dollarsurvey.site/captcha1.html
104.26.3.231301 Moved Permanently 0 B URL HTTP/1.1 dollarsurvey.site/captcha1.html
IP 104.26.3.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /captcha1.html HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Dec 2022 21:41:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 03 Dec 2022 22:41:37 GMT
Location: https://dollarsurvey.site/captcha1.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXVo7giD8apR5%2F9ZfaetxShZI0b1PjZTjNnDaoyn1oBEbQYeb9xQkThtmUrrK1Vhy4XdY3aQWRrUYoavxw8d2XoEhz%2FzvjWuWvu73dKq%2FisRLvuJL6N4DhZPEtgr1XtpJmZr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773f77aefc06b51b-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13909
Expires: Sun, 04 Dec 2022 01:33:26 GMT
Date: Sat, 03 Dec 2022 21:41:37 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4780
Cache-Control: max-age=137355
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:41:37 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:50:52 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2170
Expires: Sat, 03 Dec 2022 22:17:47 GMT
Date: Sat, 03 Dec 2022 21:41:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 21:18:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1400
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: meg+Zug0iEcGvmXj+ByL7V31I1BN8MlGapLmWRbVhCGoSeAtHIzKvmwzzM5tgVWv2c/UMOx+Jes=
x-amz-request-id: HVED37K0MQDFFXQ3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 20:47:16 GMT
age: 3262
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dollarsurvey.site/js/survey.2.ec66ca79.js
104.26.2.231200 OK 58 kB URL HTTP/2 dollarsurvey.site/js/survey.2.ec66ca79.js
IP 104.26.2.231:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0c7c78c36aaa41a87938f0df10c3d6a1
2232df9aca836e2058592eb313479afd61268929
f25b989fa5f8b95e01b685b7446bf372de80717b0cc21ecb18d0a7f9c64f9800
GET /js/survey.2.ec66ca79.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-33e18"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YOD7cANfa1q5AmhkcdqbFfD2m9bYmn2kqik1U2Yf5G%2B9mDQ2tKDsKCvNARGEY%2B4j%2BeBil1gZy%2BQZ6a4z4fy4J1ADXyKurfyP8QTXTnOi89sZCSPtrq3NY5bk7sqD%2B8aBLob"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b34837b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4161
Expires: Sat, 03 Dec 2022 22:50:59 GMT
Date: Sat, 03 Dec 2022 21:41:38 GMT
Connection: keep-alive
dollarsurvey.site/js/v-_baseIsEqualDeep.js.55ec21e9.js
104.26.2.231200 OK 492 B URL HTTP/2 dollarsurvey.site/js/v-_baseIsEqualDeep.js.55ec21e9.js
IP 104.26.2.231:0
File type ASCII text, with very long lines (720), with no line terminators
Hash 28ac54905cafaa078f1a400a2df15ebe
5d5d3400514e89c7db46150fa4e70c9ae9f4ad81
b82bd53a48494a5f3fb83f3ee1ea3a33193ef5fb1de6b78dc87240b4a34eb653
GET /js/v-_baseIsEqualDeep.js.55ec21e9.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-2d0"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPmYxuAveR21fMtWexNyn4Ns9vZ0uRLteRQcjvaGu3sG%2BUPL5L3HwH%2B84u3oHBin6RyEPO6v4R1LtLnbRZjDkLzxPWyoZ4Y0p76noaumOCR%2BLDfz9TVdMgI1IOovqy3t3r%2BW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1ae01b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 9dcc47ecff01ca8bedb1a23611f1c759
ccdfa9581a91bd27b73f068435624cf2087bc959
e9befab0b34c62457fd35613018637d30447dd9d92631d814b92819caf817a7c
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 21:41:38 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 07 Dec 2022 18:26:06 GMT
ETag: "ccdfa9581a91bd27b73f068435624cf2087bc959"
Last-Modified: Sat, 03 Dec 2022 18:26:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1383
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773f77b54b08b518-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4769
Cache-Control: max-age=132282
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:41:38 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:26:20 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
cdn.taboola.com/libtrc/socionicsurvey/loader.js
151.101.65.44200 OK 21 kB URL HTTP/2 cdn.taboola.com/libtrc/socionicsurvey/loader.js
IP 151.101.65.44:0
File type ASCII text, with very long lines (65508)
Hash f56dfa74d4088f536cee01ba4e5f4487
f1ad433223b663b0e41f6352cfc028b13eb860ad
77d11d2614536cce1849e2638db9bf3c3f94ccf4dd60dadc00241997f0e8e3bf
GET /libtrc/socionicsurvey/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cH33ZRXKG0zQbg5vCpAR2IT9XXdvY/RquDOoQWl+cEO71lXNYvGdeP4jZ/K6vzfnG0GQmDlXmS8=
x-amz-request-id: 02VGBHTAS3QJFAR3
last-modified: Thu, 01 Dec 2022 18:16:50 GMT
etag: "a047eb23fa1483cd345320e1f182aa14"
x-amz-version-id: qRi9NYxxoBkkI_3SN4iwa2b.Dejj5fIv
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:38 GMT
via: 1.1 varnish
age: 93
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1670103699.729068,VS0,VE0
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 84
content-length: 21410
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73266
date: Sat, 03 Dec 2022 21:41:38 GMT
access-control-allow-origin: *
etag: "6388ac0c-11e32"
expires: Sat, 03 Dec 2022 22:41:38 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20221201-24-RELEASE.js
151.101.65.44200 OK 147 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221201-24-RELEASE.js
IP 151.101.65.44:0
File type ASCII text, with very long lines (65508)
Size 147 kB (146699 bytes)
Hash 385cfb682512980cfe2f08fd62b6fb64
919642ed4b5417f290135254ad4111ebd8e2aa43
65c97a5cb9fd3d92e790d93891cdbca0ebe7ca98d603a131d830a8d47db41e3a
GET /libtrc/impl.20221201-24-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: rFDrDFdl4BZ4eIl3PtktQYpAVy1RE6POaQ9eRZxo+xxAX1n6SMNyHhkN5nza1KCxHfcBpzMAfto=
x-amz-request-id: PDD8ANKXRASKG9HN
last-modified: Thu, 01 Dec 2022 17:45:55 GMT
etag: "385cfb682512980cfe2f08fd62b6fb64"
content-encoding: br
x-amz-version-id: ofIXx6LEWRAEtEe5ALtgmKE0Y_JueXHu
content-type: application/javascript
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:38 GMT
via: 1.1 varnish
age: 13945
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 10305
x-timer: S1670103699.892316,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 15
server: AmazonS3-br
content-length: 146699
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.213.140.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.140.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9WDp3lvRU48ZgI5E5Qpy7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6GL646oRjAJxNpJ9OZA0Jk9u9uY=
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A152%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214136%3Aet%3A1670103697%3Ac%3A1%3Arn%3A284814604%3Arqn%3A1%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C52%2C1%2C%2C0%2C%2C59%2C2%2C%2C%2C%2C196%3Aco%3A0%3Ans%3A1670103696185%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A152%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214136%3Aet%3A1670103697%3Ac%3A1%3Arn%3A284814604%3Arqn%3A1%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C52%2C1%2C%2C0%2C%2C59%2C2%2C%2C%2C%2C196%3Aco%3A0%3Ans%3A1670103696185%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash a7367aba3da0ac43359cd205d2b55d58
cdb97722aadce1fa4fe45d8795b3b243bee9c945
b48b727406386b9e29e8b82a60875375b99b292cf5556a67d3336849f5c7318e
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A152%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214136%3Aet%3A1670103697%3Ac%3A1%3Arn%3A284814604%3Arqn%3A1%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C52%2C1%2C%2C0%2C%2C59%2C2%2C%2C%2C%2C196%3Aco%3A0%3Ans%3A1670103696185%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A152%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214136%3Aet%3A1670103697%3Ac%3A1%3Arn%3A284814604%3Arqn%3A1%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C52%2C1%2C%2C0%2C%2C59%2C2%2C%2C%2C%2C196%3Aco%3A0%3Ans%3A1670103696185%3Anp%3ATGludXggeDg2XzY0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sat, 03 Dec 2022 21:41:39 GMT
access-control-allow-origin: https://dollarsurvey.site
set-cookie: yabs-sid=297025141670103699; Path=/; SameSite=None; Secure
i=ewaaKxkVqqMZ8IOHWP79AorqUy9UzkRg1vyAdZNg24TSZ1lzmwY0VUq8joodx7HtGH5Gr7LHXhmUMhFJCku2GxuWAJw=; Expires=Tue, 30-Nov-2032 21:41:26 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=8222600501670103699; Expires=Sun, 03-Dec-2023 21:41:39 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8222600501670103699; Expires=Sun, 03-Dec-2023 21:41:39 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701639699.yc.1670103699#1701639699.yrts.1670103699#1701639699.yrtsi.1670103699; Expires=Sun, 03-Dec-2023 21:41:39 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Dec-2022 21:41:39 GMT
last-modified: Sat, 03-Dec-2022 21:41:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 03 Dec 2022 21:41:39 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Sat, 03 Dec 2022 22:41:39 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dollarsurvey.site/js/rtc.8ca42e15.js
104.26.2.231200 OK 4.8 kB URL HTTP/2 dollarsurvey.site/js/rtc.8ca42e15.js
IP 104.26.2.231:0
File type ASCII text, with very long lines (10708), with no line terminators
Hash 3dc546c1f9b920d25ab68377605ca5ce
ba20d76783ea0b94d711069071e5470ee555a914
c76ad4c2f6a1cdc155e8b0f5b96b53e29873aceb1c50e8d5b5b081c10c1572ec
GET /js/rtc.8ca42e15.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-29d4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyw5hwMUfIWJCQToihtiqisuQ54ISZCk%2BUPo%2BhCqpQKiIA1G0jrs1NxPVwRv7sWZeZKfDCCsmpe82skQgxiM6JiqUZtZaWzHPWDWk7RGGtlcm7BzpE01Vir%2FmkIIayqiKHz3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1ade1b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
trc-events.taboola.com/socionicsurvey/log/2/debug?tim=21%3A41%3A36.977&type=usage&msg=rtus&llvl=2&id=5199&cv=20221201-24-RELEASE<=deflated&uuid=7d6b43a229d83f13984fb9cd4143e666af963a301ead4aa1335bd07e24be4b6c&dcc=1&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/socionicsurvey/log/2/debug?tim=21%3A41%3A36.977&type=usage&msg=rtus&llvl=2&id=5199&cv=20221201-24-RELEASE<=deflated&uuid=7d6b43a229d83f13984fb9cd4143e666af963a301ead4aa1335bd07e24be4b6c&dcc=1&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socionicsurvey/log/2/debug?tim=21%3A41%3A36.977&type=usage&msg=rtus&llvl=2&id=5199&cv=20221201-24-RELEASE<=deflated&uuid=7d6b43a229d83f13984fb9cd4143e666af963a301ead4aa1335bd07e24be4b6c&dcc=1&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 03 Dec 2022 21:41:39 GMT
x-fastly-to-nlb-rtt: 22392
access-control-allow-credentials: true
X-Firefox-Spdy: h2
dollarsurvey.site/js/config/dict/cookie-consent-1.json?v=10
104.26.2.231200 OK 2.6 kB URL HTTP/2 dollarsurvey.site/js/config/dict/cookie-consent-1.json?v=10
IP 104.26.2.231:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text
Hash 7b9e9fb61a0a166f66f96b86e61c1440
e0248a58b6361542382f2712e3394c975caf2df2
c81b612bbb5e1fd7d24be9b340014dd7eee14466dc55a0a7ecf520352ee5eb8b
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/json
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-1760"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYavgQlIL5Qjfv1TX%2ByTtYL4QHRpP7iOCvZ%2BpTB%2BwPk%2FxNobAsOulhExCPScKetotWYwN5CvQf3F%2Fox7H9EOKZTBwZuyMja0tZJd%2BOkTsYsAumNEe9I6pl1SGgLKLB6ML3Rd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b3e912b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonStepChange&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670103699_8a8c9e4364579a8e3085950adde7dfcd6837fc9bcacde0de28fdca2146e50132&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214137%3Aet%3A1670103697%3Ac%3A1%3Arn%3A139543806%3Arqn%3A4%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670103696185%3Anp%3ATGludXggeDg2XzY0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonStepChange&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670103699_8a8c9e4364579a8e3085950adde7dfcd6837fc9bcacde0de28fdca2146e50132&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214137%3Aet%3A1670103697%3Ac%3A1%3Arn%3A139543806%3Arqn%3A4%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670103696185%3Anp%3ATGludXggeDg2XzY0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonStepChange&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670103699_8a8c9e4364579a8e3085950adde7dfcd6837fc9bcacde0de28fdca2146e50132&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214137%3Aet%3A1670103697%3Ac%3A1%3Arn%3A139543806%3Arqn%3A4%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670103696185%3Anp%3ATGludXggeDg2XzY0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)rqnt(4)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 03 Dec 2022 21:41:39 GMT
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Dec-2022 21:41:39 GMT
last-modified: Sat, 03-Dec-2022 21:41:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonUnique&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670103699_8a8c9e4364579a8e3085950adde7dfcd6837fc9bcacde0de28fdca2146e50132&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214137%3Aet%3A1670103697%3Ac%3A1%3Arn%3A611445352%3Arqn%3A3%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670103696185%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonUnique&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670103699_8a8c9e4364579a8e3085950adde7dfcd6837fc9bcacde0de28fdca2146e50132&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214137%3Aet%3A1670103697%3Ac%3A1%3Arn%3A611445352%3Arqn%3A3%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670103696185%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonUnique&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670103699_8a8c9e4364579a8e3085950adde7dfcd6837fc9bcacde0de28fdca2146e50132&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214137%3Aet%3A1670103697%3Ac%3A1%3Arn%3A611445352%3Arqn%3A3%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670103696185%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)rqnt(3)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 37
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 03 Dec 2022 21:41:39 GMT
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Dec-2022 21:41:39 GMT
last-modified: Sat, 03-Dec-2022 21:41:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonTaboola&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670103699_8a8c9e4364579a8e3085950adde7dfcd6837fc9bcacde0de28fdca2146e50132&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214137%3Aet%3A1670103697%3Ac%3A1%3Arn%3A939368017%3Arqn%3A5%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670103696185%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonTaboola&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670103699_8a8c9e4364579a8e3085950adde7dfcd6837fc9bcacde0de28fdca2146e50132&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214137%3Aet%3A1670103697%3Ac%3A1%3Arn%3A939368017%3Arqn%3A5%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670103696185%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.site%2FonTaboola&page-ref=https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2&charset=utf-8&hittoken=1670103699_8a8c9e4364579a8e3085950adde7dfcd6837fc9bcacde0de28fdca2146e50132&browser-info=ar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1127539472096%3Ahid%3A708900673%3Az%3A0%3Ai%3A20221203214137%3Aet%3A1670103697%3Ac%3A1%3Arn%3A939368017%3Arqn%3A5%3Au%3A1670103697119759879%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1670103696185%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670103697%3At%3AConfirm%20you%E2%80%99re%20not%20a%20robot&t=gdpr(14)mc(g-4)clc(0-0-0)rqnt(5)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 41
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 03 Dec 2022 21:41:39 GMT
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Dec-2022 21:41:39 GMT
last-modified: Sat, 03-Dec-2022 21:41:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9e9c5381eccb8d6924c2d11a30fed97f
666527f800c563be45bc7a2f5cfab8196f541187
cf89082d1df3adfe44fd5d909555333f4f264dd5a12bbc096ff846df9c663dc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4643
Cache-Control: max-age=163145
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:41:39 GMT
Etag: "638b8ab9-139"
Expires: Mon, 05 Dec 2022 19:00:44 GMT
Last-Modified: Sat, 03 Dec 2022 17:43:21 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 14 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
File type C source, ASCII text, with very long lines (29462)
Hash 697a0bba07553f2e7379311464981640
40ac4cabab851af3ad393d0b902bc5347cf92c76
af25591d45b1b911ce30adfcd9836a514f61402a7fdb5dd11e5dbf9873a51ef3
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 635230
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash ea3d8fb16cfb8d3abf79bcd96048cd94
fe5de8bf7cc10ee75c747dd6e18616161ef2fc81
a91b38575d80c30d9c5e87ee9b2e6f42e261cdab08e3180d4baf904dcfca5f51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:41:39 GMT
Last-Modified: Sat, 03 Dec 2022 20:22:28 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash ea3d8fb16cfb8d3abf79bcd96048cd94
fe5de8bf7cc10ee75c747dd6e18616161ef2fc81
a91b38575d80c30d9c5e87ee9b2e6f42e261cdab08e3180d4baf904dcfca5f51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:41:39 GMT
Last-Modified: Sat, 03 Dec 2022 20:22:28 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:39 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://dollarsurvey.site
server-processing-duration-in-ticks: 572544
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2ce5d9cfcd23b826b8a5435919189552
d58950f43fcc78e160c2673fc4f85bac527f11a3
02374dd5a7c2ef46d67b6585be922d3b8885c96caa52a2e175b3c4b6051a5c47
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4516
Cache-Control: max-age=125556
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:41:39 GMT
Etag: "638af863-139"
Expires: Mon, 05 Dec 2022 08:34:15 GMT
Last-Modified: Sat, 03 Dec 2022 07:18:59 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/sid/json?origin=rtus&domain=dollarsurvey.site&sn=FirefoxSyncframe&so=0&topUrl=dollarsurvey.site&info=xByv4F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVxZ25HZExRbnd3UnhBZ3JKUWh0JTJCQlB0c2VGYldBayUyRk9sNWp2cmxnOUxl&idsd=-2144303242,1664113103&cw=1&rtusCallerId=72&lsw=1
178.250.2.146200 OK 311 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=dollarsurvey.site&sn=FirefoxSyncframe&so=0&topUrl=dollarsurvey.site&info=xByv4F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVxZ25HZExRbnd3UnhBZ3JKUWh0JTJCQlB0c2VGYldBayUyRk9sNWp2cmxnOUxl&idsd=-2144303242,1664113103&cw=1&rtusCallerId=72&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (387), with no line terminators
Hash 9d8a4b8a443ba6ed4ebde3187e839001
bf66ffae32937c9536bf66512ddd195ec3d82762
708a369af4738dfaaabc093b4816c0821286f0e39f2c61ce345173fead05489d
GET /sid/json?origin=rtus&domain=dollarsurvey.site&sn=FirefoxSyncframe&so=0&topUrl=dollarsurvey.site&info=xByv4F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVxZ25HZExRbnd3UnhBZ3JKUWh0JTJCQlB0c2VGYldBayUyRk9sNWp2cmxnOUxl&idsd=-2144303242,1664113103&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 682695
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
trc-events.taboola.com/socionicsurvey/log/2/debug?tim=21%3A41%3A37.479&type=error&msg=Didn%27t%20manage%20to%20find%20TRC%20container%20for%20R-Box%20with%20ID%20taboola-below-article---360x640%20(retry%3D1)%20(Document%20is%20Ready)!&llvl=2&id=8078&cv=20221201-24-RELEASE<=deflated&uuid=7d6b43a229d83f13984fb9cd4143e666af963a301ead4aa1335bd07e24be4b6c&dcc=2&pct=1
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/socionicsurvey/log/2/debug?tim=21%3A41%3A37.479&type=error&msg=Didn%27t%20manage%20to%20find%20TRC%20container%20for%20R-Box%20with%20ID%20taboola-below-article---360x640%20(retry%3D1)%20(Document%20is%20Ready)!&llvl=2&id=8078&cv=20221201-24-RELEASE<=deflated&uuid=7d6b43a229d83f13984fb9cd4143e666af963a301ead4aa1335bd07e24be4b6c&dcc=2&pct=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socionicsurvey/log/2/debug?tim=21%3A41%3A37.479&type=error&msg=Didn%27t%20manage%20to%20find%20TRC%20container%20for%20R-Box%20with%20ID%20taboola-below-article---360x640%20(retry%3D1)%20(Document%20is%20Ready)!&llvl=2&id=8078&cv=20221201-24-RELEASE<=deflated&uuid=7d6b43a229d83f13984fb9cd4143e666af963a301ead4aa1335bd07e24be4b6c&dcc=2&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 03 Dec 2022 21:41:39 GMT
x-fastly-to-nlb-rtt: 22390
access-control-allow-credentials: true
X-Firefox-Spdy: h2
csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.2.150200 OK 43 B URL HTTP/2 csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.2.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:39 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20221201-24-RELEASE.es6.js
151.101.65.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20221201-24-RELEASE.es6.js
IP 151.101.65.44:0
File type ASCII text, with very long lines (17842)
Hash 3767da295d90d4c24af46376d07d5cde
ab04b6b8786df6bc95a073872f61937f1b13eeb2
ac5acd527482d71c4e70c82d6d487ed41dc65bed1acf1759b6bc9d863e6e563e
GET /libtrc/userx.20221201-24-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: qMZYEpAgENcZNG+9XK3eH6EoB170TC4Taq/jEXHxbB6WGtDcHZAZIX/26auQKENc8X8eX20WSgw=
x-amz-request-id: 1MV75WX5S7VBM1F7
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Dec 2022 18:03:33 GMT
etag: "16f67637ac3bc1b6ccd63e6d03c34457"
x-amz-version-id: odjpI9TqiU291.wDPAnq80pQaadNJReA
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:39 GMT
via: 1.1 varnish
age: 68
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1670103700.973901,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 15
content-length: 5398
X-Firefox-Spdy: h2
trc.taboola.com/socionicsurvey/trc/3/json?tim=21%3A41%3A37.485<i=deflated&data=%7B%22id%22%3A492%2C%22ii%22%3A%22%2Fcaptcha1.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669918601290%2C%22vi%22%3A1670103697482%2C%22cv%22%3A%2220221201-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2%22%2C%22vpi%22%3A%22%2Fcaptcha1.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A939%2C%22qs%22%3A%22%3Futm_content%3Dzd_public_v2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A9%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22null_null_Horizontal%20widget%22%2C%22orig_uip%22%3A%22null_null_Horizontal%20widget%22%2C%22cd%22%3A387%2C%22mw%22%3A0%2C%22amw%22%3A1011.5833740234375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fcaptcha1.html%2Cnull_null_Horizontal%20widget%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.65.44200 OK 24 kB URL HTTP/2 trc.taboola.com/socionicsurvey/trc/3/json?tim=21%3A41%3A37.485<i=deflated&data=%7B%22id%22%3A492%2C%22ii%22%3A%22%2Fcaptcha1.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669918601290%2C%22vi%22%3A1670103697482%2C%22cv%22%3A%2220221201-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2%22%2C%22vpi%22%3A%22%2Fcaptcha1.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A939%2C%22qs%22%3A%22%3Futm_content%3Dzd_public_v2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A9%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22null_null_Horizontal%20widget%22%2C%22orig_uip%22%3A%22null_null_Horizontal%20widget%22%2C%22cd%22%3A387%2C%22mw%22%3A0%2C%22amw%22%3A1011.5833740234375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fcaptcha1.html%2Cnull_null_Horizontal%20widget%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.65.44:0
Hash fde4ae6e38aec7cebb5700782c18ab92
95cc8d8052b49219cd38f894741bf84151de90eb
458574b75ca48f19a5cd7512af17a4cbd021a42661cc9bc119fd62ee85d90087
GET /socionicsurvey/trc/3/json?tim=21%3A41%3A37.485<i=deflated&data=%7B%22id%22%3A492%2C%22ii%22%3A%22%2Fcaptcha1.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669918601290%2C%22vi%22%3A1670103697482%2C%22cv%22%3A%2220221201-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22bu%22%3A%22https%3A%2F%2Fdollarsurvey.site%2Fcaptcha1.html%3Futm_content%3Dzd_public_v2%22%2C%22vpi%22%3A%22%2Fcaptcha1.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A1280%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A939%2C%22dw%22%3A1280%2C%22dh%22%3A939%2C%22qs%22%3A%22%3Futm_content%3Dzd_public_v2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A9%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22null_null_Horizontal%20widget%22%2C%22orig_uip%22%3A%22null_null_Horizontal%20widget%22%2C%22cd%22%3A387%2C%22mw%22%3A0%2C%22amw%22%3A1011.5833740234375%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fcaptcha1.html%2Cnull_null_Horizontal%20widget%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:39 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670103700.693398,VS0,VE223
vary: Accept-Encoding
x-vcl-time-ms: 223
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/174822165__gw6nZP5f.jpg
151.101.65.44200 OK 9.9 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/174822165__gw6nZP5f.jpg
IP 151.101.65.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e35eb21334687226df6cadc52ded17a9
1f43ebac01c1b27b53a4437610d4648a07ce257f
ab6100f92a3b2bc738982fef99a8a702196af80af04d8e4a970c1c8a4b3d4c01
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/174822165__gw6nZP5f.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 312521774166670890466108118760836038237,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 312521774166670890466108118760836038237,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
etag: "8f61de548f0986937ee44376ec38f618"
expiration: expiry-date="Wed, 02 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sun, 02 Oct 2022 18:30:06 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 158
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:40 GMT
age: 3171636
x-served-by: cache-iad-kcgs7200072-IAD, cache-iad-kjyo7100145-IAD, cache-bur-kbur8200023-BUR, cache-iad-kiad7000152-IAD, cache-bma1621-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 15, 1
x-timer: S1670103700.008239,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/174822165__gw6nZP5f.jpg
x-vcl-time-ms: 1
content-length: 9912
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.211200 OK 12 kB URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.211:0
Hash 0cdf79cad011e6f4ffabef3cab886309
65a1cbf585b16cf5c3edbd1f90c488131073bf00
06754e83384f36cc5f9ccd94bdc2a5edf5a9351214feda74258317047d6475c0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 113521
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/17cdf880041703b2e454c466c5240271.jpg
151.101.65.44200 OK 20 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/17cdf880041703b2e454c466c5240271.jpg
IP 151.101.65.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4ee736888a9cde52e0df686b08a62802
874c8a0f84f7c3c674ba5592b923ef7a933bc844
2983cd6fb501f8583e2b83801a8aecec03994230bb2b7de60732c9a05341e914
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/17cdf880041703b2e454c466c5240271.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 545737114405923779915571837407462705605,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 545737114405923779915571837407462705605,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
etag: "03ebc3610caed02e4a20160619f097f8"
last-modified: Mon, 21 Nov 2022 11:32:59 GMT
req-referer: https://weather.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 46333bfaf717bb73c5d4c9c38d7ce199
x-envoy-upstream-service-time: 693
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:40 GMT
age: 993156
x-served-by: cache-iad-kcgs7200118-IAD, cache-iad-kjyo7100056-IAD, cache-bur-kbur8200139-BUR, cache-iad-kiad7000034-IAD, cache-bma1621-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 23, 1
x-timer: S1670103700.008101,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/17cdf880041703b2e454c466c5240271.jpg
x-vcl-time-ms: 1
content-length: 19744
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e356b41d7127866b6dc75b06a0924b9.jpeg
151.101.65.44200 OK 44 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e356b41d7127866b6dc75b06a0924b9.jpeg
IP 151.101.65.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 962acc4dc8cf04a1616d4a8a85486802
5363271b4a0d9d98419dcddc910d702bb73e0b78
a918040328a30fab9c99e73acd94feaf281a935810674f976c8b2c21d2de2b41
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e356b41d7127866b6dc75b06a0924b9.jpeg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 546711797118895752213847435183186856535,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 546711797118895752213847435183186856535,364438333597438504035334861318629113620,29ecf9b93bbf306179626feeda1fab70
etag: "d1aa65d163c791ed8ff61c57c1e65097"
expiration: expiry-date="Sun, 16 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Thu, 15 Sep 2022 02:05:00 GMT
req-referer: https://gamelytic.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 233
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:40 GMT
age: 4526925
x-served-by: cache-iad-kjyo7100022-IAD, cache-iad-kcgs7200079-IAD, cache-chi-klot8100162-CHI, cache-iad-kiad7000112-IAD, cache-bma1621-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 147, 1
x-timer: S1670103700.008389,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e356b41d7127866b6dc75b06a0924b9.jpeg
x-vcl-time-ms: 1
content-length: 44150
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2cb7ae155e242b9a11ceaf3671f387c0.jpg
151.101.65.44200 OK 26 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2cb7ae155e242b9a11ceaf3671f387c0.jpg
IP 151.101.65.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 631fa39725462db63cfd997993d76417
5b9b0cc37335ee7fa48f614c9a61109f350d0dd6
bbe154f21d85d263654f05981336645f7692b335f688d5e0ae61bcdc1e0009f1
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2cb7ae155e242b9a11ceaf3671f387c0.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 374514674542707795077406949079076341366,351865785165949093008023078421511818851,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 374514674542707795077406949079076341366,351865785165949093008023078421511818851,29ecf9b93bbf306179626feeda1fab70
etag: "05b6ca77d0078c6146cf7a3688195543"
last-modified: Fri, 11 Nov 2022 17:00:34 GMT
req-referer: https://www.navy-net.co.uk/community/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: ecb4219bae8f11e1e345c34b00bfe08b
x-envoy-upstream-service-time: 824
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:40 GMT
age: 1617973
x-served-by: cache-iad-kjyo7100040-IAD, cache-iad-kjyo7100049-IAD, cache-bur-kbur8200143-BUR, cache-iad-kjyo7100047-IAD, cache-bma1621-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 61, 1
x-timer: S1670103700.007745,VS0,VE4
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2cb7ae155e242b9a11ceaf3671f387c0.jpg
x-vcl-time-ms: 4
content-length: 25982
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/h_417,w_500,c_fill,g_xy_center,x_561,y_624/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4d5c69c4c118abb7c9954dcf3637651a.jpeg
151.101.65.44200 OK 11 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/h_417,w_500,c_fill,g_xy_center,x_561,y_624/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4d5c69c4c118abb7c9954dcf3637651a.jpeg
IP 151.101.65.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5871b92736336e60809bcad73da74f5c
a1272bdf4325f82564833e588f13f154d1f3652c
03026cb26786a87ee139da60e0f6a4556913ca4f458067e77d2f38d2ce9fcca5
GET /taboola/image/fetch/h_417,w_500,c_fill,g_xy_center,x_561,y_624/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4d5c69c4c118abb7c9954dcf3637651a.jpeg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 490924169088723966308256945051838771105,424970273406299907964044441516787905954,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 490924169088723966308256945051838771105,424970273406299907964044441516787905954,29ecf9b93bbf306179626feeda1fab70
etag: "72bef2676975b48831a983b03caecd86"
expiration: expiry-date="Sun, 20 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Thu, 20 Oct 2022 15:20:10 GMT
req-referer: https://defence-blog.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 66
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:40 GMT
age: 2446831
x-served-by: cache-iad-kjyo7100047-IAD, cache-iad-kjyo7100090-IAD, cache-chi-klot8100153-CHI, cache-iad-kcgs7200165-IAD, cache-bma1621-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 123, 1
x-timer: S1670103700.009850,VS0,VE17
vary: ImageFormat
x-debug: /taboola/image/fetch/h_417,w_500,c_fill,g_xy_center,x_561,y_624/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4d5c69c4c118abb7c9954dcf3637651a.jpeg
x-vcl-time-ms: 17
content-length: 10972
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1134246421__HVVw2z5f.jpg
151.101.65.44200 OK 42 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1134246421__HVVw2z5f.jpg
IP 151.101.65.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 273d6a79e944425c44d0fb2cd5dc2e3e
e2dd556d28ea22ede4c2548ac721fd43cce492a5
ceb94d4521edb19eeea182dde061be17b1dff124e8d332dcb9a9f89e60e451cf
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1134246421__HVVw2z5f.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 548214507889290343340315356348939437301,351865785165949093008023078421511818851,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 548214507889290343340315356348939437301,351865785165949093008023078421511818851,29ecf9b93bbf306179626feeda1fab70
etag: "aa4bdde64972a29d426cc00c542ca3f4"
expiration: expiry-date="Fri, 11 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 11 Oct 2022 13:39:33 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 166
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:40 GMT
age: 3238672
x-served-by: cache-iad-kiad7000040-IAD, cache-iad-kiad7000130-IAD, cache-chi-klot8100068-CHI, cache-iad-kiad7000133-IAD, cache-bma1621-BMA
x-cache: MISS, HIT, MISS, HIT, MISS
x-cache-hits: 0, 3, 0, 28, 0
x-timer: S1670103700.009313,VS0,VE91
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_417%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1134246421__HVVw2z5f.jpg
x-vcl-time-ms: 91
content-length: 41970
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.2.146200 OK 9.3 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.2.146:0
Hash fd46b19b6fbff6418bb3850a2236ef12
b77e745cbab31145460afbd3c3f9224984fa7440
9cf62e0cef5613c0a52689d07055d405f7ec4faed3764917f53b27f59b432c8e
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-crto-bundle: 5iU06V9XZ3pxbkQyWE1GSGxiSUpRZkQ3Q2hlZDZyckdCeVFydGEyczJZSFRVYXNMelppJTJGJTJGTGZ5VzZMbE42VFUxZEpPYVVSM0xwbm52VkRqJTJGbmxVakpVbXZJaEpXZkwyWVhVTkhGbzJmR04xZjRPSWRnVG80MWVyeUtqTHVvQkVORkpVOTdaJTJGJTJCVFJ3cnlVblBYTTdBQjljS05BJTNEJTNE
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:39 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://dollarsurvey.site
server-processing-duration-in-ticks: 2193475
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15007
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sat, 03 Dec 2022 21:41:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15007
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sat, 03 Dec 2022 21:41:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15007
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sat, 03 Dec 2022 21:41:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15007
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sat, 03 Dec 2022 21:41:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bd85z5A6C0nxpDjeSEPp1NHJxXFO5sy1OgTLz7KpdWz61TNrfyQ47Q==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:53:20 GMT
age: 64100
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 59972
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 11:01:04 GMT
age: 38436
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2pD4fv8j-zQzBZ9Pubo1-6UbvQpWMBb26ft_bn1pq9cWSCXsPXPW3g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:13:01 GMT
age: 84519
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 74656
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 85834
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.65.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.65.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:41 GMT
via: 1.1 varnish
age: 22139
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 2071
x-timer: S1670103701.011518,VS0,VE0
cache-control: private,max-age=31536000
abp: 15
content-length: 254
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.244200 OK 24 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.244:0
Hash 395ed16dc926f82cbd0e19f5d0afb0a1
01056b5aaca028e30d424ff546f5fc7f9b817364
fa76b87edbfd6d62d04f5b79f7d25a43105c7c99bfbe35cd3c917f93c15b07d2
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 102398
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
trc.taboola.com/socionicsurvey/log/3/bulk?tvi2=-2&route=AM%3AIL%3AV<i=deflated&bulkSize=1
151.101.65.44204 No Content 0 B URL HTTP/2 trc.taboola.com/socionicsurvey/log/3/bulk?tvi2=-2&route=AM%3AIL%3AV<i=deflated&bulkSize=1
IP 151.101.65.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /socionicsurvey/log/3/bulk?tvi2=-2&route=AM%3AIL%3AV<i=deflated&bulkSize=1 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 5643
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:41 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670103701.991557,VS0,VE89
x-vcl-time-ms: 89
X-Firefox-Spdy: h2
trc.taboola.com/socionicsurvey/log/3/visible?tvi2=-2&route=AM%3AIL%3AV<i=deflated
151.101.65.44204 No Content 0 B URL HTTP/2 trc.taboola.com/socionicsurvey/log/3/visible?tvi2=-2&route=AM%3AIL%3AV<i=deflated
IP 151.101.65.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /socionicsurvey/log/3/visible?tvi2=-2&route=AM%3AIL%3AV<i=deflated HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 8148
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://dollarsurvey.site
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:41 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670103701.993557,VS0,VE130
x-vcl-time-ms: 130
X-Firefox-Spdy: h2
cdn.taboola.com/scripts/cds-pips.js
151.101.65.44200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.65.44:0
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:41 GMT
via: 1.1 varnish
age: 2236
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 17053
x-timer: S1670103702.951214,VS0,VE0
vary: Accept-Encoding
abp: 15
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
pips.taboola.com/
151.101.65.44200 OK 4 B IP 151.101.65.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dollarsurvey.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://dollarsurvey.site
accept-ranges: bytes
date: Sat, 03 Dec 2022 21:41:42 GMT
via: 1.1 varnish
x-served-by: cache-bma1655-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 85940
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=hZNai180M0RITmhlJTJCZkMwOUJGQlhaMUN2czVxZ25HZExRbnd3UnhBZ3JKUWh0JTJCQUJVMENNNEpjVlpJVGhydnBUdG44Ng
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=xByv4F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVxZ25HZExRbnd3UnhBZ3JKUWh0JTJCQlB0c2VGYldBayUyRk9sNWp2cmxnOUxl; expires=Thu, 28 Dec 2023 21:41:39 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 419776
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dollarsurvey.site/js/v-redux-toolkit.esm.js.9fdf478a.js
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/js/v-redux-toolkit.esm.js.9fdf478a.js
IP 104.26.2.231:0
GET /js/v-redux-toolkit.esm.js.9fdf478a.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-289c"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zksg%2Fyjze2bekPtCad706cHXbQUg7eJQ%2BG7ArjIlsRagCtce6SYt1kBt96JQS0b5Fr488cm7NzpVh5E4NZKTZKso45Qcu8NWRi4Mg9XE2mn9BMJk%2FfUC%2Bz%2F%2Fc6jsQ%2Fqe926T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1be04b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/captcha1.html?utm_content=zd_public_v2
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/captcha1.html?utm_content=zd_public_v2
IP 104.26.2.231:0
Analyzer Verdict Alert fortinet Phishing
GET /captcha1.html?utm_content=zd_public_v2 HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: text/html
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teEIvM2NbJgg7zu9smv82%2BiDyDf2SqINsuiLKTqzjkEDhSNUTwFHuMyMCgMTU9OTDzdl6bpiaVHlNet%2B848FC%2FeN48EY0qY9tXbdaU1%2B7HCMYiFcvKuSNbvfnd5oDhwXKTxU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b2bf72b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/favicon.ico
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/favicon.ico
IP 104.26.2.231:0
GET /favicon.ico HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: image/x-icon
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-47e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhLmmfAd%2BDvB%2B%2Fk7bOf0HR9wXjFgM26hGnVqKtAj0%2BuohNkNT4hX3hXSXP4QO4qvysHr%2Fz9vp42KisVQXen%2BTvrJ9pA6DeOPZYqbBlVP0HvVKVq0XLP%2F62UtjPrhQeTCuQoL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b4ca1db505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/captcha1.html
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/captcha1.html
IP 104.26.2.231:0
Analyzer Verdict Alert fortinet Phishing
GET /captcha1.html HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: text/html
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQO7zo5i%2BtDFxRk45iTsfsENqM6pEEKA2vfOmfpaIlIKN%2FjV%2BnTkbrSkREUgF7w8JgNl4GW2fvd2L3P6FbFcHMWKkdYeVLT58x6I1y96oylFLbv7l2F2JxeKzKZ38IBDC4%2Bt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b08c08b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/js/v-FormData.js.d78db025.js
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/js/v-FormData.js.d78db025.js
IP 104.26.2.231:0
GET /js/v-FormData.js.d78db025.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-bf"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0%2BLz8rmSd0sHGPXFWApiCXzGHFqw4Iv1OqBxKsk7mRc%2BykAm4dC1VBjNtfBqGjFRjm8OtWzW%2FzTWKMdexsgLADYLA%2BbzulMKuJcAW%2B3LDZUFvqs6V6cIdtks3h0BCKlAAKt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1adeab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/js/_global-config-sd.aaec924a.js
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/js/_global-config-sd.aaec924a.js
IP 104.26.2.231:0
GET /js/_global-config-sd.aaec924a.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-16d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVXChEj0DwHHfViiDPYsh1xFohJFje06xjLiloWhoOxdP4qBT1ggWgxhqaUA82M%2BeaCWjpHp2EFuv1FcLf7AtK5fn1VPXQ67TW3maiwdXHtT8698aMKhDcQOOPO%2Fe4eulZh0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1addcb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/js/each-land-config.073c5358.js
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/js/each-land-config.073c5358.js
IP 104.26.2.231:0
GET /js/each-land-config.073c5358.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-1048b"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2j1SaUXwpeOdWrDwBzrGliZqpJ6DPrQuzgjl2N3Zp1MRU2ISqnzKINsS7DEqKDes1fB7Gni7gGsDhwxEWCFZhibZ%2F%2FzhQp0E9DAOEaSM0sOfsMUTb3emkwfkRKVmJdnEktg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1adf4b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/js/v-react-dom.production.min.js.088acd9e.js
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/js/v-react-dom.production.min.js.088acd9e.js
IP 104.26.2.231:0
GET /js/v-react-dom.production.min.js.088acd9e.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-1f8c5"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAMxndUz%2FJWUcPl6IUuY0Rtq3czxchZdhMfFTce%2FLB99Jba9Bf8sQbqNkZxkapiTQlf8sqsfYabiqS2V%2FnHiCKeDdEQ9An9lM1%2FRTDHF6pnEfiFkGx6hLGMKWN9EmkOJTtOV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1ae02b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/js/v-URLSearchParams.js.f8f87c95.js
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/js/v-URLSearchParams.js.f8f87c95.js
IP 104.26.2.231:0
GET /js/v-URLSearchParams.js.f8f87c95.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-dc"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZ5rrsFun%2FSg3ASOwJiWU8QZGepDXhAg8BP8vjEUFjRjoAELnYx1u4rsZesgbtdBvNNyJdqbyloCRNLN27kVE%2FmE3yLBma4a0S6ZYEi7Bu16lBxqyFGMSnpDJ5T1FDI9RG9E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1adefb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/js/v-index.js.99ba7c4d.js
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/js/v-index.js.99ba7c4d.js
IP 104.26.2.231:0
GET /js/v-index.js.99ba7c4d.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-9241"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sawQcb8Qyaby0pdH3AmT6J0RXD%2B6TWByG7RoPcDUDlWJZ7T5KQNB26bsghwHDAlLMQVZH7rj8Hosvahk4az76goTNpdVd6GyS%2Fmeuvhidym%2B09WnkQEQ8J4iEOu6TJxLDT7U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1ade4b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/js/v-utils.js.bccc969f.js
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/js/v-utils.js.bccc969f.js
IP 104.26.2.231:0
GET /js/v-utils.js.bccc969f.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-21ba"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1ht%2B6dmRu%2FfSsCRD3c02QVQ3rayGLl95%2FKEIAi8FsGd50runZCUrrtJNrj2feyshzir1nvaIZeoTFEVuA%2FPnZfByzvbzzrfGsH2QzWgR3kdtEzSJYLnuaG1lVSkMEp%2FUSqR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1ade7b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/js/v-_equalByTag.js.34ccca25.js
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/js/v-_equalByTag.js.34ccca25.js
IP 104.26.2.231:0
GET /js/v-_equalByTag.js.34ccca25.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-3a7"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9GqiIjaZCPobeouSFly7228jExsjSHmbcuOUz%2FhGFlF0nTMEKri6hveTy6x4EAeZ%2FNAfD3YRZH3uHobTqOXICFWwsPlzl4CJ%2B09l2fIQ898ySOnqMwU4iq%2FM9953g0SCMzh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1ae00b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/css/captcha.3e673c43.css
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/css/captcha.3e673c43.css
IP 104.26.2.231:0
GET /css/captcha.3e673c43.css HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: text/css
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-1470"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTG86HtOhPsgcA4bq3KZ8j52p1sSabSaQheHlgTviQX7rf6smP4F5oZFzrYgHWj9DtNlq35%2FcljIWsCX81rdcLeonh4NEFVl027qfRGBYMadAsGJ3hakMgvbroWg1sckCAM7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1adfab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/css/survey.cd8123e3.css
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/css/survey.cd8123e3.css
IP 104.26.2.231:0
GET /css/survey.cd8123e3.css HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: text/css
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-4a5a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww2b%2Bh%2Bn1h%2BQEsYAXYSFRS2LmS7JD0MFW5TmtY%2FtsvRzYbzhIygf1M7a1hYVu%2Bp5uGOkt6tis7SptV62b7QrzVBr23lkCNB0fEedVc3yl1N65stDPevfxXKKOCrZUR9r0tZy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1adf7b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/js/taboola.b4c114e7.js
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/js/taboola.b4c114e7.js
IP 104.26.2.231:0
GET /js/taboola.b4c114e7.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-67f"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9szGqJhoORio7jDcOvLRSlnWjFjxkLp9vL2vIsZDe9OJxRuriE8%2BO%2FhowvfZQEmBUDffQb4KAPI%2BeGUDdzW2HgtumB6Hf%2F1euKAjwAI6zOQjMNrYViYeob%2BKGankHOot7F49"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1be0ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dollarsurvey.site/js/captcha-survey.1.9be7c7e6.js
104.26.2.231200 OK 0 B URL HTTP/2 dollarsurvey.site/js/captcha-survey.1.9be7c7e6.js
IP 104.26.2.231:0
GET /js/captcha-survey.1.9be7c7e6.js HTTP/1.1
Host: dollarsurvey.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:41:38 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 12:06:56 GMT
vary: Accept-Encoding
etag: W/"6389ea60-fe"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itpj9yQRjETc2qEah%2BmHDzWmRBuRxIqsnNF6FnG2exZYxzT27l2iS3RvW77U%2F7MtkjA9ekZcoexsTkVVooLXqPaqK4BqwVphOrtCNlFCY5rL%2BpfdVKJy0ZCf%2FTEO0%2FMOyUba"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f77b1be0fb505-OSL
content-encoding: br
X-Firefox-Spdy: h2