moqSknZm%2B5yyNF2f58UsUeHmXAjztX6QwIL6tiskJPgfIvBJ%2FFQ9nxs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758c7f263f55fac4-OSL

firefox.settings.services.mozilla.com/v1/

54.230.111.65

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
3f17af4e8a1739eda4a518039f4892f9
c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb
c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 12 Oct 2022 01:49:07 GMT
Expires: Wed, 12 Oct 2022 02:31:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MwNp0RKOMjvQUh1MLf7rYwDo66JIJfjfQsx-Ys3urRo5OtNWreG2QQ==
Age: 3351

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0602913f3d432ffbfaa654440972ee1
e5aaf31749e65875fd840091f9a3bba641de413d
5495ad212166703dcd1d17d7aa6ff4d1c40e73dfad703d24f00f60f35bc7d56c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5495AD212166703DCD1D17D7AA6FF4D1C40E73DFAD703D24F00F60F35BC7D56C"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11802
Expires: Wed, 12 Oct 2022 06:01:40 GMT
Date: Wed, 12 Oct 2022 02:44:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cf115053c2c98937c2d3c1bba367d815
dfcf225bde5123f0476e6b319823136fa77537f6
e5748cb4844096548cf4c2d8d5bee9e245035c4632ae1a59bfd3b2d99bd4cd9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5748CB4844096548CF4C2D8D5BEE9E245035C4632AE1A59BFD3B2D99BD4CD9B"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6308
Expires: Wed, 12 Oct 2022 04:30:06 GMT
Date: Wed, 12 Oct 2022 02:44:58 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: wl82or6bOIXSnyjIDivB6vr4WpOnJ4IVtoZSWI16OxLfyuoWC4cAbSxsrdX/jGW+cun98pqG4NA=
x-amz-request-id: SH7QJZX2FJJ3GCJJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 12 Oct 2022 02:01:06 GMT
age: 2632
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 02:44:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b118be24bf7965cb04efa2312990c243
a2797a3b1d9a7b4f845d3d0c565be6d7b833ff19
7d77ea40183bb082f430e48f8c4cfb9c39e15ee043804078dfadb2e3cfe3b4b8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 02:44:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 06:25:19 GMT
Expires: Mon, 17 Oct 2022 06:25:18 GMT
Etag: "a2797a3b1d9a7b4f845d3d0c565be6d7b833ff19"
Cache-Control: max-age=444619,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 758c7f2c6dd6b4fa-OSL

dollarsurvey.site/js/dict/cookie-consent-1.json?v=1

104.26.2.231

200 OK

3.0 kB

URL HTTP/2
dollarsurvey.site/js/dict/cookie-consent-1.json?v=1
IP
104.26.2.231:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- HTML document, Unicode text, UTF-8 text
Size
3.0 kB (2982 bytes)
Hash
16d2c13165f16492ad6ea920870a46ef
1ec62840888f36f63d679a1dc11ac5a6de046e8f
b83fd3be2be6859c9705141e3113592186ce1f7310db5d70a29075134bf019f7

HTTP Headers

GET /js/dict/cookie-consent-1.json?v=1 HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:58 GMT
content-type: application/json
last-modified: Mon, 10 Oct 2022 11:44:07 GMT
vary: Accept-Encoding
etag: W/"63440587-168d"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPMmP0ZoiY72xTDMx1Znk0fXTdlwPDS4QJjz%2BVFlUgB%2BmgfeH8xOOLwUWZ9NKNCnkevvxKPqU5nfmEdiTZLIvWYcg04PxojtCpe2%2FmfWyZyXSOTYru00Uh5ipYaPHp1UOyyM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 758c7f2ad9081bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.65

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 12 Oct 2022 02:29:41 GMT
Expires: Wed, 12 Oct 2022 02:43:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gxKS3t35vyLlqDW5zm6jqImAWl8m2SWH-eKSgmjv3YCnrFZ9CxHGHg==
Age: 918

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
3e62c6797636a74b7619eec53b28ffaf
95c353fa637997226697060b13e336b7f57413f7
1d3d0bae87dc110f17eb908f78811cf6a93f43f66c44912610fc13d18b8186d0

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 02:44:59 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c65567c4e40c434883654790fcf58051; expires=Thu, 12 Oct 2023 02:44:59 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/socionicsurvey/loader.js

151.101.85.44

200 OK

21 kB

URL HTTP/2
cdn.taboola.com/libtrc/socionicsurvey/loader.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65509)
Size
21 kB (21183 bytes)
Hash
b448083525ade599137c699c3715714f
dca435a3109cb849c42aa62a14bf6e80a564b5ab
5d539fc4f753ba8a593d46795b22f596cdd0528382b39e65f6cee2e7f0316e16

HTTP Headers

GET /libtrc/socionicsurvey/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: gzSvaMo37Te2YLWn2irZEQFGj2sTxSC5bVIG7c/2Z4Rz+RBKPirex5Zp6X8iIoZs/f5HcwCOEJ4=
x-amz-request-id: 82JVYDWNA7YBDJ0Q
last-modified: Tue, 11 Oct 2022 09:41:15 GMT
etag: "0b501bdcdac7970d260b68ae618f322b"
x-amz-version-id: q2oZ0TNEY5my3mNnSrWSFtpT9ZZKx4LC
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:44:59 GMT
via: 1.1 varnish
age: 162
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1665542699.136717,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 49
content-length: 21183
X-Firefox-Spdy: h2

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
a771df5a4b1231518bebdde033bd347a
54403ee1b9b8a71796dc9370163bc3fb8cc57767
0ea2d3ed4b8025f2965cbf89a12b362214f4597c859a27b0bd0ae649398a872e

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 02:44:59 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sat, 15 Oct 2022 22:55:55 GMT
ETag: "54403ee1b9b8a71796dc9370163bc3fb8cc57767"
Last-Modified: Tue, 11 Oct 2022 22:55:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2092
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758c7f2ded27b4f1-OSL

cdn.taboola.com/libtrc/impl.20221011-3-RELEASE.js

151.101.85.44

200 OK

146 kB

URL HTTP/2
cdn.taboola.com/libtrc/impl.20221011-3-RELEASE.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65509)
Size
146 kB (145663 bytes)
Hash
237b2ee22235e32d16a077539325de3c
9d35ca797384fa9e04db694650f38c55548e50fb
d6184268e3289ca5aae83595ff70f9bbff4a84ae1d4ee3f53910e0535af80497

HTTP Headers

GET /libtrc/impl.20221011-3-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: vlYEBL2qopwEE22xqrQMYRXafqLusoEYRvHFMd2r4PkZHtaXHIdz5kmaVuprX+JGzPbZGyDRamo=
x-amz-request-id: 5T38WT8DZGQFGW15
last-modified: Tue, 11 Oct 2022 09:33:45 GMT
etag: "237b2ee22235e32d16a077539325de3c"
content-encoding: br
x-amz-version-id: A0lfSUr2p1aKTmVXPk1X3zuJj4kTNZvT
content-type: application/javascript
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:44:59 GMT
via: 1.1 varnish
age: 4274
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 730
x-timer: S1665542699.188124,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 90
server: AmazonS3-br
content-length: 145663
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/tag.js

77.88.21.119

200 OK

73 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (731)
Size
73 kB (73219 bytes)
Hash
64adf2282f72dc350e916cb82af41ab7
d5c10f65a7ac0cce6eb0c78df805965a9a3ad017
4942011d5f3623476ceff936e757245d89ce2af664558a7031497d370a3d3771

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 73219
date: Wed, 12 Oct 2022 02:44:59 GMT
access-control-allow-origin: *
etag: "633fab48-11e03"
expires: Wed, 12 Oct 2022 03:44:59 GMT
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
828ad1d9d12ea4db220c70751130f1fa
14c74e3a8e704b5989a406ab372d704121e30d6a
7b2d96aa194a540a549fae30c64eff43150aaeaa0ac021bb949e7d1ad490a4ff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5738
Cache-Control: max-age=90189
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 02:44:59 GMT
Etag: "6344d10e-139"
Expires: Thu, 13 Oct 2022 03:48:08 GMT
Last-Modified: Tue, 11 Oct 2022 02:12:30 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313

trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.277&type=info&msg=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&llvl=2&id=9290&cv=20221011-3-RELEASE&lt=deflated&pct=1

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.277&type=info&msg=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&llvl=2&id=9290&cv=20221011-3-RELEASE&lt=deflated&pct=1
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socionicsurvey/log/2/debug?tim=02%3A44%3A59.277&type=info&msg=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&llvl=2&id=9290&cv=20221011-3-RELEASE&lt=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 02:44:59 GMT
x-fastly-to-nlb-rtt: 22143
access-control-allow-credentials: true
X-Firefox-Spdy: h2

trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.279&type=usage&msg=rtus&llvl=2&id=8957&cv=20221011-3-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.279&type=usage&msg=rtus&llvl=2&id=8957&cv=20221011-3-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socionicsurvey/log/2/debug?tim=02%3A44%3A59.279&type=usage&msg=rtus&llvl=2&id=8957&cv=20221011-3-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 02:44:59 GMT
x-fastly-to-nlb-rtt: 22143
access-control-allow-credentials: true
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.212.13.96

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.212.13.96:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: w4M+W2kvGIKgV+KJMpC4yA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MVNIj2qVUsYubThT8edlfG1JtMY=

mc.yandex.ru/metrika/advert.gif

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Wed, 12 Oct 2022 02:44:59 GMT
access-control-allow-origin: *
etag: "633fab48-2b"
expires: Wed, 12 Oct 2022 03:44:59 GMT
accept-ranges: bytes
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A210%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542699%3Ac%3A1%3Arn%3A594368994%3Arqn%3A1%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C33%2C0%2C%2C0%2C%2C120%2C2%2C%2C%2C%2C258%3Ans%3A1665542698599%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542699%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)

77.88.21.119

302 Found

400 B

URL HTTP/2
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A210%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542699%3Ac%3A1%3Arn%3A594368994%3Arqn%3A1%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C33%2C0%2C%2C0%2C%2C120%2C2%2C%2C%2C%2C258%3Ans%3A1665542698599%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542699%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size
400 B (400 bytes)
Hash
4f55e1665449bd0a9e7cb4b5e90527b9
b8056c884f4157c68213f8bdc0078007b4ceed0b
f88043136a4b66af6aa1ee8a4199676806458fd176bb092d0f783c0092f7ec70

HTTP Headers

GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A210%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542699%3Ac%3A1%3Arn%3A594368994%3Arqn%3A1%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C33%2C0%2C%2C0%2C%2C120%2C2%2C%2C%2C%2C258%3Ans%3A1665542698599%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542699%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A210%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542699%3Ac%3A1%3Arn%3A594368994%3Arqn%3A1%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C33%2C0%2C%2C0%2C%2C120%2C2%2C%2C%2C%2C258%3Ans%3A1665542698599%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542699%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 12 Oct 2022 02:44:59 GMT
access-control-allow-origin: https://dollarsurvey.site
set-cookie: yandexuid=5601573791665542699; Expires=Thu, 12-Oct-2023 02:44:59 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5601573791665542699; Expires=Thu, 12-Oct-2023 02:44:59 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1023156671665542699; Path=/; SameSite=None; Secure
i=AzATWsfM3fO7ejE8PXZjmtJ6W06K88EoQWBe3qdu2u5obMmybovaI3dYyCyjv6R2BtsgFp5sXaGoIL72KbBmJgcN4e0=; Expires=Sat, 09-Oct-2032 02:44:54 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1697078699.yrts.1665542699#1697078699.yrtsi.1665542699; Expires=Thu, 12-Oct-2023 02:44:59 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 12-Oct-2022 02:44:59 GMT
last-modified: Wed, 12-Oct-2022 02:44:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonSurveyStart&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1665542699_521b0719f3daffeec547d0164aa69bbfe8614f589c78434364ec387f6aa6fa35&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542700%3Ac%3A1%3Arn%3A725036542%3Arqn%3A2%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C859%2C859%2C2%2C%3Ans%3A1665542698599%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542700%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2)

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonSurveyStart&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1665542699_521b0719f3daffeec547d0164aa69bbfe8614f589c78434364ec387f6aa6fa35&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542700%3Ac%3A1%3Arn%3A725036542%3Arqn%3A2%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C859%2C859%2C2%2C%3Ans%3A1665542698599%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542700%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonSurveyStart&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1665542699_521b0719f3daffeec547d0164aa69bbfe8614f589c78434364ec387f6aa6fa35&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542700%3Ac%3A1%3Arn%3A725036542%3Arqn%3A2%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C859%2C859%2C2%2C%3Ans%3A1665542698599%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542700%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 40
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Wed, 12 Oct 2022 02:44:59 GMT
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 12-Oct-2022 02:44:59 GMT
last-modified: Wed, 12-Oct-2022 02:44:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonUnique&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1665542699_521b0719f3daffeec547d0164aa69bbfe8614f589c78434364ec387f6aa6fa35&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542700%3Ac%3A1%3Arn%3A313669179%3Arqn%3A3%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665542698599%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542700%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2)

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonUnique&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1665542699_521b0719f3daffeec547d0164aa69bbfe8614f589c78434364ec387f6aa6fa35&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542700%3Ac%3A1%3Arn%3A313669179%3Arqn%3A3%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665542698599%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542700%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonUnique&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1665542699_521b0719f3daffeec547d0164aa69bbfe8614f589c78434364ec387f6aa6fa35&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542700%3Ac%3A1%3Arn%3A313669179%3Arqn%3A3%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665542698599%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542700%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Wed, 12 Oct 2022 02:44:59 GMT
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 12-Oct-2022 02:44:59 GMT
last-modified: Wed, 12-Oct-2022 02:44:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonStepChange&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1665542699_521b0719f3daffeec547d0164aa69bbfe8614f589c78434364ec387f6aa6fa35&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542700%3Ac%3A1%3Arn%3A860855306%3Arqn%3A4%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665542698599%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542700%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonStepChange&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1665542699_521b0719f3daffeec547d0164aa69bbfe8614f589c78434364ec387f6aa6fa35&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542700%3Ac%3A1%3Arn%3A860855306%3Arqn%3A4%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665542698599%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542700%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonStepChange&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1665542699_521b0719f3daffeec547d0164aa69bbfe8614f589c78434364ec387f6aa6fa35&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542700%3Ac%3A1%3Arn%3A860855306%3Arqn%3A4%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665542698599%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542700%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Wed, 12 Oct 2022 02:44:59 GMT
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 12-Oct-2022 02:44:59 GMT
last-modified: Wed, 12-Oct-2022 02:44:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonTaboola&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1665542699_521b0719f3daffeec547d0164aa69bbfe8614f589c78434364ec387f6aa6fa35&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542700%3Ac%3A1%3Arn%3A522735184%3Arqn%3A5%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665542698599%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542700%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2)

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonTaboola&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1665542699_521b0719f3daffeec547d0164aa69bbfe8614f589c78434364ec387f6aa6fa35&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542700%3Ac%3A1%3Arn%3A522735184%3Arqn%3A5%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665542698599%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542700%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonTaboola&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1665542699_521b0719f3daffeec547d0164aa69bbfe8614f589c78434364ec387f6aa6fa35&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A198138161947%3Ahid%3A715678927%3Az%3A0%3Ai%3A20221012024459%3Aet%3A1665542700%3Ac%3A1%3Arn%3A522735184%3Arqn%3A5%3Au%3A166554269929946920%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1665542698599%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665542700%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 41
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Wed, 12 Oct 2022 02:44:59 GMT
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 12-Oct-2022 02:44:59 GMT
last-modified: Wed, 12-Oct-2022 02:44:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
10cea6d2ec2c42fe3c500524bd6d74e3
4600b072d4458c6dc569282cab6666d9cad0cfde
699481077d0f7b60c5353a42d811611b33c833e406b423166dc50db6587b41ba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 357
Cache-Control: max-age=132343
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 02:44:59 GMT
Etag: "63458abd-13a"
Expires: Thu, 13 Oct 2022 15:30:42 GMT
Last-Modified: Tue, 11 Oct 2022 15:24:45 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 314

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
1098d637abd848a3c42e9df43c7db84f
bf9d2baa7f1bdeaa92e8be51c69c503852ac746e
cd759187d05d53073c8725bd60411b9f73b975866c1e0d9a2d2dd54110471f0b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4399
Cache-Control: max-age=145387
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 02:44:59 GMT
Etag: "6345ade7-139"
Expires: Thu, 13 Oct 2022 19:08:06 GMT
Last-Modified: Tue, 11 Oct 2022 17:54:47 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
1098d637abd848a3c42e9df43c7db84f
bf9d2baa7f1bdeaa92e8be51c69c503852ac746e
cd759187d05d53073c8725bd60411b9f73b975866c1e0d9a2d2dd54110471f0b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4399
Cache-Control: max-age=145387
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 02:44:59 GMT
Etag: "6345ade7-139"
Expires: Thu, 13 Oct 2022 19:08:06 GMT
Last-Modified: Tue, 11 Oct 2022 17:54:47 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313

trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.780&type=info&msg=%7B%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22taboola-horizontal-widget%22%2C%22placement%22%3A%22null_null_Horizontal%20widget%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=817&cv=20221011-3-RELEASE&lt=deflated&pct=1

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.780&type=info&msg=%7B%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22taboola-horizontal-widget%22%2C%22placement%22%3A%22null_null_Horizontal%20widget%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=817&cv=20221011-3-RELEASE&lt=deflated&pct=1
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socionicsurvey/log/2/debug?tim=02%3A44%3A59.780&type=info&msg=%7B%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22taboola-horizontal-widget%22%2C%22placement%22%3A%22null_null_Horizontal%20widget%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=817&cv=20221011-3-RELEASE&lt=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 02:44:59 GMT
x-fastly-to-nlb-rtt: 22067
access-control-allow-credentials: true
X-Firefox-Spdy: h2

trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.783&type=error&msg=Invalid%20container%20provided%20for%20request%20null_null_Below%20Article%20-%20360x640%20(null)!&llvl=2&id=5127&cv=20221011-3-RELEASE&lt=deflated&pct=1

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.783&type=error&msg=Invalid%20container%20provided%20for%20request%20null_null_Below%20Article%20-%20360x640%20(null)!&llvl=2&id=5127&cv=20221011-3-RELEASE&lt=deflated&pct=1
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socionicsurvey/log/2/debug?tim=02%3A44%3A59.783&type=error&msg=Invalid%20container%20provided%20for%20request%20null_null_Below%20Article%20-%20360x640%20(null)!&llvl=2&id=5127&cv=20221011-3-RELEASE&lt=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 02:44:59 GMT
x-fastly-to-nlb-rtt: 22067
access-control-allow-credentials: true
X-Firefox-Spdy: h2

trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.782&type=info&msg=%7B%22mode%22%3A%22thumbnails-a1%22%2C%22container%22%3A%22taboola-below-article---360x640%22%2C%22placement%22%3A%22null_null_Below%20Article%20-%20360x640%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=602&cv=20221011-3-RELEASE&lt=deflated&pct=1

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.782&type=info&msg=%7B%22mode%22%3A%22thumbnails-a1%22%2C%22container%22%3A%22taboola-below-article---360x640%22%2C%22placement%22%3A%22null_null_Below%20Article%20-%20360x640%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=602&cv=20221011-3-RELEASE&lt=deflated&pct=1
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socionicsurvey/log/2/debug?tim=02%3A44%3A59.782&type=info&msg=%7B%22mode%22%3A%22thumbnails-a1%22%2C%22container%22%3A%22taboola-below-article---360x640%22%2C%22placement%22%3A%22null_null_Below%20Article%20-%20360x640%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=602&cv=20221011-3-RELEASE&lt=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 02:44:59 GMT
x-fastly-to-nlb-rtt: 22067
access-control-allow-credentials: true
X-Firefox-Spdy: h2

trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.782&type=error&msg=Didn%27t%20manage%20to%20find%20TRC%20container%20for%20R-Box%20with%20ID%20taboola-below-article---360x640%20(retry%3D1)%20(Document%20is%20Ready)!&llvl=2&id=6675&cv=20221011-3-RELEASE&lt=deflated&pct=1

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.782&type=error&msg=Didn%27t%20manage%20to%20find%20TRC%20container%20for%20R-Box%20with%20ID%20taboola-below-article---360x640%20(retry%3D1)%20(Document%20is%20Ready)!&llvl=2&id=6675&cv=20221011-3-RELEASE&lt=deflated&pct=1
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socionicsurvey/log/2/debug?tim=02%3A44%3A59.782&type=error&msg=Didn%27t%20manage%20to%20find%20TRC%20container%20for%20R-Box%20with%20ID%20taboola-below-article---360x640%20(retry%3D1)%20(Document%20is%20Ready)!&llvl=2&id=6675&cv=20221011-3-RELEASE&lt=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 02:44:59 GMT
x-fastly-to-nlb-rtt: 22067
access-control-allow-credentials: true
X-Firefox-Spdy: h2

trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.786&type=info&msg=null_null_Horizontal%20widget%20thumbnails-a&llvl=2&id=9567&cv=20221011-3-RELEASE&lt=deflated&pct=1

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A44%3A59.786&type=info&msg=null_null_Horizontal%20widget%20thumbnails-a&llvl=2&id=9567&cv=20221011-3-RELEASE&lt=deflated&pct=1
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socionicsurvey/log/2/debug?tim=02%3A44%3A59.786&type=info&msg=null_null_Horizontal%20widget%20thumbnails-a&llvl=2&id=9567&cv=20221011-3-RELEASE&lt=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 02:44:59 GMT
x-fastly-to-nlb-rtt: 22067
access-control-allow-credentials: true
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.2.146

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:59 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://dollarsurvey.site
server-processing-duration-in-ticks: 235933
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=rtus&domain=dollarsurvey.site&sn=FirefoxSyncframe&so=0&topUrl=dollarsurvey.site&idsd=-449763723,590345487&cw=1&rtusCallerId=72&lsw=1

178.250.2.146

200 OK

589 B

URL HTTP/2
gum.criteo.com/sid/json?origin=rtus&domain=dollarsurvey.site&sn=FirefoxSyncframe&so=0&topUrl=dollarsurvey.site&idsd=-449763723,590345487&cw=1&rtusCallerId=72&lsw=1
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type
data
Size
589 B (589 bytes)
Hash
03ca1477bca660447d177365f628365e
fc4548c25c742e370dd3c7e4be010646ca0872ed
00afe28c9c1d0d6563994b5bddb424647b94f9b83e42424bc54a2885fd810257

HTTP Headers

GET /sid/json?origin=rtus&domain=dollarsurvey.site&sn=FirefoxSyncframe&so=0&topUrl=dollarsurvey.site&idsd=-449763723,590345487&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:59 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 813987
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.2.146

200 OK

8.8 kB

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type
data
Size
8.8 kB (8807 bytes)
Hash
2cad38e0fc41eb0c97ed67c53e039ed0
d6b312f6a659ab28b95fdb6c6f05731db29d7232
b27c3dd3b22869e8083c6f38fa7d5bd74bd9bf4d7a1bb924081bae415fb83beb

HTTP Headers

GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-crto-bundle: wwCGdl9KQzQ1cllHUkRPdGsxeTBaT0slMkZISHdsYk5wV0lNWUxYb0ZxY0lXaVdaYTdjTlBWRVNqRU03eHQ3NDJzJTJGTzZvRWc3SEFTJTJCaVdpZzBwYlEwbTglMkJMTHAwTVQ3JTJGR3hmbFhTNlJ4TmolMkZPU3FIenNYMDBNQUVkOHFKRkN2eGZxZkJjYQ
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:59 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://dollarsurvey.site
server-processing-duration-in-ticks: 558812
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/cta-component.20221011-3-RELEASE.es6.js

151.101.85.44

200 OK

5.1 kB

URL HTTP/2
cdn.taboola.com/libtrc/cta-component.20221011-3-RELEASE.es6.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (18924)
Size
5.1 kB (5107 bytes)
Hash
d5f401ce895335f671dfa6f968a81b29
4de4e15a499c20e17157011200554c37d4964a14
3aaa909311f9c64dd7fd616aa0fcda7d126ffcb2580e8e1db8d2cddb8e43d287

HTTP Headers

GET /libtrc/cta-component.20221011-3-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: pqCqjxCCQLP230tAqJhTPyTrLoe1DTSX3t+1YjDEKiV7TWKoutXUUOat3VIqyw+1e19DSRXAy9A=
x-amz-request-id: 2KBQD05YQ8WG57FN
x-amz-replication-status: PENDING
last-modified: Tue, 11 Oct 2022 09:41:55 GMT
etag: "0fa2c82c025b3b4ce5604f0d02a382e2"
x-amz-version-id: N.uJNX1Nblx5S251gtog2uzPHsNfSkbe
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:00 GMT
via: 1.1 varnish
age: 109
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 13
x-timer: S1665542700.153358,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 90
content-length: 5107
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/userx.20221011-3-RELEASE.es6.js

151.101.85.44

200 OK

5.4 kB

URL HTTP/2
cdn.taboola.com/libtrc/userx.20221011-3-RELEASE.es6.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (17842)
Size
5.4 kB (5397 bytes)
Hash
e52770468f1f57204a197f23364e3fd0
cd97dba997a43b083376a97c3fc65937640b52d3
79a34d0efccd9520bcddba2a23c4fc922e0fabf9806548321a26d8cefd0b8de4

HTTP Headers

GET /libtrc/userx.20221011-3-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: OVw254wsJm+/PWJziUsyHAi/ivfkXBY/awQMmT/MSyxbFIJrVCAF47Rwi+d/sYARP1NjPxHIMDE=
x-amz-request-id: W5N111336Q30J70D
x-amz-replication-status: PENDING
last-modified: Tue, 11 Oct 2022 09:44:50 GMT
etag: "3db642fd6c3b5dd9c7c95bf6fc322b32"
x-amz-version-id: rWKcoVut7Sw6cwSqB8N0ywklNQ9bMqmy
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:00 GMT
via: 1.1 varnish
age: 48
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1665542700.156147,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 90
content-length: 5397
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02e26884c90889b03fd16000effc1dc0.png

151.101.85.44

200 OK

14 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02e26884c90889b03fd16000effc1dc0.png
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
14 kB (13628 bytes)
Hash
c8def74edf56fa3d3c427bb80e27230f
6a3e38708bf30213c54653eb4b8fde2835f91a1d
4a8241f568ef8fa6c3b5fb01def9efc8ac91b8cfdc46affb6ddb06e324822b5c

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02e26884c90889b03fd16000effc1dc0.png HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 479142153463951060290559008463975251262,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 479142153463951060290559008463975251262,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
etag: "19473153f1d7c2201c59d6029bfbc0e0"
last-modified: Sat, 10 Sep 2022 16:47:47 GMT
req-referer: https://downsub.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 3fa80322cccdce3641bec4589e59ff86
x-envoy-upstream-service-time: 216
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:00 GMT
age: 1781295
x-served-by: cache-iad-kcgs7200051-IAD, cache-iad-kiad7000111-IAD, cache-bur-kbur8200139-BUR, cache-iad-kiad7000054-IAD, cache-bma1634-BMA
x-cache: MISS, MISS, HIT, HIT, HIT
x-cache-hits: 0, 0, 1, 70, 1
x-timer: S1665542700.183692,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02e26884c90889b03fd16000effc1dc0.png
x-vcl-time-ms: 1
content-length: 13628
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/06f7278fa62b6144804d5be021acf170.png

151.101.85.44

200 OK

14 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/06f7278fa62b6144804d5be021acf170.png
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
14 kB (14528 bytes)
Hash
681fe3a7a12a1e84d11b6517e929cb3b
1b47bba53171ae9f1f1bf14debf627e48fdc153b
86e4d99f3d6cebc75f2fd79cf440f6a2c119d2b29b5e0f68ed6e18a422d24152

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/06f7278fa62b6144804d5be021acf170.png HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 613637382407036299374812150783208570766,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 613637382407036299374812150783208570766,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
etag: "8545f0ed2f03d7e359d3bcbcd5eca8e5"
expiration: expiry-date="Mon, 03 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Fri, 02 Sep 2022 21:43:50 GMT
req-referer: https://www.cbssports.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 197
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:00 GMT
age: 2060922
x-served-by: cache-iad-kiad7000045-IAD, cache-iad-kcgs7200076-IAD, cache-lga21976-LGA, cache-iad-kiad7000127-IAD, cache-bma1634-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 80, 1
x-timer: S1665542700.184447,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/06f7278fa62b6144804d5be021acf170.png
x-vcl-time-ms: 1
content-length: 14528
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb64de3a1b23463dafa4e8e888770a4d.jpg

151.101.85.44

200 OK

16 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb64de3a1b23463dafa4e8e888770a4d.jpg
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
16 kB (16160 bytes)
Hash
aed74954e9e38a59318a7bfa802cfd32
c39193be6572e16a62924af0ea9bfcf1c436e1b7
5051f511fb35dd13e0ed7142fe4967d3cbb9517ebd8d8abe0007993b5c444820

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb64de3a1b23463dafa4e8e888770a4d.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 617538624148805437091577135685655576886,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 617538624148805437091577135685655576886,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
etag: "dd9884cd1e4ea758c990df718cb2a9ee"
expiration: expiry-date="Thu, 13 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Mon, 12 Sep 2022 15:38:53 GMT
req-referer: https://www.stiripesurse.ro/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 163
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:00 GMT
age: 761822
x-served-by: cache-iad-kiad7000053-IAD, cache-iad-kiad7000053-IAD, cache-lga21978-LGA, cache-iad-kjyo7100041-IAD, cache-bma1634-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 2, 0, 1, 1
x-timer: S1665542700.218410,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb64de3a1b23463dafa4e8e888770a4d.jpg
x-vcl-time-ms: 1
content-length: 16160
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//xpudn.com/content/178ba017-5bc0-4d33-a24e-ffa2f67fb887

151.101.85.44

200 OK

14 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//xpudn.com/content/178ba017-5bc0-4d33-a24e-ffa2f67fb887
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
14 kB (14138 bytes)
Hash
39bc83abfef68c6e5ad696656aafa90f
1e6c7d08b1ef05aaa35b648927ea748f334271fa
f03906b2b2f29c8013f7948e6f7fd5764355518ce6fee04ecb383b7136ba3846

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//xpudn.com/content/178ba017-5bc0-4d33-a24e-ffa2f67fb887 HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 487509162859825035334305276503381954649,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 487509162859825035334305276503381954649,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
etag: "602ec43ed030410e34068bf779cbcfa0"
last-modified: Mon, 10 Oct 2022 16:11:28 GMT
req-referer: https://weather.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 22310be8a0a3b4c59853eb7afab8845b
x-envoy-upstream-service-time: 917
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:00 GMT
age: 40725
x-served-by: cache-iad-kjyo7100080-IAD, cache-iad-kjyo7100062-IAD, cache-lga21961-LGA, cache-iad-kjyo7100100-IAD, cache-bma1634-BMA
x-cache: MISS, MISS, MISS, MISS, HIT
x-cache-hits: 0, 0, 0, 0, 1
x-timer: S1665542700.220551,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//xpudn.com/content/178ba017-5bc0-4d33-a24e-ffa2f67fb887
x-vcl-time-ms: 1
content-length: 14138
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/173610877__7msUt08q.jpg

151.101.85.44

200 OK

23 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/173610877__7msUt08q.jpg
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
23 kB (22604 bytes)
Hash
14a0d11ee1029e10d46b254244f09c9d
f935685831a3a4fca99fa561943190291e37c876
09a20ac5d6b91fdf30108b0683f229a9a9cc53eb61f9c775f5cf873356a5ca5a

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/173610877__7msUt08q.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 573709734106922532244432970609576566949,351865785165949093008023078421511818851,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 573709734106922532244432970609576566949,351865785165949093008023078421511818851,29ecf9b93bbf306179626feeda1fab70
etag: "3115a0c3e8173d8aa473c3ea22210d15"
last-modified: Sat, 10 Sep 2022 18:26:11 GMT
req-referer: https://www.slavorum.org/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 802ba3f60d29e6bd717754ba8b18eecf
x-envoy-upstream-service-time: 50
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:00 GMT
age: 705023
x-served-by: cache-iad-kcgs7200071-IAD, cache-iad-kiad7000121-IAD, cache-bur-kbur8200117-BUR, cache-iad-kjyo7100152-IAD, cache-bma1634-BMA
x-cache: MISS, MISS, HIT, HIT, HIT
x-cache-hits: 0, 0, 1, 4, 1
x-timer: S1665542700.221989,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/173610877__7msUt08q.jpg
x-vcl-time-ms: 1
content-length: 22604
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//welcomearth.com/wp-content/uploads/2017/08/6.jpg

151.101.85.44

200 OK

35 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//welcomearth.com/wp-content/uploads/2017/08/6.jpg
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
35 kB (35022 bytes)
Hash
5e98f4de47e1c8a4a62e463fc4036bcf
d8d460a436e66442e5063e01cf5314b40c948e51
59d34c080145753c7f71240bd1b15f5a3368112c79eb81c387c1b9a70821b71e

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//welcomearth.com/wp-content/uploads/2017/08/6.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 618195538960333587328545646554847269826,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 618195538960333587328545646554847269826,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
etag: "e7f5c687fdc5d335d7ebd3f9579b531f"
last-modified: Mon, 12 Sep 2022 06:31:26 GMT
req-referer: https://cdn.taboola.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: e0aabd4d12cd3d89f3c701013bdcaf40
x-envoy-upstream-service-time: 312
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:00 GMT
age: 1053160
x-served-by: cache-iad-kcgs7200102-IAD, cache-iad-kiad7000056-IAD, cache-lax10627-LGB, cache-iad-kjyo7100056-IAD, cache-bma1634-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 1, 1
x-timer: S1665542700.222570,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//welcomearth.com/wp-content/uploads/2017/08/6.jpg
x-vcl-time-ms: 1
content-length: 35022
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ec35a9162853f1699ae109e07015c7dd.jpg

151.101.85.44

200 OK

8.9 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ec35a9162853f1699ae109e07015c7dd.jpg
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
8.9 kB (8902 bytes)
Hash
26d237bc2671b733e513cf4f03fcd8a1
47415ce75e98944c8cec40887639b77d991dba04
c5a8f6389f65cfee6ac244c11b5eb301e13fbb6762dbcd0bc6394dd11e05e1bd

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ec35a9162853f1699ae109e07015c7dd.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 492761420122600847896656422066339352138,351865785165949093008023078421511818851,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 492761420122600847896656422066339352138,351865785165949093008023078421511818851,29ecf9b93bbf306179626feeda1fab70
etag: "16f2269c4bc68a29079b1ec39853d050"
last-modified: Sun, 11 Sep 2022 17:04:54 GMT
req-referer: https://cdn.taboola.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: b154805296cc87d8c7684d045ce95536
x-envoy-upstream-service-time: 705
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:00 GMT
age: 419116
x-served-by: cache-iad-kiad7000101-IAD, cache-iad-kjyo7100120-IAD, cache-lax10651-LGB, cache-iad-kcgs7200080-IAD, cache-bma1634-BMA
x-cache: MISS, MISS, MISS, HIT, MISS
x-cache-hits: 0, 0, 0, 19, 0
x-timer: S1665542700.222393,VS0,VE99
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ec35a9162853f1699ae109e07015c7dd.jpg
x-vcl-time-ms: 99
content-length: 8902
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32d896d10bca12361dfdb6614ef8605c.png

151.101.85.44

200 OK

20 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32d896d10bca12361dfdb6614ef8605c.png
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
20 kB (19836 bytes)
Hash
bfd48d8231a3e08ad8f279c8a62d0074
6955f7100a20f030b8ffdb0c57fbf5a5c0e26b81
58ef48d1d472bcfd8631f6d316cc0d683d2c492142f90b49241e9a0639e42543

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32d896d10bca12361dfdb6614ef8605c.png HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 410516585060543877269163269213654228065,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 410516585060543877269163269213654228065,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
etag: "9497f81dea2572aa753feebe9998c242"
last-modified: Thu, 22 Sep 2022 09:17:41 GMT
req-referer: https://horux.cz/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 61f6346359ab05cb644141617e66d3e9
x-envoy-upstream-service-time: 1541
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:00 GMT
age: 1080217
x-served-by: cache-iad-kiad7000078-IAD, cache-iad-kcgs7200150-IAD, cache-bur-kbur8200118-BUR, cache-iad-kcgs7200082-IAD, cache-bma1634-BMA
x-cache: MISS, MISS, MISS, HIT, MISS
x-cache-hits: 0, 0, 0, 23, 0
x-timer: S1665542700.220967,VS0,VE101
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32d896d10bca12361dfdb6614ef8605c.png
x-vcl-time-ms: 101
content-length: 19836
X-Firefox-Spdy: h2

images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//data.whicdn.com/images/350081063/original.jpg

151.101.85.44

200 OK

14 kB

URL HTTP/2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//data.whicdn.com/images/350081063/original.jpg
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
14 kB (14300 bytes)
Hash
6849d47ff78a03bd643828ba5635abfe
bef3ac59f6285fa4d22c2f9b648bc8bece719aec
f2012cd4833b89e7da870dbac6bf915086a45008bad037ae2b4a3d5ce17cb1b9

HTTP Headers

GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//data.whicdn.com/images/350081063/original.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 536375924514896699789240202316692894323,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 536375924514896699789240202316692894323,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
etag: "6e95a81e6a751cc2c2e529eaf4cb416b"
expiration: expiry-date="Mon, 26 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Fri, 26 Aug 2022 18:37:11 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 149
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:00 GMT
age: 2929560
x-served-by: cache-iad-kjyo7100052-IAD, cache-iad-kjyo7100042-IAD, cache-bur-kbur8200122-BUR, cache-iad-kiad7000122-IAD, cache-bma1634-BMA
x-cache: HIT, HIT, HIT, HIT, MISS
x-cache-hits: 1, 1, 1, 130, 0
x-timer: S1665542700.221400,VS0,VE101
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//data.whicdn.com/images/350081063/original.jpg
x-vcl-time-ms: 101
content-length: 14300
X-Firefox-Spdy: h2

il-trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A45%3A00.109&type=info&msg=Finish%20Rendering%20null_null_Horizontal%20widget&llvl=2&id=2637&cv=20221011-3-RELEASE&lt=deflated&pct=1

185.106.33.48

204 No Content

0 B

URL HTTP/2
il-trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A45%3A00.109&type=info&msg=Finish%20Rendering%20null_null_Horizontal%20widget&llvl=2&id=2637&cv=20221011-3-RELEASE&lt=deflated&pct=1
IP
185.106.33.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socionicsurvey/log/2/debug?tim=02%3A45%3A00.109&type=info&msg=Finish%20Rendering%20null_null_Horizontal%20widget&llvl=2&id=2637&cv=20221011-3-RELEASE&lt=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 02:45:00 GMT
x-fastly-to-nlb-rtt: 71713
access-control-allow-credentials: true
X-Firefox-Spdy: h2

il-trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A45%3A00.068&type=info&msg=Start%20Rendering%20null_null_Horizontal%20widget&llvl=2&id=3447&cv=20221011-3-RELEASE&lt=deflated&pct=1

185.106.33.48

204 No Content

0 B

URL HTTP/2
il-trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A45%3A00.068&type=info&msg=Start%20Rendering%20null_null_Horizontal%20widget&llvl=2&id=3447&cv=20221011-3-RELEASE&lt=deflated&pct=1
IP
185.106.33.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socionicsurvey/log/2/debug?tim=02%3A45%3A00.068&type=info&msg=Start%20Rendering%20null_null_Horizontal%20widget&llvl=2&id=3447&cv=20221011-3-RELEASE&lt=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 02:45:00 GMT
x-fastly-to-nlb-rtt: 71713
access-control-allow-credentials: true
X-Firefox-Spdy: h2

il-trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A45%3A00.088&type=info&msg=Finish%20Rendering%20null_null_Horizontal%20widget&llvl=2&id=3863&cv=20221011-3-RELEASE&lt=deflated&pct=1

185.106.33.48

204 No Content

0 B

URL HTTP/2
il-trc-events.taboola.com/socionicsurvey/log/2/debug?tim=02%3A45%3A00.088&type=info&msg=Finish%20Rendering%20null_null_Horizontal%20widget&llvl=2&id=3863&cv=20221011-3-RELEASE&lt=deflated&pct=1
IP
185.106.33.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socionicsurvey/log/2/debug?tim=02%3A45%3A00.088&type=info&msg=Finish%20Rendering%20null_null_Horizontal%20widget&llvl=2&id=3863&cv=20221011-3-RELEASE&lt=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 02:45:00 GMT
x-fastly-to-nlb-rtt: 71713
access-control-allow-credentials: true
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7151
Expires: Wed, 12 Oct 2022 04:44:11 GMT
Date: Wed, 12 Oct 2022 02:45:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7151
Expires: Wed, 12 Oct 2022 04:44:11 GMT
Date: Wed, 12 Oct 2022 02:45:00 GMT
Connection: keep-alive

ag.gbc.criteo.com/newidsd

178.250.6.118

200 OK

542 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
178.250.6.118:0
ASN
#44788 Criteo SA

File type
data
Size
542 B (542 bytes)
Hash
0f016d7291e5b49e09c9e0674b7a8bcb
27952a5782da61dd4e96f508ac56da8ee5363d8b
bd91825e90045f19ca43d252c35579430ea9fb6002ce83181e42f0ef95dd96ad

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:59 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 130513
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7151
Expires: Wed, 12 Oct 2022 04:44:11 GMT
Date: Wed, 12 Oct 2022 02:45:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece197fe-b9f6-4fd7-9f1f-0167fe4259ce.jpeg

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece197fe-b9f6-4fd7-9f1f-0167fe4259ce.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9359 bytes)
Hash
a262392688d01838edbe02f500679711
f9be0ceee7f5b14e1f17ab938596977cde016e63
f1555b8b9f4363bdae50d426e8601ff5d3d07605259c2e289006e16a10f4b5fb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece197fe-b9f6-4fd7-9f1f-0167fe4259ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9359
x-amzn-requestid: adbd5dff-817b-4fa1-b935-300d7ebb0f3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BPxHtuIAMF5jg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e264-1950f5c44861d16c43b2a71c;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q5RFd5vuloivw1efJ1SlJn1CbJM-4F3zSzeV0b8iodCgy4pG8WcsHQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:48:25 GMT
age: 17795
etag: "f9be0ceee7f5b14e1f17ab938596977cde016e63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11800 bytes)
Hash
6e9aa9808428e5fd81ac9d61d6f7c708
3a8d76badce50dd98938885082dcb6e30363ae88
d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 5f2ce4dd-0df8-4df7-a12d-e6fffd622752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZnTQHGADIAMFXfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f98cd-5044665325e5d64975c1ff0c;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 03:11:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZKsi1hYgZdJQNWpphaMVLfpg69dC93J575Y2RsOzFV3ZzBb6x-nrew==
via: 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:42:26 GMT
age: 18154
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5252 bytes)
Hash
4f78379e6bde371b492c950402bcc39e
53a7502d8932c515aa09055c5cf8f2d2242e4398
241016bbd3cebc009f63dff2773c1c7fdb68fa941ab62b368d5e023b9155fa37

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5252
x-amzn-requestid: b4ef9c4f-7ca4-42c9-a928-b0b8aa3cc695
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BUaEtBoAMF8Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e282-455619be605fa91977c66df7;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:39:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: u8SRxkVzSO3pnQB_FibQBfwzvJ2uiT9YQzQI4_ZVMxgdED9Zsir8qQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:09:04 GMT
age: 16556
etag: "53a7502d8932c515aa09055c5cf8f2d2242e4398"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd963da4f-2224-4a6b-870c-5a00d4eeea55.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6391 bytes)
Hash
695b6d44466cc04c8a285331df94e54d
da11e5b4d9a5f744d41b868ab2b214d4eed5ae61
d4238fc77feff12cc6b2affe91b69cab59d54432d664b2bcd9fda46b229a46c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd963da4f-2224-4a6b-870c-5a00d4eeea55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6391
x-amzn-requestid: e102aa4b-a49b-410a-8e7d-a4b0c199527f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3B7fEIEoAMFi2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e37c-166ba51a39a11397074a990c;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:43:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _SU9U-oPxR9eP_v2NEhokLeiaS7pwa-2aoFNCDbD-59eSlCF73r29w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:48:37 GMT
etag: "da11e5b4d9a5f744d41b868ab2b214d4eed5ae61"
content-type: image/jpeg
age: 17783
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5dcf5ef-7db7-4ea1-94ab-4f64163898dc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6504 bytes)
Hash
c44735cb9a0eba8f445262a24c9cc478
ef570c9938890ec942e4786cc549d687cb8a2e95
5974dbdba95af9dbaeb5ef6ff4a2e045e88482987c296e6afba5381b14da9600

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5dcf5ef-7db7-4ea1-94ab-4f64163898dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6504
x-amzn-requestid: 21151bfb-93e7-485c-9ab3-13b7439e09ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3B7uE1iIAMFnww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e37e-54087c9c7a4b72962bf78531;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vINWu8ABGbLR_tD2eMQaKXFxdY34qMkAQIpOvNq5qchVYpLetmPzqw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:09:04 GMT
etag: "ef570c9938890ec942e4786cc549d687cb8a2e95"
content-type: image/jpeg
age: 16556
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b27843b-6db3-4814-9994-17e045a63aa0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8672 bytes)
Hash
11e980738145ef210c79c53661250c69
582b175bb7906f1172f0b57ba35bb2b852354191
f6ca02d3b0be808254383577ebf224ab3ca4b30b7d9444a3e2350bab5f32b4ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b27843b-6db3-4814-9994-17e045a63aa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8672
x-amzn-requestid: 047fc0d0-4b2a-4a36-b8b3-84694166b941
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3AlJGwPIAMFc6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e153-1c4105347211bfc94955ddd4;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U2o0vdvzMkBZ_Ctl5xj2BCBPReopRlewWlkYgywFbavP3sjTf99TxQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:48:15 GMT
age: 17805
etag: "582b175bb7906f1172f0b57ba35bb2b852354191"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png

151.101.85.44

200 OK

254 B

URL HTTP/2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Size
254 B (254 bytes)
Hash
dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

HTTP Headers

GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:01 GMT
via: 1.1 varnish
age: 11630
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 321
x-timer: S1665542701.212228,VS0,VE0
cache-control: private,max-age=31536000
abp: 90
content-length: 254
X-Firefox-Spdy: h2

trc.taboola.com/socionicsurvey/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1

151.101.85.44

204 No Content

0 B

URL HTTP/2
trc.taboola.com/socionicsurvey/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /socionicsurvey/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 5676
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:01 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1665542701.176342,VS0,VE83
x-vcl-time-ms: 83
X-Firefox-Spdy: h2

trc.taboola.com/socionicsurvey/log/3/visible?route=AM%3AIL%3AV&lti=deflated

151.101.85.44

204 No Content

0 B

URL HTTP/2
trc.taboola.com/socionicsurvey/log/3/visible?route=AM%3AIL%3AV&lti=deflated
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /socionicsurvey/log/3/visible?route=AM%3AIL%3AV&lti=deflated HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 8185
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:01 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1665542701.184814,VS0,VE94
x-vcl-time-ms: 94
X-Firefox-Spdy: h2

cdn.taboola.com/scripts/cds-pips.js

151.101.85.44

200 OK

923 B

URL HTTP/2
cdn.taboola.com/scripts/cds-pips.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2312), with no line terminators
Size
923 B (923 bytes)
Hash
26cdd3fcc80c31abb5e56a5be502737e
a6a67fd2591deaa331e11376972b2dd06616242a
ac58c61fa356670a0b14838061e474db061cc73d27cd8495d6a80499e1ec340e

HTTP Headers

GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: w6fgNIMZM2fENM2mjLHAxJhEvZ7OhJ+orh5+d/mAuz+tqM7fgRp+7Y73K8+rKM3qB+G/FeTtVqo=
x-amz-request-id: 158FK1E03H5TYFXQ
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Sep 2022 14:11:45 GMT
etag: "8cbcf8a5c724c32aa9be09d14a4c624d"
x-amz-version-id: NrP0zRqJgdqCAFOGjLJOgaX1BFZQx8TJ
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:02 GMT
via: 1.1 varnish
age: 2485
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 701
x-timer: S1665542702.128904,VS0,VE0
vary: Accept-Encoding
abp: 90
cache-control: private, max-age=3600
content-length: 923
X-Firefox-Spdy: h2

pips.taboola.com/

151.101.85.44

200 OK

4 B

URL HTTP/2
pips.taboola.com/
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

HTTP Headers

GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://dollarsurvey.site
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2

cds.taboola.com/?uid=c12b1048-5501-402c-a15d-e14d681e1fc3-tucta3fafab

141.226.224.32

204 No Content

0 B

URL HTTP/2
cds.taboola.com/?uid=c12b1048-5501-402c-a15d-e14d681e1fc3-tucta3fafab
IP
141.226.224.32:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?uid=c12b1048-5501-402c-a15d-e14d681e1fc3-tucta3fafab HTTP/1.1
Host: cds.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 12 Oct 2022 02:45:02 GMT
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2

dollarsurvey.site/js/taboola.js

104.26.2.231

200 OK

0 B

URL HTTP/2
dollarsurvey.site/js/taboola.js
IP
104.26.2.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/taboola.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:58 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 11:44:07 GMT
vary: Accept-Encoding
etag: W/"63440587-55a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUm%2B3VdaQ7%2BFV3RSyPiwailvcP0%2FNrxk2G08ZyXCCq2wm5ci77AFzaoBOim1X4LypHvBBGu%2FYhMTExGxVbsJQ5SazU0t%2BU6BF4m9QH0D5dHbZoZLQ8VErJ1eeOK5NveW3YqB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 758c7f29a8a21bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

dollarsurvey.site/js/survey.js?v=14

104.26.2.231

200 OK

0 B

URL HTTP/2
dollarsurvey.site/js/survey.js?v=14
IP
104.26.2.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/survey.js?v=14 HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:58 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 11:44:07 GMT
vary: Accept-Encoding
etag: W/"63440587-4a5a2"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gei9XZ6XIxxFC1WWSq06rQsfoqGH2jNtZmOoDQNe2%2FBwvOIeFb1X9ML2OkNrhn2Xs3P7lIDBE7869bJ0pOlvtHU1cGlVbwDBxBjDNrcASDU4DAGWm%2BpznB1UjyOp6xPGCMJT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 758c7f29a8a11bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

dollarsurvey.site/js/dict/cookie-consent-1.json?v=1

104.26.2.231

200 OK

0 B

URL HTTP/2
dollarsurvey.site/js/dict/cookie-consent-1.json?v=1
IP
104.26.2.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/dict/cookie-consent-1.json?v=1 HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:58 GMT
content-type: application/json
last-modified: Mon, 10 Oct 2022 11:44:07 GMT
vary: Accept-Encoding
etag: W/"63440587-168d"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihKpS0umA8HyX%2Bt0e8h2DGz5MstnOfon3aAQGALkeDwyPqaeZVbCS0dmZj9DlOhVQsUEwRd6ILEIvlCj5vJNHIR%2BGPNDLEXl39qNRStMTmOU3k8XZjoaDJIwG1wV5ewJC%2FHg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 758c7f2c498a1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

dollarsurvey.site/favicon.ico

104.26.2.231

200 OK

0 B

URL HTTP/2
dollarsurvey.site/favicon.ico
IP
104.26.2.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:59 GMT
content-type: image/x-icon
last-modified: Mon, 10 Oct 2022 11:44:07 GMT
etag: W/"63440587-47e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5LbbIHPulG24zLXpsDBKKnLvZfGunMDsGkJUi3dgADh29XywHamcplJVJ4BSzTbmjlOwUtnNd3N9LOZZock%2Bdav9ku%2Bpph3AUX7zEImkv1CckB0VSJYR99SaH63CDURF4zr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 758c7f2d69ca1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

dollarsurvey.site/captcha1.html

104.26.2.231

200 OK

0 B

URL HTTP/2
dollarsurvey.site/captcha1.html
IP
104.26.2.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /captcha1.html HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:58 GMT
content-type: text/html
last-modified: Mon, 10 Oct 2022 11:44:07 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RNohzR3%2Fsscsjn9Y9JIsnh0r9TcTywYAuRCCAEWoSb1GbyhQ05KFe3wM%2FaoH%2Bye3GCi0fHR7AmKZrwvEaIMPIqC%2FJ5Nj18xAjmim%2BCxkZZ7KUT27jyBe0j1BkY01vDdPgPc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 758c7f2848311bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

dollarsurvey.site/js/config.js?v=8

104.26.2.231

200 OK

0 B

URL HTTP/2
dollarsurvey.site/js/config.js?v=8
IP
104.26.2.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/config.js?v=8 HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:58 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 11:44:07 GMT
vary: Accept-Encoding
etag: W/"63440587-1085d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoPAnouFXOaWyh5C36YgFhYCBxpW4OXJKTk3qPLY72l%2B9zh3ZvUrOc1BG3q%2FxzDOHOkcT5LKbUO8TqjKin7KSyUBg2oIoxuO%2BhHUQjQAHk%2BUXDlyq8WktdS7HzG8juB9nG4Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 758c7f2998961bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.2.146

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:58 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 480339
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

dollarsurvey.site/js/data/_global-config-sd.js?v=3

104.26.2.231

200 OK

0 B

URL HTTP/2
dollarsurvey.site/js/data/_global-config-sd.js?v=3
IP
104.26.2.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/data/_global-config-sd.js?v=3 HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:58 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 11:44:07 GMT
etag: W/"63440587-28b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoumV50y3Pa1neRf18OXO8h98cC5JcfGhgIWDllYAnftBRmpSjWpBNSAszN15SqYbQenxl5QOjvkfabkcKrkaXr2NpSwgak%2BbRQWIsAeKUthvMgzB6oEbTdfcEc09%2FPBYRTn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 758c7f2988941bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

dollarsurvey.site/css/survey.css?v=1

104.26.2.231

200 OK

0 B

URL HTTP/2
dollarsurvey.site/css/survey.css?v=1
IP
104.26.2.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/survey.css?v=1 HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:58 GMT
content-type: text/css
last-modified: Mon, 10 Oct 2022 11:44:07 GMT
vary: Accept-Encoding
etag: W/"63440587-4d7b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4P1QDOrYEFgiOUY8xmSthfQz7%2B9o3hGBFmwgSWtbeRd3vNm5DviNSz8YAIv5kVvzAh4mAZemOJIrE4CMHEFFRd83xujOaAUL7UxTa9%2BBXbXUEn6ULIo13t4nu7eUvtsLkit"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 758c7f2998991bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

trc.taboola.com/socionicsurvey/trc/3/json?tim=02%3A44%3A59.788&lti=deflated&data=%7B%22id%22%3A322%2C%22ii%22%3A%22%2Fcaptcha1.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1665481258897%2C%22vi%22%3A1665542699785%2C%22cv%22%3A%2220221011-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2%22%2C%22vpi%22%3A%22%2Fcaptcha1.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A939%2C%22qs%22%3A%22%3Futm_content%3Dzd_public_v2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A9%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22null_null_Horizontal%20widget%22%2C%22orig_uip%22%3A%22null_null_Horizontal%20widget%22%2C%22cd%22%3A389%2C%22mw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fcaptcha1.html%2Cnull_null_Horizontal%20widget%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2

151.101.85.44

200 OK

0 B

URL HTTP/2
trc.taboola.com/socionicsurvey/trc/3/json?tim=02%3A44%3A59.788&lti=deflated&data=%7B%22id%22%3A322%2C%22ii%22%3A%22%2Fcaptcha1.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1665481258897%2C%22vi%22%3A1665542699785%2C%22cv%22%3A%2220221011-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2%22%2C%22vpi%22%3A%22%2Fcaptcha1.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A939%2C%22qs%22%3A%22%3Futm_content%3Dzd_public_v2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A9%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22null_null_Horizontal%20widget%22%2C%22orig_uip%22%3A%22null_null_Horizontal%20widget%22%2C%22cd%22%3A389%2C%22mw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fcaptcha1.html%2Cnull_null_Horizontal%20widget%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /socionicsurvey/trc/3/json?tim=02%3A44%3A59.788&lti=deflated&data=%7B%22id%22%3A322%2C%22ii%22%3A%22%2Fcaptcha1.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1665481258897%2C%22vi%22%3A1665542699785%2C%22cv%22%3A%2220221011-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2%22%2C%22vpi%22%3A%22%2Fcaptcha1.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A939%2C%22qs%22%3A%22%3Futm_content%3Dzd_public_v2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A9%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22null_null_Horizontal%20widget%22%2C%22orig_uip%22%3A%22null_null_Horizontal%20widget%22%2C%22cd%22%3A389%2C%22mw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fcaptcha1.html%2Cnull_null_Horizontal%20widget%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Oct 2022 02:45:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1665542700.877049,VS0,VE226
vary: Accept-Encoding
x-vcl-time-ms: 226
X-Firefox-Spdy: h2

dollarsurvey.site/js/data/rtc.js?v=1

104.26.2.231

200 OK

0 B

URL HTTP/2
dollarsurvey.site/js/data/rtc.js?v=1
IP
104.26.2.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/data/rtc.js?v=1 HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:58 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 11:44:07 GMT
vary: Accept-Encoding
etag: W/"63440587-3a65"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeiqdPegJRvnucPXAoCpPZy6qAsPCbdAnLs%2BcWy3y72idJD%2B1FU%2B%2B%2BDGCJJK8PvALIEC1pzQeF1DVJS71OlC7JBUx9ACY%2BmworZsH7MsW4uT2lF9X%2BB2xQZj4FJHIiVaOIe4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 758c7f2998951bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

dollarsurvey.site/css/captcha.css

104.26.2.231

200 OK

0 B

URL HTTP/2
dollarsurvey.site/css/captcha.css
IP
104.26.2.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/captcha.css HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 12 Oct 2022 02:44:58 GMT
content-type: text/css
last-modified: Mon, 10 Oct 2022 11:44:07 GMT
vary: Accept-Encoding
etag: W/"63440587-1554"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKXs4XC%2BOu0fNSR1JbIpyt%2BnOdafvvXIz5ZHNMZ5hcHABgyj1K6y275RO8Jcb5DdOGuv8ldc3vVIyKwzDIiz4Ry4%2FqfFnpEWRYHbUvViWAaMsgII0I1bxlRJdo%2BGq20Dqteg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 758c7f29989b1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP