dollarsurvey.org Open in urlscan Pro
2606:4700:20::681a:8c0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rb.gy/f4bldx
Effective URL:
https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=da...
Submission: On February 17 via manual (February 17th 2021, 4:09:20 pm UTC) from US

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 23 domains to perform 52 HTTP transactions. The main IP is 2606:4700:20::681a:8c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is dollarsurvey.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 16th 2020. Valid for: a year.

This is the only time dollarsurvey.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	76.223.86.4 76.223.86.4	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3031::ac43:d424	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3033::ac43:8723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::ac43:a73e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	206.54.165.133 206.54.165.133	35415 (WEBZILLA) (WEBZILLA)
1 2	139.45.197.11 139.45.197.11	9002 (RETN-AS) (RETN-AS)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1 1	139.45.195.161 139.45.195.161	9002 (RETN-AS) (RETN-AS)
9	2606:4700:20:... 2606:4700:20::681a:8c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
4	139.45.197.240 139.45.197.240	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3035::ac43:cc84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 6	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
52	19

1 76.223.86.4 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: abaa834e320054d4d.awsglobalaccelerator.com

rb.gy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d424 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.affforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:8723 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

findlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:a73e (United States)

ASN13335 (CLOUDFLARENET, US)

0.0265331.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.54.165.133 (United States) 1 redirects

ASN35415 (WEBZILLA, NL)

pardedatl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.11 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

rouonixon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.161 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

bainushe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:8c0 (United States)

ASN13335 (CLOUDFLARENET, US)

dollarsurvey.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.240 (United Kingdom)

ASN9002 (RETN-AS, GB)

propeller-tracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:cc84 (United States)

ASN13335 (CLOUDFLARENET, US)

tagstaticx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.48.68.71 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

tagdatax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

o24257.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	tagdatax.com tagdatax.com	2 KB
9	dollarsurvey.org dollarsurvey.org	163 KB
6	yandex.ru 1 redirects mc.yandex.ru	68 KB
6	google.com www.google.com	35 KB
4	propeller-tracking.com propeller-tracking.com	4 KB
3	rtmark.net my.rtmark.net	2 KB
2	facebook.com www.facebook.com	517 B
2	facebook.net connect.facebook.net	93 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	sentry.io o24257.ingest.sentry.io	1 KB
2	rouonixon.com 1 redirects rouonixon.com	7 KB
1	google.de www.google.de	107 B
1	doubleclick.net stats.g.doubleclick.net	89 B
1	googletagmanager.com www.googletagmanager.com	33 KB
1	googlesyndication.com pagead2.googlesyndication.com
1	tagstaticx.com tagstaticx.com	36 KB
1	sentry-cdn.com browser.sentry-cdn.com	17 KB
1	bainushe.com 1 redirects bainushe.com	936 B
1	pardedatl.com 1 redirects pardedatl.com	668 B
1	0265331.com 0.0265331.com	799 B
1	findlnk.com 1 redirects findlnk.com	885 B
1	affforce.com 1 redirects www.affforce.com	859 B
1	rb.gy 1 redirects rb.gy	279 B
52	23

	Domain	Requested by
9	tagdatax.com	tagstaticx.com browser.sentry-cdn.com
9	dollarsurvey.org	dollarsurvey.org
6	mc.yandex.ru	1 redirects www.googletagmanager.com browser.sentry-cdn.com
6	www.google.com	dollarsurvey.org
4	propeller-tracking.com	dollarsurvey.org browser.sentry-cdn.com propeller-tracking.com
3	my.rtmark.net	rouonixon.com browser.sentry-cdn.com
2	www.facebook.com	dollarsurvey.org
2	connect.facebook.net	0.0265331.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com dollarsurvey.org
2	o24257.ingest.sentry.io	browser.sentry-cdn.com
2	rouonixon.com	1 redirects 0.0265331.com
1	www.google.de	dollarsurvey.org
1	stats.g.doubleclick.net	browser.sentry-cdn.com
1	www.googletagmanager.com	dollarsurvey.org
1	pagead2.googlesyndication.com	browser.sentry-cdn.com
1	tagstaticx.com	dollarsurvey.org
1	browser.sentry-cdn.com	dollarsurvey.org
1	bainushe.com	1 redirects
1	pardedatl.com	1 redirects
1	0.0265331.com
1	findlnk.com	1 redirects
1	www.affforce.com	1 redirects
1	rb.gy	1 redirects
52	23

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-27` - `2021-09-27`	a year	crt.sh
rouonixon.com R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
v2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-11` - `2021-04-22`	2 months	crt.sh
propeller-tracking.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-05` - `2021-11-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tagdatax.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-09` - `2021-12-10`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.ingest.sentry.io R3	`2020-12-28` - `2021-03-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
Frame ID: 22C2EA8D90C7BE7543A38429B31A0E36
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://rb.gy/f4bldx HTTP 301
https://www.affforce.com/scripts/un981c6l?a_aid=7ed946a3&a_bid=15d08aec HTTP 301
https://findlnk.com/g?visitorid=55fc8f32dcf49215afa3fede950GXUSi&refid=7ed946a3&bannerid=15d08ae... HTTP 302
https://0.0265331.com/click?pid=6&offer_id=516&ref_id=55fc8f32dcf49215afa3fede950GXUSi_7ed946a3_15... Page URL
https://pardedatl.com/link?z=3947710&var=7ed946a3&ymid=602d3f9df1ec72000155c589 HTTP 302
https://rouonixon.com/4/3891600/?var=3947710 Page URL
https://rouonixon.com/?z=3891600 HTTP 302
https://bainushe.com/link?z=3945676&var=3891600&ymid=385937294768485066 HTTP 302
https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=38593717868691960... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

52
Requests

100 %
HTTPS

67 %
IPv6

23
Domains

23
Subdomains

19
IPs

6
Countries

480 kB
Transfer

1432 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rb.gy/f4bldx HTTP 301
https://www.affforce.com/scripts/un981c6l?a_aid=7ed946a3&a_bid=15d08aec HTTP 301
https://findlnk.com/g?visitorid=55fc8f32dcf49215afa3fede950GXUSi&refid=7ed946a3&bannerid=15d08aec&extra_data1=&extra_data2= HTTP 302
https://0.0265331.com/click?pid=6&offer_id=516&ref_id=55fc8f32dcf49215afa3fede950GXUSi_7ed946a3_15d08aec&sub1=7ed946a3&sub8= Page URL
https://pardedatl.com/link?z=3947710&var=7ed946a3&ymid=602d3f9df1ec72000155c589 HTTP 302
https://rouonixon.com/4/3891600/?var=3947710 Page URL
https://rouonixon.com/?z=3891600 HTTP 302
https://bainushe.com/link?z=3945676&var=3891600&ymid=385937294768485066 HTTP 302
https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://rb.gy/f4bldx HTTP 301
https://www.affforce.com/scripts/un981c6l?a_aid=7ed946a3&a_bid=15d08aec HTTP 301
https://findlnk.com/g?visitorid=55fc8f32dcf49215afa3fede950GXUSi&refid=7ed946a3&bannerid=15d08aec&extra_data1=&extra_data2= HTTP 302
https://0.0265331.com/click?pid=6&offer_id=516&ref_id=55fc8f32dcf49215afa3fede950GXUSi_7ed946a3_15d08aec&sub1=7ed946a3&sub8=

Request Chain 1

https://pardedatl.com/link?z=3947710&var=7ed946a3&ymid=602d3f9df1ec72000155c589 HTTP 302
https://rouonixon.com/4/3891600/?var=3947710

Request Chain 45

https://mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DPL%26oaid%3D5fbf7ec05fbb425a906d2a6826a2f64e%26s%3D385937178686919603%26z%3D3945676%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991245%26utm_content%3Dlong-v2-dark-v2-multigeo-en%26var%3D3891600%26survey_id%3D512932&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A468%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A288470628224%3Ahid%3A801392626%3Az%3A60%3Ai%3A20210217170902%3Aet%3A1613578143%3Ac%3A1%3Arn%3A113600581%3Au%3A16135781431005026085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613578141740%3Awv%3A2%3Ads%3A6%2C30%2C44%2C0%2C241%2C0%2C%2C311%2C1%2C%2C%2C%2C636%3Adsn%3A7%2C30%2C43%2C1%2C241%2C0%2C%2C313%2C1%2C%2C%2C%2C635%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613578143%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202021%3F HTTP 302
https://mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DPL%26oaid%3D5fbf7ec05fbb425a906d2a6826a2f64e%26s%3D385937178686919603%26z%3D3945676%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991245%26utm_content%3Dlong-v2-dark-v2-multigeo-en%26var%3D3891600%26survey_id%3D512932&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A468%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A288470628224%3Ahid%3A801392626%3Az%3A60%3Ai%3A20210217170902%3Aet%3A1613578143%3Ac%3A1%3Arn%3A113600581%3Au%3A16135781431005026085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613578141740%3Awv%3A2%3Ads%3A6%2C30%2C44%2C0%2C241%2C0%2C%2C311%2C1%2C%2C%2C%2C636%3Adsn%3A7%2C30%2C43%2C1%2C241%2C0%2C%2C313%2C1%2C%2C%2C%2C635%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613578143%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202021%3F

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

click
0.0265331.com/
Redirect Chain

https://rb.gy/f4bldx
https://www.affforce.com/scripts/un981c6l?a_aid=7ed946a3&a_bid=15d08aec
https://findlnk.com/g?visitorid=55fc8f32dcf49215afa3fede950GXUSi&refid=7ed946a3&bannerid=15d08aec&extra_data1=&extra_data2=
https://0.0265331.com/click?pid=6&offer_id=516&ref_id=55fc8f32dcf49215afa3fede950GXUSi_7ed946a3_15d08aec&sub1=7ed946a3&sub8=

241 B
799 B

56ms
40ms

Document
text/html

2606:4700:3036::ac43:a73e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0.0265331.com/click?pid=6&offer_id=516&ref_id=55fc8f32dcf49215afa3fede950GXUSi_7ed946a3_15d08aec&sub1=7ed946a3&sub8=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a73e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: 0.0265331.com
:scheme: https
:path: /click?pid=6&offer_id=516&ref_id=55fc8f32dcf49215afa3fede950GXUSi_7ed946a3_15d08aec&sub1=7ed946a3&sub8=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:01 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dbba419ca0da9f0966d00bbf1649045921613578141; expires=Fri, 19-Mar-21 16:09:01 GMT; path=/; domain=.0265331.com; HttpOnly; SameSite=Lax afclick=602d3f9df1ec72000155c589; Expires=Thu, 17 Feb 2022 16:09:01 GMT; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 08525995a10000c2e0511de000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LXxRhoA4y%2FUO9rvipCJRUvpfUuYGoqlbi8qC41q66qUPHt7p4KxBgOv7guxVXSHuxnNMI0OunJJvylObTFp4XFXuEsVUwoorl5SnP5SgerRa9l7RZK0Ekz4V"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6230c535ca43c2e0-FRA
content-encoding: br

Redirect headers

date: Wed, 17 Feb 2021 16:09:01 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d2d43bba6651d405c8494d186310a6e5d1613578141; expires=Fri, 19-Mar-21 16:09:01 GMT; path=/; domain=.findlnk.com; HttpOnly; SameSite=Lax
cache-control: no-cache
location: https://0.0265331.com/click?pid=6&offer_id=516&ref_id=55fc8f32dcf49215afa3fede950GXUSi_7ed946a3_15d08aec&sub1=7ed946a3&sub8=
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 99381122-54b5-497a-b64b-615840811429
x-runtime: 0.005146
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 085259954f00002bca36a89000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Md2hBzohpcwJiIJXx5EXbeUX%2BRlbyGGcfCqdmqcyKVqbG%2BghN%2FQjK177IbSTvwgTn9KVsqe4xqzTV2vlavdbacMvdKtR1Cx9RLfm4PwLWVZVQXhuA8pQaQ%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6230c5354a2a2bca-FRA

GET
H2

200

/ Show response
rouonixon.com/4/3891600/
Redirect Chain

https://pardedatl.com/link?z=3947710&var=7ed946a3&ymid=602d3f9df1ec72000155c589
https://rouonixon.com/4/3891600/?var=3947710

13 KB
7 KB

188ms
60ms

Document
text/html

139.45.197.11
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rouonixon.com/4/3891600/?var=3947710
Requested by: Host: 0.0265331.com
URL: https://0.0265331.com/click?pid=6&offer_id=516&ref_id=55fc8f32dcf49215afa3fede950GXUSi_7ed946a3_15d08aec&sub1=7ed946a3&sub8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.11 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 58893014ad5db3fd4280aac8ca967398e1ce216fe5a92a499ec629846cf07313

Request headers

:method: GET
:authority: rouonixon.com
:scheme: https
:path: /4/3891600/?var=3947710
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://0.0265331.com/click?pid=6&offer_id=516&ref_id=55fc8f32dcf49215afa3fede950GXUSi_7ed946a3_15d08aec&sub1=7ed946a3&sub8=

Response headers

server: nginx
date: Wed, 17 Feb 2021 16:09:01 GMT
content-type: text/html; charset=utf8
access-control-allow-origin: * *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
timing-allow-origin: *
x-trace-id: a29925be942d3bfdbaca606985296097
link: <https://propeller-tracking.com>; rel="dns-prefetch preconnect",<//>; rel="dns-prefetch preconnect"
set-cookie: OAID=b14e29f398b942279f22a374bb2e3f79; expires=Thu, 17 Feb 2022 16:09:01 GMT; secure; SameSite=None oaidts=1613578141; expires=Thu, 17 Feb 2022 16:09:01 GMT; secure; SameSite=None
content-encoding: gzip

Redirect headers

server: nginx
date: Wed, 17 Feb 2021 16:09:01 GMT
content-length: 0
location: https://rouonixon.com/4/3891600/?var=3947710
access-control-allow-credentials: true
access-control-allow-origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 99711888bd7f0d1c7990d8dc163e6320
link: <//my.rtmark.net>; rel="dns-prefetch preconnect" <https://rouonixon.com>; rel="dns-prefetch preconnect"
referrer-policy: no-referrer
set-cookie: OAID=98844736780a4ef8bd8d9e8ef28371a3; expires=Thu, 17 Feb 2022 16:09:01 GMT oaidts=1613578141; expires=Thu, 17 Feb 2022 16:09:01 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 188ms
61ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=b14e29f398b942279f22a374bb2e3f79

Requested by

Host: rouonixon.com
URL: https://rouonixon.com/4/3891600/?var=3947710

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://rouonixon.com/4/3891600/?var=3947710
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:01 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

Primary Request survey.html Show response
dollarsurvey.org/
Redirect Chain

https://rouonixon.com/?z=3891600
https://bainushe.com/link?z=3945676&var=3891600&ymid=385937294768485066
https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term...

3 KB
2 KB

80ms
43ms

Document
text/html

2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eea2b44c8edd1517dea365bc40ae8b641425a77a8db1fa02f5958c208179bae9

Request headers

:method: GET
:authority: dollarsurvey.org
:scheme: https
:path: /survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://rouonixon.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-type: text/html
set-cookie: __cfduid=d1bd4f41a2841e4a0487f551d397700991613578142; expires=Fri, 19-Mar-21 16:09:02 GMT; path=/; domain=.dollarsurvey.org; HttpOnly; SameSite=Lax; Secure
last-modified: Wed, 17 Feb 2021 12:18:43 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
cf-request-id: 085259994b0000722df838c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YwyrP168WU%2BODiUluL0QKw0PBuuqQn826RecVUAGjPf8D81tdU%2Fb60ZbtFWW2krBp5zPJqHIqVc4APlkdveAsUJnpRFjnn2b%2BR96Fxi0Ph3cUq3x%2FYNPTZvYhU%2Bd"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6230c53bad9b722d-AMS
content-encoding: br

Redirect headers

server: nginx
date: Wed, 17 Feb 2021 16:09:01 GMT
content-length: 0
location: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
access-control-allow-credentials: true
access-control-allow-origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: fb14204b976ffea6891e4a85e08626b9
link: <//my.rtmark.net>; rel="dns-prefetch preconnect" <https://dollarsurvey.org>; rel="dns-prefetch preconnect"
referrer-policy: no-referrer
set-cookie: OAID=5fbf7ec05fbb425a906d2a6826a2f64e; expires=Thu, 17 Feb 2022 16:09:01 GMT oaidts=1613578141; expires=Thu, 17 Feb 2022 16:09:01 GMT OXCCLK=4052446.1; expires=Thu, 17 Feb 2022 16:09:01 GMT allcnt=1; expires=Thu, 17 Feb 2022 16:09:01 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.15.5/ 55 KB
17 KB 43ms
13ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Requested by

Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1ee94537308b969ae3e3fe075f960e89e5817fc57f9464fd66b65a124448c66a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://dollarsurvey.org
Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 08:16:03 GMT
server: Fastly
age: 26008839
etag: "8c32735049305a5594a56ef0e4519e8e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 17451
expires: Thu, 22 Apr 2021 15:28:23 GMT

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 163ms
54ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 18dce969d1082786d324ce22855bce9d
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 rtc.js Show response
dollarsurvey.org/js/data/ 9 KB
4 KB 53ms
52ms Script
application/javascript 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/js/data/rtc.js
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7451d450f924d17165431bc8b6c19b14f66351268b472b3da790a14db8d33f4e

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1813
cf-polished: origSize=12404
cf-request-id: 085259997e0000722d0db33000000001
last-modified: Wed, 17 Feb 2021 12:18:43 GMT
server: cloudflare
etag: W/"602d09a3-3074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bMi%2F3P9dDABiJQwtIsXEz76z1Ysxdp6c0C%2FlMP3oodpgF9QBIW8jkqZtgBTdt%2BaP%2FWfU1tWAOf7e2abXCfxVZI4iOIcI%2Fw4xwOeXYbXIwl7aEUSRpgWZBCaYJQH%2F"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6230c53bfdac722d-AMS
cf-bgj: minify

GET
H2 200 config.js Show response
dollarsurvey.org/js/ 81 KB
27 KB 38ms
37ms Script
application/javascript 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/js/config.js
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bea12b196a42dd36555a244083949fb0db2a3a3de74ab9a2cb7c5723709ef74

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4202
cf-polished: origSize=83230
cf-request-id: 08525999820000722df6878000000001
last-modified: Wed, 17 Feb 2021 12:18:43 GMT
server: cloudflare
etag: W/"602d09a3-1451e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F5yC4QeJM89yM9wG3pJp0D30hQdDw906gR%2BhOZLcP6Tk6nMlwaoOBx2cfBbvVdpyJA1dQ%2Bn6CUL7LfaZ%2BXmN2Zlm7gtqqODEQwFSFeW6JH1I1BBMId0ZbduzwfPf"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6230c53bfdae722d-AMS
cf-bgj: minify

GET
H2 200 survey.css
dollarsurvey.org/css/ 31 KB
6 KB 48ms
47ms Stylesheet
text/css 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/css/survey.css
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbe7be535da1105155e50d93dfe55af741c9cdca1dfa6be4c23e4969fd08832a

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1848
cf-polished: origSize=31444
cf-request-id: 085259997e0000722d0612e000000001
last-modified: Wed, 17 Feb 2021 12:18:43 GMT
server: cloudflare
etag: W/"602d09a3-7ad4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2t51IaRlAD1oH1%2FUGKI%2BYe2rQjAoTyjvkldVoCa5AsvhScth%2F9VQMg2N9gtAsZsqCEcjZZOtvtSsc0G%2FnQvEdRmHS5UGKZuQTKqg9PjvdjB152OksyxazSToTdwR"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6230c53bfdaf722d-AMS
cf-bgj: minify

GET
H2 200 style.min.css
dollarsurvey.org/css/ 13 KB
3 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/css/style.min.css
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467c377cb4132ee8749c7ebc040a07f9898fd4eb5333f84fd163645e3cc11775

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 12:18:43 GMT
server: cloudflare
age: 6904
etag: W/"602d09a3-3561"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f7j%2BoxlIcT9c72s57Lj4c17YYduLOuaNaAF35hIKgPxLs0Oil915MWkkeDgBdZnAHjAxb7qYs5qDCg5MXZ9Fh6Xs%2Bse%2FBDImMNYdEIv9E646vKFzVqbPYfFDGqtD"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6230c53bfdb0722d-AMS
cf-request-id: 085259997f0000722df52f5000000001

GET
H2 200 icon-survey.svg
dollarsurvey.org/img/ 3 KB
1 KB 21ms
20ms Image
image/svg+xml 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dollarsurvey.org/img/icon-survey.svg
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a92922801ea676a88192b928a94d9179fe23c789767bba01647c21fb289904

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 12:18:43 GMT
server: cloudflare
age: 729
etag: W/"602d09a3-c26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x77JrZaOx9tpX1l8YPpYIxMQcFZdzp3JORD%2FfodUaGAWrfpZofRPLtE1sLyJyuRAlukArwEDE4%2F3VJKZUKsO%2BxexV3oYs9eeouc%2Fne7H9d6myK5K2lJ8rPRw1tKK"}],"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6230c53c6dd2722d-AMS
cf-request-id: 08525999c50000722df687c000000001

GET
H2 200 survey.js Show response
dollarsurvey.org/js/ 289 KB
87 KB 45ms
44ms Script
application/javascript 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/js/survey.js
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 696c8a3d44113af62160db34a41be2bcfd7ae5386b94d6fab62effdb217fb84e

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6647
cf-polished: origSize=296447
cf-request-id: 08525999b50000722df9bae000000001
last-modified: Wed, 17 Feb 2021 12:18:43 GMT
server: cloudflare
etag: W/"602d09a3-485ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QlYtFWAVqjt7u6w3GCgCTccYslj%2F1Yu%2Bam5ZOtBBVWcAHk%2FObkXhHZevO7ptJ67ZvjayXG2ZM51YLHLML5lQmnZwBH1tsBdXMLCheOPLhEJ%2FXZWem9y9Ha4%2BGxe5"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6230c53c5dc9722d-AMS
cf-bgj: minify

GET
H2 200 sd-512932.js Show response
dollarsurvey.org/js/data/ 5 KB
1 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/js/data/sd-512932.js
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/js/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cec323a449f447a552f73c81ae3725b88ad03e06cd56af2ff8011cb0f8f0fd9a

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3160
cf-polished: origSize=10256
cf-request-id: 08525999c50000722df89ef000000001
last-modified: Wed, 17 Feb 2021 12:18:43 GMT
server: cloudflare
etag: W/"602d09a3-2810"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h0gSo7D1BV9e8Ya9HaHrJYiGeRojBOPUSVU9u3qOTzQ8vPuFy8fFnLH%2BCwKXizW7TTkGcf%2BTt%2BABHi0lIKGvYovEMcNQP12io4R7e5G3wJsXUMJiD5izPzAvz4Nt"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6230c53c6dd3722d-AMS
cf-bgj: minify

GET
H2 200 tag.js Show response
tagstaticx.com/ 81 KB
36 KB 56ms
23ms Script
application/javascript 2606:4700:3035::ac43:cc84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tagstaticx.com/tag.js
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/js/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:cc84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ddcc38e1b0f35fc1ea36a59847a1d5adf048138c755589f205409be4b6aa47

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Feb 2021 21:08:32 GMT
server: cloudflare
age: 291
etag: W/"6019bf50-14250"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cdv5So8VFMPj3Ky73QTaebNBeG%2BQVI2SBq2FGbdgaC6e3S6hEh69cuoIwipyeehCWzSfDX%2Fqjdp8G8jSkIUR5U4iHFPC%2BzGWpd34N%2BY7MDRGn7AdpSByTZ8aNg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=1800
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6230c53c992bc277-FRA
cf-request-id: 08525999e20000c2779e230000000001

GET
H2 200 micro.tag.min.js Show response
dollarsurvey.org/pfe/current/ 131 KB
32 KB 30ms
30ms Script
application/javascript 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/pfe/current/micro.tag.min.js?z=3907166&sw=/sw/sw3907166.js&var=3945676&ymid=3891600&cdn=1&domain=ugyplysh.com
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/js/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce5b70f4867cc996d2cc6d4b6627e68490349fc6f7f1896b4983f02baba7a28

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 12:18:43 GMT
server: cloudflare
age: 6219
etag: W/"602d09a3-20bd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iKWnwK2Sz7qFx%2BW7LrSlq%2FVXXI37XiDPOftlYkV8G3Yp6E9KPOO9iOiCAh2PPez7wpn2DUHmBbiSw3PwG66kDe%2BL5giie8n65h%2F5BxTa%2FJCMNlBMKWSargygH%2BgP"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6230c53cddf7722d-AMS
cf-request-id: 0852599a080000722df52fb000000001

OPTIONS
H/1.1 200
OK pix.jpg
tagdatax.com/ 0
0 172ms
53ms Other 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/pix.jpg
Protocol: HTTP/1.1
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://dollarsurvey.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Wed, 17 Feb 2021 16:09:02 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 54ms
34ms Fetch
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 12112344721774099002
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 17 Feb 2021 16:09:02 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 60ms
60ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0223c3966ad6760dccec09ff5ef19f3a3c35dfca8761d987ae8514228f71a5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H/1.1 200
OK version.js Show response
tagdatax.com/ 57 B
259 B 177ms
52ms Script
application/javascript 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/version.js
Requested by: Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 0a3e8df392822f6605e3db96c4ed039f5620b575e34d79fad98eba4a7607e173

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 16:09:02 GMT
Cache-Control: private, max-age=63072000
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 57
Content-Type: application/javascript

GET
H/1.1 200
OK pix.jpg Show response
tagdatax.com/ 28 B
620 B 55ms
54ms XHR
image/jpeg 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/pix.jpg
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Wed, 17 Feb 2021 16:09:02 GMT
Server: nginx/1.16.1
Etag: 9ffc8ee4-fecb-4875-a189-c3f1c4e4718c
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Expose-Headers: ETag
Cache-Control: private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 28

GET
H2 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 17ms
15ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Wed, 17 Feb 2021 16:09:02 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 16ms
15ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Wed, 17 Feb 2021 16:09:02 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 18ms
17ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Wed, 17 Feb 2021 16:09:02 GMT

GET
H2 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 17ms
16ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Wed, 17 Feb 2021 16:09:02 GMT

GET
H2 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 17ms
16ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Wed, 17 Feb 2021 16:09:02 GMT

POST
H/1.1 429
Too Many Requests / Show response
o24257.ingest.sentry.io/api/5219077/store/ 45 B
582 B 609ms
151ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o24257.ingest.sentry.io/api/5219077/store/?sentry_key=3bace7bf2fdc4ab880d8160dd2edcfce&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

77e29e7c2ef665fb66daa4adbd5a877ad518b9698c165e1a486813acf9ee84f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dollarsurvey.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 17 Feb 2021 16:09:02 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 45
x-sentry-rate-limits: 60:default;error;transaction;security;attachment:organization:usage_exceeded
retry-after: 60

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 61ms
61ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0223c3966ad6760dccec09ff5ef19f3a3c35dfca8761d987ae8514228f71a5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 89 KB
33 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLSFF85

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

762e82e53b216b9b5fd27ee0fd796c4218e4100297058e5bbcc9f43975dcfbcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33893
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 15:05:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Feb 2021 16:09:02 GMT

POST
H/1.1 200
OK add Show response
tagdatax.com/ir/ 2 B
581 B 55ms
53ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/ir/add
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Wed, 17 Feb 2021 16:09:02 GMT
Server: nginx/1.16.1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

OPTIONS
H/1.1 200
OK add
tagdatax.com/ir/ 0
0 85ms
53ms Other 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/ir/add
Protocol: HTTP/1.1
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://dollarsurvey.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Wed, 17 Feb 2021 16:09:02 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
493 B 53ms
52ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vctx?t=82892

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 07c58a6d7174e884d71ed7afb4f3622a
pragma: no-cache
date: Wed, 17 Feb 2021 16:09:02 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H/1.1 429
Too Many Requests / Show response
o24257.ingest.sentry.io/api/5219077/store/ 45 B
582 B 589ms
148ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o24257.ingest.sentry.io/api/5219077/store/?sentry_key=3bace7bf2fdc4ab880d8160dd2edcfce&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

77e29e7c2ef665fb66daa4adbd5a877ad518b9698c165e1a486813acf9ee84f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dollarsurvey.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 17 Feb 2021 16:09:02 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 45
x-sentry-rate-limits: 60:default;error;transaction;security;attachment:organization:usage_exceeded
retry-after: 60

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLSFF85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1305
date: Wed, 17 Feb 2021 15:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 17 Feb 2021 17:47:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 0.0265331.com
URL: https://0.0265331.com/click?pid=6&offer_id=516&ref_id=55fc8f32dcf49215afa3fede950GXUSi_7ed946a3_15d08aec&sub1=7ed946a3&sub8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: M4BTrTnOPnxr/hBq6MC20BrfvP8lFYvPhvky1mYR5mwkyhp2Z1YadmgD0oSC/dMQeTWgHNGBaZJRWx9PyHf/qA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 17 Feb 2021 16:09:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
66 KB 132ms
43ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLSFF85

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6cc431ef68ca8ba830abbd7e9cc021644a3904d0ac181f3e8389b4fc40e219b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
content-encoding: br
last-modified: Mon, 15 Feb 2021 13:31:56 GMT
etag: "602bfd68-105e2"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67042
expires: Wed, 17 Feb 2021 17:09:02 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-174297796-1&cid=188327177.1613578142&jid=838534602&gjid=1410805423&_gid=1858371222.1613578142&_u=YGBAgEABAAAAAE~&z=266548948

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 Feb 2021 16:09:02 GMT
content-type: text/plain
access-control-allow-origin: https://dollarsurvey.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=840099247&t=pageview&_s=1&dl=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DPL%26oaid%3D5fbf7ec05fbb425a906d2a6826a2f64e%26s%3D385937178686919603%26z%3D3945676%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991245%26utm_content%3Dlong-v2-dark-v2-multigeo-en%26var%3D3891600%26survey_id%3D512932&ul=en-us&de=UTF-8&dt=Which%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202021%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=838534602&gjid=1410805423&cid=188327177.1613578142&tid=UA-174297796-1&_gid=1858371222.1613578142&gtm=2wg230NLSFF85&z=2139493801

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 08:17:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28307
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 vbl
propeller-tracking.com/ 0
493 B 53ms
53ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vbl?t=82892&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: a298bdf31390069143a30dcaf2445866
pragma: no-cache
date: Wed, 17 Feb 2021 16:09:02 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 735954656947281 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/735954656947281?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

51b8373a877a4db3308be883f326c93726f42ebc63ff2363d0336413dcc72904

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 71036
x-fb-rlafr: 0
pragma: public
x-fb-debug: wpU/uUvqYNJc/8gIhJAsPANL4U2DSuoirgM8h1Vdk75uBVebsjmcsr8L7L4S4TI0gbrA/CkcyFPr0dYdAFIvmw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 17 Feb 2021 16:09:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 88274340
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
88 B 33ms
32ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-174297796-1&cid=188327177.1613578142&jid=838534602&_u=YGBAgEABAAAAAE~&z=128914361

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 16:09:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-174297796-1&cid=188327177.1613578142&jid=838534602&_u=YGBAgEABAAAAAE~&z=128914361

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 16:09:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK etag
tagdatax.com/ 0
0 53ms
52ms Other 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/etag
Protocol: HTTP/1.1
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://dollarsurvey.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Wed, 17 Feb 2021 16:09:02 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK etag Show response
tagdatax.com/ 2 B
468 B 53ms
52ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/etag
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Wed, 17 Feb 2021 16:09:02 GMT
Server: nginx/1.16.1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

POST
H/1.1 200
OK add Show response
tagdatax.com/log/ 2 B
468 B 87ms
53ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/log/add
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Wed, 17 Feb 2021 16:09:02 GMT
Server: nginx/1.16.1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

OPTIONS
H/1.1 200
OK add
tagdatax.com/log/ 0
0 59ms
53ms Other 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/log/add
Protocol: HTTP/1.1
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://dollarsurvey.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Wed, 17 Feb 2021 16:09:02 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=735954656947281&ev=PageView&dl=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DPL%26oaid%3D5fbf7ec05fbb425a906d2a6826a2f64e%26s%3D385937178686919603%26z%3D3945676%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991245%26utm_content%3Dlong-v2-dark-v2-multigeo-en%26var%3D3891600%26survey_id%3D512932&rl=&if=false&ts=1613578142570&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1613578142569.1175139226&it=1613578142471&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 17 Feb 2021 16:09:02 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/66423859/
Redirect Chain

https://mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DPL%26oaid%3D5fbf7ec05fbb425a906d2a6826a2f64e%26s%3D385937178686919603%26z%3D3945676%26theme...
https://mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DPL%26oaid%3D5fbf7ec05fbb425a906d2a6826a2f64e%26s%3D385937178686919603%26z%3D3945676%26the...

167 B
249 B

46ms
46ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DPL%26oaid%3D5fbf7ec05fbb425a906d2a6826a2f64e%26s%3D385937178686919603%26z%3D3945676%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991245%26utm_content%3Dlong-v2-dark-v2-multigeo-en%26var%3D3891600%26survey_id%3D512932&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A468%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A288470628224%3Ahid%3A801392626%3Az%3A60%3Ai%3A20210217170902%3Aet%3A1613578143%3Ac%3A1%3Arn%3A113600581%3Au%3A16135781431005026085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613578141740%3Awv%3A2%3Ads%3A6%2C30%2C44%2C0%2C241%2C0%2C%2C311%2C1%2C%2C%2C%2C636%3Adsn%3A7%2C30%2C43%2C1%2C241%2C0%2C%2C313%2C1%2C%2C%2C%2C635%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613578143%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202021%3F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9ecf62d9c62022691769683a533b0d453feff1cf6adcc6d5490dea467e14c3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 16:09:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 17-Feb-2021 16:09:02 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dollarsurvey.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 16:09:02 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Feb 2021 16:09:02 GMT
last-modified: Wed, 17-Feb-2021 16:09:02 GMT
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DPL%26oaid%3D5fbf7ec05fbb425a906d2a6826a2f64e%26s%3D385937178686919603%26z%3D3945676%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991245%26utm_content%3Dlong-v2-dark-v2-multigeo-en%26var%3D3891600%26survey_id%3D512932&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A468%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A288470628224%3Ahid%3A801392626%3Az%3A60%3Ai%3A20210217170902%3Aet%3A1613578143%3Ac%3A1%3Arn%3A113600581%3Au%3A16135781431005026085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613578141740%3Awv%3A2%3Ads%3A6%2C30%2C44%2C0%2C241%2C0%2C%2C311%2C1%2C%2C%2C%2C636%3Adsn%3A7%2C30%2C43%2C1%2C241%2C0%2C%2C313%2C1%2C%2C%2C%2C635%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613578143%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202021%3F
strict-transport-security: max-age=31536000
access-control-allow-origin: https://dollarsurvey.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 16:09:02 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 44ms
43ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:02 GMT
last-modified: Mon, 15 Feb 2021 13:31:56 GMT
etag: "602bfd68-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 17 Feb 2021 17:09:02 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/66423859/ 43 B
73 B 44ms
43ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.org%2Fnotification_permission&page-ref=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DPL%26oaid%3D5fbf7ec05fbb425a906d2a6826a2f64e%26s%3D385937178686919603%26z%3D3945676%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991245%26utm_content%3Dlong-v2-dark-v2-multigeo-en%26var%3D3891600%26survey_id%3D512932&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A288470628224%3Ahid%3A801392626%3Az%3A60%3Ai%3A20210217170902%3Aet%3A1613578143%3Ac%3A1%3Arn%3A977696153%3Au%3A16135781431005026085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613578141740%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C980%2C980%2C1%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C980%2C980%2C1%2C%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613578143%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202021%3F

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 16:09:02 GMT
last-modified: Wed, 17-Feb-2021 16:09:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://dollarsurvey.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 16:09:02 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/66423859/ 43 B
73 B 45ms
44ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.org%2Fnotification_permission&page-ref=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DPL%26oaid%3D5fbf7ec05fbb425a906d2a6826a2f64e%26s%3D385937178686919603%26z%3D3945676%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991245%26utm_content%3Dlong-v2-dark-v2-multigeo-en%26var%3D3891600%26survey_id%3D512932&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A288470628224%3Ahid%3A801392626%3Az%3A60%3Ai%3A20210217170902%3Aet%3A1613578143%3Ac%3A1%3Arn%3A389513856%3Au%3A16135781431005026085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613578141740%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613578143%3At%3AWhich%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202021%3F

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 17 Feb 2021 16:09:02 GMT
last-modified: Wed, 17-Feb-2021 16:09:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://dollarsurvey.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 17-Feb-2021 16:09:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=735954656947281&ev=Microdata&dl=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DPL%26oaid%3D5fbf7ec05fbb425a906d2a6826a2f64e%26s%3D385937178686919603%26z%3D3945676%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991245%26utm_content%3Dlong-v2-dark-v2-multigeo-en%26var%3D3891600%26survey_id%3D512932&rl=&if=false&ts=1613578144074&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Which%20Online%20Business%20Would%20Make%20You%20A%20Billionaire%20By%202021%3F%22%2C%22meta%3Adescription%22%3A%22survey%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1613578144073.312500842&it=1613578142471&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 16:09:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 17 Feb 2021 16:09:04 GMT

POST
H2 204 vbri
propeller-tracking.com/ 0
493 B 52ms
52ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vbri?t=82892&bid=undefined&aid=undefined&tp=2720.6599973142147

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=PL&oaid=5fbf7ec05fbb425a906d2a6826a2f64e&s=385937178686919603&z=3945676&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991245&utm_content=long-v2-dark-v2-multigeo-en&var=3891600&survey_id=512932
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 28fb4c47edd95cb896376caedc64350a
pragma: no-cache
date: Wed, 17 Feb 2021 16:09:04 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dollarsurvey.org/	1970-01-20 00:58:34	Name: _ym_d Value: 1613578143
.dollarsurvey.org/	1970-01-19 18:22:34	Name: _fbp Value: fb.1.1613578142569.1175139226
.dollarsurvey.org/	1970-01-19 16:12:58	Name: _dc_gtm_UA-174297796-1 Value: 1
.dollarsurvey.org/	1970-01-20 09:44:10	Name: _ga Value: GA1.2.188327177.1613578142
.dollarsurvey.org/	1970-01-20 00:58:34	Name: _ym_uid Value: 16135781431005026085
.dollarsurvey.org/	1970-01-19 16:14:24	Name: _gid Value: GA1.2.1858371222.1613578142
.dollarsurvey.org/	1970-01-19 16:56:10	Name: __cfduid Value: d1bd4f41a2841e4a0487f551d397700991613578142

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.0265331.com
bainushe.com
browser.sentry-cdn.com
connect.facebook.net
dollarsurvey.org
findlnk.com
mc.yandex.ru
my.rtmark.net
o24257.ingest.sentry.io
pagead2.googlesyndication.com
pardedatl.com
propeller-tracking.com
rb.gy
rouonixon.com
stats.g.doubleclick.net
tagdatax.com
tagstaticx.com
www.affforce.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
139.45.195.161
139.45.195.8
139.45.197.11
139.45.197.240
206.54.165.133
2606:4700:20::681a:8c0
2606:4700:3031::ac43:d424
2606:4700:3033::ac43:8723
2606:4700:3035::ac43:cc84
2606:4700:3036::ac43:a73e
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2004
2a00:1450:400c:c0c::9d
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::729
35.188.42.15
37.48.68.71
76.223.86.4
0223c3966ad6760dccec09ff5ef19f3a3c35dfca8761d987ae8514228f71a5a4
0a3e8df392822f6605e3db96c4ed039f5620b575e34d79fad98eba4a7607e173
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13ddcc38e1b0f35fc1ea36a59847a1d5adf048138c755589f205409be4b6aa47
1ee94537308b969ae3e3fe075f960e89e5817fc57f9464fd66b65a124448c66a
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18
467c377cb4132ee8749c7ebc040a07f9898fd4eb5333f84fd163645e3cc11775
4bea12b196a42dd36555a244083949fb0db2a3a3de74ab9a2cb7c5723709ef74
4ce5b70f4867cc996d2cc6d4b6627e68490349fc6f7f1896b4983f02baba7a28
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51b8373a877a4db3308be883f326c93726f42ebc63ff2363d0336413dcc72904
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
58893014ad5db3fd4280aac8ca967398e1ce216fe5a92a499ec629846cf07313
64a92922801ea676a88192b928a94d9179fe23c789767bba01647c21fb289904
696c8a3d44113af62160db34a41be2bcfd7ae5386b94d6fab62effdb217fb84e
6cc431ef68ca8ba830abbd7e9cc021644a3904d0ac181f3e8389b4fc40e219b1
7451d450f924d17165431bc8b6c19b14f66351268b472b3da790a14db8d33f4e
762e82e53b216b9b5fd27ee0fd796c4218e4100297058e5bbcc9f43975dcfbcd
77e29e7c2ef665fb66daa4adbd5a877ad518b9698c165e1a486813acf9ee84f2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9ecf62d9c62022691769683a533b0d453feff1cf6adcc6d5490dea467e14c3e3
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
cbe7be535da1105155e50d93dfe55af741c9cdca1dfa6be4c23e4969fd08832a
cec323a449f447a552f73c81ae3725b88ad03e06cd56af2ff8011cb0f8f0fd9a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea2b44c8edd1517dea365bc40ae8b641425a77a8db1fa02f5958c208179bae9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

dollarsurvey.org Open in urlscan Pro 2606:4700:20::681a:8c0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

67 %IPv6

23 Domains

23 Subdomains

19 IPs

6 Countries

480 kBTransfer

1432 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dollarsurvey.org Open in urlscan Pro
2606:4700:20::681a:8c0 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

67 %
IPv6

23
Domains

23
Subdomains

19
IPs

6
Countries

480 kB
Transfer

1432 kB
Size

7
Cookies

52 HTTP transactions
0 data transactions