dollarsurvey.org Open in urlscan Pro
2606:4700:20::681a:9c0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://installyourfiles.com/show.php?l=0&u=274520&id=31173
Effective URL:
https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments...
Submission: On February 18 via manual (February 18th 2021, 7:01:28 pm UTC) from FR

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 26 domains to perform 60 HTTP transactions. The main IP is 2606:4700:20::681a:9c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is dollarsurvey.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 16th 2020. Valid for: a year.

This is the only time dollarsurvey.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:20:... 2606:4700:20::681a:80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	212.32.250.1 212.32.250.1	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 3	216.104.36.157 216.104.36.157	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	18.195.123.247 18.195.123.247	16509 (AMAZON-02) (AMAZON-02)
1 1	3.127.153.20 3.127.153.20	16509 (AMAZON-02) (AMAZON-02)
2	18.184.38.55 18.184.38.55	16509 (AMAZON-02) (AMAZON-02)
2 2	139.45.196.86 139.45.196.86	9002 (RETN-AS) (RETN-AS)
1 2	139.45.195.153 139.45.195.153	9002 (RETN-AS) (RETN-AS)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
9	2606:4700:20:... 2606:4700:20::681a:9c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
4	139.45.197.240 139.45.197.240	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3033::6815:3d08	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
9	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
60	21

1 2606:4700:20::681a:80 (United States)

ASN13335 (CLOUDFLARENET, US)

installyourfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.32.250.1 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go.secureclickers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yo.wackotracko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.104.36.157 (United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

get.w0pt0p.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.123.247 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com

abstrg.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.153.20 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-153-20.eu-central-1.compute.amazonaws.com

thanks-page.velac.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com

airsle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
official-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.196.86 (United Kingdom) 2 redirects

ASN9002 (RETN-AS, GB)

bainushe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.153 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

rouonixon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:9c0 (United States)

ASN13335 (CLOUDFLARENET, US)

dollarsurvey.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.240 (United Kingdom)

ASN9002 (RETN-AS, GB)

propeller-tracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:3d08 (United States)

ASN13335 (CLOUDFLARENET, US)

tagstaticx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

o24257.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.48.68.71 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

tagdatax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	tagdatax.com tagdatax.com	2 KB
9	dollarsurvey.org dollarsurvey.org	176 KB
8	yandex.ru 1 redirects mc.yandex.ru	68 KB
6	google.com www.google.com	35 KB
4	propeller-tracking.com propeller-tracking.com	4 KB
3	rtmark.net my.rtmark.net	2 KB
3	w0pt0p.online 1 redirects get.w0pt0p.online	5 KB
2	facebook.com www.facebook.com	557 B
2	facebook.net connect.facebook.net	95 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	sentry.io o24257.ingest.sentry.io	1 KB
2	rouonixon.com 1 redirects rouonixon.com	7 KB
2	bainushe.com 2 redirects bainushe.com	2 KB
1	google.de www.google.de	505 B
1	doubleclick.net stats.g.doubleclick.net	447 B
1	googlesyndication.com pagead2.googlesyndication.com
1	googletagmanager.com www.googletagmanager.com	34 KB
1	tagstaticx.com tagstaticx.com	36 KB
1	sentry-cdn.com browser.sentry-cdn.com	17 KB
1	official-redirect.com official-redirect.com	556 B
1	airsle.com airsle.com	1 KB
1	velac.me 1 redirects thanks-page.velac.me	248 B
1	abstrg.me 1 redirects abstrg.me	2 KB
1	wackotracko.com yo.wackotracko.com	386 B
1	secureclickers.com go.secureclickers.com	392 B
1	installyourfiles.com installyourfiles.com	833 B
60	26

	Domain	Requested by
9	tagdatax.com	tagstaticx.com browser.sentry-cdn.com
9	dollarsurvey.org	dollarsurvey.org
8	mc.yandex.ru	1 redirects www.googletagmanager.com browser.sentry-cdn.com
6	www.google.com	dollarsurvey.org
4	propeller-tracking.com	dollarsurvey.org browser.sentry-cdn.com propeller-tracking.com
3	my.rtmark.net	rouonixon.com browser.sentry-cdn.com
3	get.w0pt0p.online	1 redirects get.w0pt0p.online
2	www.facebook.com	dollarsurvey.org
2	connect.facebook.net	installyourfiles.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com dollarsurvey.org
2	o24257.ingest.sentry.io	browser.sentry-cdn.com
2	rouonixon.com	1 redirects
2	bainushe.com	2 redirects
1	www.google.de	dollarsurvey.org
1	stats.g.doubleclick.net	browser.sentry-cdn.com
1	pagead2.googlesyndication.com	browser.sentry-cdn.com
1	www.googletagmanager.com	dollarsurvey.org
1	tagstaticx.com	dollarsurvey.org
1	browser.sentry-cdn.com	dollarsurvey.org
1	official-redirect.com
1	airsle.com	get.w0pt0p.online
1	thanks-page.velac.me	1 redirects
1	abstrg.me	1 redirects
1	yo.wackotracko.com
1	go.secureclickers.com	installyourfiles.com
1	installyourfiles.com
60	26

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
itsokto.linktolinkyourlink.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2021-03-13`	a year	crt.sh
get.w0pt0p.online R3	`2020-12-21` - `2021-03-21`	3 months	crt.sh
airsle.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-08` - `2022-01-08`	a year	crt.sh
official-redirect.com R3	`2021-01-08` - `2021-04-08`	3 months	crt.sh
rouonixon.com R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
v2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-11` - `2021-04-22`	2 months	crt.sh
propeller-tracking.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-05` - `2021-11-05`	a year	crt.sh
*.ingest.sentry.io R3	`2020-12-28` - `2021-03-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tagdatax.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-09` - `2021-12-10`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
Frame ID: 15C9A488258AC1E5BB94CD930AEC5A28
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://installyourfiles.com/show.php?l=0&u=274520&id=31173 Page URL
https://go.secureclickers.com/click?pid=100&offer_id=9838&sub1=1083690689&sub2=100_274520 Page URL
https://yo.wackotracko.com/click?pid=2&offer_id=719&sub1=1083690689&sub2=100&sub3=100_274520&sub4=9838&... Page URL
https://get.w0pt0p.online/?utm_medium=87671f8c08ef26a74e7462a6173ac3de0a8f8639&utm_campaign=redirectpo... Page URL
https://get.w0pt0p.online/?utm_term=6930680801633763723&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://get.w0pt0p.online/proc.php?7039baaf905017587ebd1683fdb12b25c6ccabb6 HTTP 302
https://abstrg.me/32b8ea19-8135-4c30-8069-b4e51bbef4d3?pubid=4525&pid=4525-7d98cc5b&trk=M69306... HTTP 302
https://thanks-page.velac.me/fr_fr/pfab20_c/?domain=abstrg.me&cep=kRc0B6NXR3QZJHvvSYL3DYej9Rx2aIOVNLe0H1v... HTTP 302
https://airsle.com/dd3b370c-9a03-4aa9-a81d-f6d492e0a63a Page URL
https://official-redirect.com/redirect?target=BASE64aHR0cHM6Ly9iYWludXNoZS5jb20vbGluaz96PTM2NTMzMDkmdmFyPT... Page URL
https://bainushe.com/link?z=3653309&var=1&ymid=w36kfn17din3l3k5ihpns5mg HTTP 302
https://rouonixon.com/4/3891600/?var=3653309 Page URL
https://rouonixon.com/?z=3891600 HTTP 302
https://bainushe.com/link?z=3945676&var=3891600&ymid=386343019126727237 HTTP 302
https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=38634284603199996... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

60
Requests

100 %
HTTPS

54 %
IPv6

26
Domains

26
Subdomains

21
IPs

6
Countries

503 kB
Transfer

1492 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://installyourfiles.com/show.php?l=0&u=274520&id=31173 Page URL
https://go.secureclickers.com/click?pid=100&offer_id=9838&sub1=1083690689&sub2=100_274520 Page URL
https://yo.wackotracko.com/click?pid=2&offer_id=719&sub1=1083690689&sub2=100&sub3=100_274520&sub4=9838&sub5=FR&sub6=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36 Page URL
https://get.w0pt0p.online/?utm_medium=87671f8c08ef26a74e7462a6173ac3de0a8f8639&utm_campaign=redirectpool&1=100&cid=602eb9763585e900010c4b91 Page URL
https://get.w0pt0p.online/?utm_term=6930680801633763723&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e Page URL
https://get.w0pt0p.online/proc.php?7039baaf905017587ebd1683fdb12b25c6ccabb6 HTTP 302
https://abstrg.me/32b8ea19-8135-4c30-8069-b4e51bbef4d3?pubid=4525&pid=4525-7d98cc5b&trk=M6930680801633763723&camp=desktop-wifi&cro=[[creative_id]]&app=unknown&cc=0&clickid=M6930680801633763723 HTTP 302
https://thanks-page.velac.me/fr_fr/pfab20_c/?domain=abstrg.me&cep=kRc0B6NXR3QZJHvvSYL3DYej9Rx2aIOVNLe0H1vl4GU6HmyEpIitFkeiGf-0kCJe3jq_CdEf8O6raRfAxqGFYsOQy0WhemKpXHl8Okge8qXI9QrO0c_PTigFKpJ4t7lmLIiQRA8gTSUHNcqqI8fY39QJ5jk1RUo0A8Z6N0s8peyt-BGAYtaFkeYm0Hgl9WSUuSpkDdQADqFdc9g09j4U1jek-0N6aIAufepaeQBxhD1NioU1aqnHMPEMC-effhWuM3Zw3N6dhqmAVGoxYI2cjzjR1TJVuc0N6nIgi2z9HgMhmoBZUNGHHQTHMCKEHUGClZjHChBNuk0T4t-11EVbWcl0gq5chG6DiyHJA45YrBL2BrRzdTwQ5Zdhv1Qfo3VwEcG-PhoUwHfE9wGLmnvAVBboN_Kz7y5yUZHlQhEFazAve9ygGwUGdUIhEBCfJXKvKiZEe_NTfOuChvuH2nLU9KOtIAJi-zmd4DIezbJPrfAQVqc1j97FJ0X4s6rcGUn8SjqEPuMDJ19V9YjnO_ZuiSqTSRiQ9IM2BLhoM9g638iOUjXV6aRGliqSAo0MDC9au3jnzufdSOzOMrDtNK3I4MlT6kL81FhnGAmrMyVtr2E&lptoken=166113e867ed66407338&pubid=4525&pid=4525-7d98cc5b&trk=M6930680801633763723&camp=desktop-wifi&cro=%5B%5Bcreative_id%5D%5D&app=unknown&cc=0&clickid=M6930680801633763723 HTTP 302
https://airsle.com/dd3b370c-9a03-4aa9-a81d-f6d492e0a63a Page URL
https://official-redirect.com/redirect?target=BASE64aHR0cHM6Ly9iYWludXNoZS5jb20vbGluaz96PTM2NTMzMDkmdmFyPTEmeW1pZD13MzZrZm4xN2RpbjNsM2s1aWhwbnM1bWc&ts=1613674873474&hash=Z6-9urfiXIzTc_NBiDBkW_7LPEaO36bfVoUfxZqHCE4&rm=D Page URL
https://bainushe.com/link?z=3653309&var=1&ymid=w36kfn17din3l3k5ihpns5mg HTTP 302
https://rouonixon.com/4/3891600/?var=3653309 Page URL
https://rouonixon.com/?z=3891600 HTTP 302
https://bainushe.com/link?z=3945676&var=3891600&ymid=386343019126727237 HTTP 302
https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://get.w0pt0p.online/proc.php?7039baaf905017587ebd1683fdb12b25c6ccabb6 HTTP 302
https://abstrg.me/32b8ea19-8135-4c30-8069-b4e51bbef4d3?pubid=4525&pid=4525-7d98cc5b&trk=M6930680801633763723&camp=desktop-wifi&cro=[[creative_id]]&app=unknown&cc=0&clickid=M6930680801633763723 HTTP 302
https://thanks-page.velac.me/fr_fr/pfab20_c/?domain=abstrg.me&cep=kRc0B6NXR3QZJHvvSYL3DYej9Rx2aIOVNLe0H1vl4GU6HmyEpIitFkeiGf-0kCJe3jq_CdEf8O6raRfAxqGFYsOQy0WhemKpXHl8Okge8qXI9QrO0c_PTigFKpJ4t7lmLIiQRA8gTSUHNcqqI8fY39QJ5jk1RUo0A8Z6N0s8peyt-BGAYtaFkeYm0Hgl9WSUuSpkDdQADqFdc9g09j4U1jek-0N6aIAufepaeQBxhD1NioU1aqnHMPEMC-effhWuM3Zw3N6dhqmAVGoxYI2cjzjR1TJVuc0N6nIgi2z9HgMhmoBZUNGHHQTHMCKEHUGClZjHChBNuk0T4t-11EVbWcl0gq5chG6DiyHJA45YrBL2BrRzdTwQ5Zdhv1Qfo3VwEcG-PhoUwHfE9wGLmnvAVBboN_Kz7y5yUZHlQhEFazAve9ygGwUGdUIhEBCfJXKvKiZEe_NTfOuChvuH2nLU9KOtIAJi-zmd4DIezbJPrfAQVqc1j97FJ0X4s6rcGUn8SjqEPuMDJ19V9YjnO_ZuiSqTSRiQ9IM2BLhoM9g638iOUjXV6aRGliqSAo0MDC9au3jnzufdSOzOMrDtNK3I4MlT6kL81FhnGAmrMyVtr2E&lptoken=166113e867ed66407338&pubid=4525&pid=4525-7d98cc5b&trk=M6930680801633763723&camp=desktop-wifi&cro=%5B%5Bcreative_id%5D%5D&app=unknown&cc=0&clickid=M6930680801633763723 HTTP 302
https://airsle.com/dd3b370c-9a03-4aa9-a81d-f6d492e0a63a

Request Chain 7

https://bainushe.com/link?z=3653309&var=1&ymid=w36kfn17din3l3k5ihpns5mg HTTP 302
https://rouonixon.com/4/3891600/?var=3653309

Request Chain 51

https://mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26comments%3Dfr%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991254%26utm_content%3Dzd_public_v2%26var%3D3891600%26survey_id%3D1203030&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A226%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A191912310761%3Ahid%3A885871317%3Az%3A60%3Ai%3A20210218200114%3Aet%3A1613674875%3Ac%3A1%3Arn%3A465879889%3Au%3A161367487543122268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613674873888%3Awv%3A2%3Ads%3A7%2C17%2C45%2C1%2C68%2C0%2C%2C150%2C0%2C%2C%2C%2C292%3Adsn%3A7%2C17%2C44%2C1%2C68%2C0%2C%2C153%2C0%2C%2C%2C%2C292%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613674875%3At%3AVoulez-vous%20faire%20une%20grande%20carri%C3%A8re%20en%20ligne%20et%20devenir%20millionnaire%20d%27ici%202021%C2%A0%3F HTTP 302
https://mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26comments%3Dfr%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991254%26utm_content%3Dzd_public_v2%26var%3D3891600%26survey_id%3D1203030&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A226%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A191912310761%3Ahid%3A885871317%3Az%3A60%3Ai%3A20210218200114%3Aet%3A1613674875%3Ac%3A1%3Arn%3A465879889%3Au%3A161367487543122268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613674873888%3Awv%3A2%3Ads%3A7%2C17%2C45%2C1%2C68%2C0%2C%2C150%2C0%2C%2C%2C%2C292%3Adsn%3A7%2C17%2C44%2C1%2C68%2C0%2C%2C153%2C0%2C%2C%2C%2C292%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613674875%3At%3AVoulez-vous%20faire%20une%20grande%20carri%C3%A8re%20en%20ligne%20et%20devenir%20millionnaire%20d%27ici%202021%C2%A0%3F

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 show.php Show response
installyourfiles.com/ 602 B
833 B 267ms
235ms Document
text/html 2606:4700:20::681a:80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://installyourfiles.com/show.php?l=0&u=274520&id=31173
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53238ba1ca81b42a76bc2557ae62d62f03be9dc837311be22eec152a46524bdc

Request headers

:method: GET
:authority: installyourfiles.com
:scheme: https
:path: /show.php?l=0&u=274520&id=31173
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d99d574360966a0f863d81bd3b77288a71613674870; expires=Sat, 20-Mar-21 19:01:10 GMT; path=/; domain=.installyourfiles.com; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
cf-request-id: 08581d8dbf00001f55ac009000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8x0xwmWp2Ke94u8gMUyVSUxzkE6CqGB8Lms9VQZL0LLFLxm4AiJ%2BUwBJZka3BffaunX1nU8xlF3gKBl6Q5a4DqCAQS60HiiCjW8hvvxp8jyN7xkyLsJplHgaO4HJid9siQ%3D%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6239fec2ccb21f55-FRA
content-encoding: br

GET
H2 200 click Show response
go.secureclickers.com/ 394 B
392 B 207ms
53ms Document
text/html 212.32.250.1
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.secureclickers.com/click?pid=100&offer_id=9838&sub1=1083690689&sub2=100_274520
Requested by: Host: installyourfiles.com
URL: https://installyourfiles.com/show.php?l=0&u=274520&id=31173
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.32.250.1 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: bdee772b1da3742339ad59c5f520e02320560daebd53b2cf7aaa82ab87adc5a4

Request headers

:method: GET
:authority: go.secureclickers.com
:scheme: https
:path: /click?pid=100&offer_id=9838&sub1=1083690689&sub2=100_274520
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://installyourfiles.com/show.php?l=0&u=274520&id=31173
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://installyourfiles.com/show.php?l=0&u=274520&id=31173

Response headers

server: nginx
date: Thu, 18 Feb 2021 19:01:10 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip

GET
H2 200 click Show response
yo.wackotracko.com/ 277 B
386 B 96ms
50ms Document
text/html 212.32.250.1
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://yo.wackotracko.com/click?pid=2&offer_id=719&sub1=1083690689&sub2=100&sub3=100_274520&sub4=9838&sub5=FR&sub6=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.32.250.1 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: c5fc2d36d29f9c542c89c9cd07793ae2c77f651cb8d3818ab487677527138ac1

Request headers

:method: GET
:authority: yo.wackotracko.com
:scheme: https
:path: /click?pid=2&offer_id=719&sub1=1083690689&sub2=100&sub3=100_274520&sub4=9838&sub5=FR&sub6=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Thu, 18 Feb 2021 19:01:10 GMT
content-type: text/html; charset=utf-8
set-cookie: afclick=602eb9763585e900010c4b91; Expires=Fri, 18 Feb 2022 19:01:10 GMT; Secure; SameSite=None
content-encoding: gzip

GET
H2 200 / Show response
get.w0pt0p.online/ 3 KB
2 KB 2066ms
112ms Document
text/html 216.104.36.157
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://get.w0pt0p.online/?utm_medium=87671f8c08ef26a74e7462a6173ac3de0a8f8639&utm_campaign=redirectpool&1=100&cid=602eb9763585e900010c4b91

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.104.36.157 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.4.10

Resource Hash

1b11563a7467f9ccf6dbe54b00c14077fe31ebad725dc77659f1dae25837d36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: get.w0pt0p.online
:scheme: https
:path: /?utm_medium=87671f8c08ef26a74e7462a6173ac3de0a8f8639&utm_campaign=redirectpool&1=100&cid=602eb9763585e900010c4b91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Thu, 18 Feb 2021 19:01:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.10
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=84f03147e20fc840cccf5188dee5df29; expires=Fri, 18-Feb-2022 19:01:12 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2 200 / Show response
get.w0pt0p.online/ 9 KB
3 KB 119ms
119ms Document
text/html 216.104.36.157
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://get.w0pt0p.online/?utm_term=6930680801633763723&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Requested by

Host: get.w0pt0p.online
URL: https://get.w0pt0p.online/?utm_medium=87671f8c08ef26a74e7462a6173ac3de0a8f8639&utm_campaign=redirectpool&1=100&cid=602eb9763585e900010c4b91

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.104.36.157 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.4.10

Resource Hash

bf48781168f5a06ef2be09fed5e1d6a595a567217bf4979e49698e33fb69ac67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: get.w0pt0p.online
:scheme: https
:path: /?utm_term=6930680801633763723&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://get.w0pt0p.online/?utm_medium=87671f8c08ef26a74e7462a6173ac3de0a8f8639&utm_campaign=redirectpool&1=100&cid=602eb9763585e900010c4b91
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: u=84f03147e20fc840cccf5188dee5df29
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://get.w0pt0p.online/?utm_medium=87671f8c08ef26a74e7462a6173ac3de0a8f8639&utm_campaign=redirectpool&1=100&cid=602eb9763585e900010c4b91

Response headers

server: nginx
date: Thu, 18 Feb 2021 19:01:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.10
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H/1.1

200

Cookie set dd3b370c-9a03-4aa9-a81d-f6d492e0a63a Show response
airsle.com/
Redirect Chain

https://get.w0pt0p.online/proc.php?7039baaf905017587ebd1683fdb12b25c6ccabb6
https://abstrg.me/32b8ea19-8135-4c30-8069-b4e51bbef4d3?pubid=4525&pid=4525-7d98cc5b&trk=M6930680801633763723&camp=desktop-wifi&cro=[[creative_id]]&app=unknown&cc=0&clickid=M6930680801633763723
https://thanks-page.velac.me/fr_fr/pfab20_c/?domain=abstrg.me&cep=kRc0B6NXR3QZJHvvSYL3DYej9Rx2aIOVNLe0H1vl4GU6HmyEpIitFkeiGf-0kCJe3jq_CdEf8O6raRfAxqGFYsOQy0WhemKpXHl8Okge8qXI9QrO0c_PTigFKpJ4t7lmLIi...
https://airsle.com/dd3b370c-9a03-4aa9-a81d-f6d492e0a63a

434 B
1 KB

116ms
24ms

Document
text/html

18.184.38.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airsle.com/dd3b370c-9a03-4aa9-a81d-f6d492e0a63a
Requested by: Host: get.w0pt0p.online
URL: https://get.w0pt0p.online/?utm_term=6930680801633763723&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.38.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5137c00148f92edf7bb0ce9ce0fb084c4243bb360e5bf36140e8b2fcb2980724

Request headers

Host: airsle.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://get.w0pt0p.online/?utm_term=6930680801633763723&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://get.w0pt0p.online/?utm_term=6930680801633763723&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e#

Response headers

Server: nginx
Date: Thu, 18 Feb 2021 19:01:13 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 434
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: dd3b370c-9a03-4aa9-a81d-f6d492e0a63a-v4=dd3b370c-9a03-4aa9-a81d-f6d492e0a63a; Max-Age=86400; Expires=Fri, 19-Feb-2021 19:01:13 GMT; Domain=airsle.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=1x3yoXArWV9eJpGex1HOjMHU4Ed6NRx%2B6YhJ5XtCmBxoIm3JhRlScgZuE6cVQda%2BMVJL0oGSpecSgsuDsNzLRXhdko9FFGmoYq1TxQBrcGYci2X6e2WMUUhLpiljhFXQiE9FBSO8sUMKAkxcXfSjlg%3D%3D; Max-Age=31536000; Expires=Fri, 18-Feb-2022 19:01:13 GMT; Domain=airsle.com; Path=/; Secure; HttpOnly;SameSite=None

Redirect headers

Server: nginx
Date: Thu, 18 Feb 2021 19:01:13 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://airsle.com/dd3b370c-9a03-4aa9-a81d-f6d492e0a63a

GET
H/1.1 200 redirect Show response
official-redirect.com/ 283 B
556 B 90ms
29ms Document
text/html 18.184.38.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://official-redirect.com/redirect?target=BASE64aHR0cHM6Ly9iYWludXNoZS5jb20vbGluaz96PTM2NTMzMDkmdmFyPTEmeW1pZD13MzZrZm4xN2RpbjNsM2s1aWhwbnM1bWc&ts=1613674873474&hash=Z6-9urfiXIzTc_NBiDBkW_7LPEaO36bfVoUfxZqHCE4&rm=D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.38.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e6f9d46ba58f9ebd7c32a9ddb7ae96268e7d7136c9dc5a9da5836e376d25bbe1

Request headers

Host: official-redirect.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://airsle.com/dd3b370c-9a03-4aa9-a81d-f6d492e0a63a
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://airsle.com/dd3b370c-9a03-4aa9-a81d-f6d492e0a63a

Response headers

Server: nginx
Date: Thu, 18 Feb 2021 19:01:13 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 283
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

GET
H2

200

/ Show response
rouonixon.com/4/3891600/
Redirect Chain

https://bainushe.com/link?z=3653309&var=1&ymid=w36kfn17din3l3k5ihpns5mg
https://rouonixon.com/4/3891600/?var=3653309

13 KB
7 KB

99ms
30ms

Document
text/html

139.45.195.153
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rouonixon.com/4/3891600/?var=3653309
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.153 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5e3baa47e20acdf1e50d25f07a70d61ae4d14009aee73523993b7e6eeb815532

Request headers

:method: GET
:authority: rouonixon.com
:scheme: https
:path: /4/3891600/?var=3653309
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://official-redirect.com/redirect?target=BASE64aHR0cHM6Ly9iYWludXNoZS5jb20vbGluaz96PTM2NTMzMDkmdmFyPTEmeW1pZD13MzZrZm4xN2RpbjNsM2s1aWhwbnM1bWc&ts=1613674873474&hash=Z6-9urfiXIzTc_NBiDBkW_7LPEaO36bfVoUfxZqHCE4&rm=D

Response headers

server: nginx
date: Thu, 18 Feb 2021 19:01:13 GMT
content-type: text/html; charset=utf8
access-control-allow-origin: * *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
timing-allow-origin: *
x-trace-id: a75d3ef570098574bcdf7f9a11861dec
link: <https://propeller-tracking.com>; rel="dns-prefetch preconnect",<//>; rel="dns-prefetch preconnect"
set-cookie: OAID=f30814bc5e674e2f8c2e9537d8854c83; expires=Fri, 18 Feb 2022 19:01:13 GMT; path=/; secure; SameSite=None oaidts=1613674873; expires=Fri, 18 Feb 2022 19:01:13 GMT; path=/; secure; SameSite=None
content-encoding: gzip

Redirect headers

server: nginx
date: Thu, 18 Feb 2021 19:01:13 GMT
content-length: 0
location: https://rouonixon.com/4/3891600/?var=3653309
access-control-allow-credentials: true
access-control-allow-origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 791695a69afec0636c74712c8eb65752
link: <//my.rtmark.net>; rel="dns-prefetch preconnect" <https://rouonixon.com>; rel="dns-prefetch preconnect"
referrer-policy: no-referrer
set-cookie: OAID=9c6dac0d9ec443b395a86541cee35ed3; expires=Fri, 18 Feb 2022 19:01:13 GMT oaidts=1613674873; expires=Fri, 18 Feb 2022 19:01:13 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 95ms
28ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=f30814bc5e674e2f8c2e9537d8854c83

Requested by

Host: rouonixon.com
URL: https://rouonixon.com/4/3891600/?var=3653309

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://rouonixon.com/4/3891600/?var=3653309
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:13 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

Primary Request survey.html Show response
dollarsurvey.org/
Redirect Chain

https://rouonixon.com/?z=3891600
https://bainushe.com/link?z=3945676&var=3891600&ymid=386343019126727237
https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052...

3 KB
2 KB

69ms
45ms

Document
text/html

2606:4700:20::681a:9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eea2b44c8edd1517dea365bc40ae8b641425a77a8db1fa02f5958c208179bae9

Request headers

:method: GET
:authority: dollarsurvey.org
:scheme: https
:path: /survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://rouonixon.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-type: text/html
set-cookie: __cfduid=dfbe9136f6af5cb4bbf5058b7caaefa2f1613674873; expires=Sat, 20-Mar-21 19:01:13 GMT; path=/; domain=.dollarsurvey.org; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 18 Feb 2021 15:50:44 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
cf-request-id: 08581d9c7f00004eceebab6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pDkTehYLRQbKLgI5uAHngmKR0EAtLeXVcnItMVB0gxGheZ4dp1RPsYXKfIVCU2kiv5QfYwniULfRCoE%2BNL1TQTmEzShs3LJOkwDjvUbuVTZhkfawmEo0BoLHAkT0"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6239feda6caf4ece-FRA
content-encoding: br

Redirect headers

server: nginx
date: Thu, 18 Feb 2021 19:01:13 GMT
content-length: 0
location: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
access-control-allow-credentials: true
access-control-allow-origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 5250375151c4cc315f8d1671de87e3db
link: <//my.rtmark.net>; rel="dns-prefetch preconnect" <https://dollarsurvey.org>; rel="dns-prefetch preconnect"
referrer-policy: no-referrer
set-cookie: OAID=9c6dac0d9ec443b395a86541cee35ed3; expires=Fri, 18 Feb 2022 19:01:13 GMT oaidts=1613674873; expires=Fri, 18 Feb 2022 19:01:13 GMT OXCCLK=4052446.1; expires=Fri, 18 Feb 2022 19:01:13 GMT allcnt=1; expires=Fri, 18 Feb 2022 19:01:13 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.15.5/ 55 KB
17 KB 42ms
13ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Requested by

Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1ee94537308b969ae3e3fe075f960e89e5817fc57f9464fd66b65a124448c66a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://dollarsurvey.org
Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 08:16:03 GMT
server: Fastly
age: 26105570
etag: "8c32735049305a5594a56ef0e4519e8e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 17451
expires: Thu, 22 Apr 2021 15:28:23 GMT

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 150ms
45ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 6af000d23b1d0b5683e6dd2aabf01180
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 rtc.js Show response
dollarsurvey.org/js/data/ 9 KB
4 KB 14ms
12ms Script
application/javascript 2606:4700:20::681a:9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/js/data/rtc.js
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7451d450f924d17165431bc8b6c19b14f66351268b472b3da790a14db8d33f4e

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4248
cf-polished: origSize=12404
cf-request-id: 08581d9cb600004ecede296000000001
last-modified: Thu, 18 Feb 2021 15:50:44 GMT
server: cloudflare
etag: W/"602e8cd4-3074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AEfCPY3%2BdtTZZAhEbLfemdU6Aw9U4zeT1%2BxNTXMKVtu20SKB9ZMFPY3vp6cOfhYlaC0U01akP8YiL5KZccr6%2FJu1CZWykaFsZy%2Fn57Zi0wXLk4ttobwgQ%2BL8e0Dy"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6239fedabd634ece-FRA
cf-bgj: minify

GET
H2 200 config.js Show response
dollarsurvey.org/js/ 101 KB
33 KB 20ms
18ms Script
application/javascript 2606:4700:20::681a:9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/js/config.js
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34eae45b4ed40954f4396ebc16fbf0695eaa4722d08c0b7d99d64665dbec3e0d

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4248
cf-polished: origSize=103575
cf-request-id: 08581d9cb600004eced4085000000001
last-modified: Thu, 18 Feb 2021 15:50:44 GMT
server: cloudflare
etag: W/"602e8cd4-19497"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eGN%2B8vXtMS9e4qmoCalE2lKu4ZpNDzfn24c3qL6dwh1IpvBCgfJXQb%2Fbe1I1yQex2lImIdDqhdmKf8fy76Ks%2FLtG2QVBj6ZNcZpPEgZNPeqKeXwR2uy4XH243glX"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6239fedabd664ece-FRA
cf-bgj: minify

GET
H2 200 survey.css
dollarsurvey.org/css/ 31 KB
6 KB 15ms
13ms Stylesheet
text/css 2606:4700:20::681a:9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/css/survey.css
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbe7be535da1105155e50d93dfe55af741c9cdca1dfa6be4c23e4969fd08832a

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4248
cf-polished: origSize=31444
cf-request-id: 08581d9cb500004ece09353000000001
last-modified: Thu, 18 Feb 2021 15:50:44 GMT
server: cloudflare
etag: W/"602e8cd4-7ad4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rucUO8rGKUh%2BLs4TUQtlUcfyI68eJLdYTaQ%2F9uI5JQZNfoaCnP85MJ1f6xU8j%2BWeZ6bKdWGAQEOk%2FXvX8y20Tm0gAQs58FOlD0xwdp6QvCLTmmsMFVPeKgNv4Ee1"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6239fedabd604ece-FRA
cf-bgj: minify

GET
H2 200 style.min.css
dollarsurvey.org/css/ 13 KB
3 KB 14ms
13ms Stylesheet
text/css 2606:4700:20::681a:9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/css/style.min.css
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467c377cb4132ee8749c7ebc040a07f9898fd4eb5333f84fd163645e3cc11775

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Feb 2021 15:50:44 GMT
server: cloudflare
age: 4248
etag: W/"602e8cd4-3561"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=99Ga86q%2Bq%2BF6yRWuB9msCWyhzxB0MaDbpcBRcGpdLUbGmQ%2F4%2BgSiBpiOwuSTmeU3D0ypLH1XGBrqjmYifgetV41%2FPJAzTyOIunBSDtXrkeTEDBSTuWFSxOM0rJBz"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6239fedabd624ece-FRA
cf-request-id: 08581d9cb600004ecef38dd000000001

GET
H2 200 icon-survey.svg
dollarsurvey.org/img/ 3 KB
1 KB 17ms
14ms Image
image/svg+xml 2606:4700:20::681a:9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dollarsurvey.org/img/icon-survey.svg
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a92922801ea676a88192b928a94d9179fe23c789767bba01647c21fb289904

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Feb 2021 15:50:44 GMT
server: cloudflare
age: 4248
etag: W/"602e8cd4-c26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5U33%2FH0qOluQ9rA49tyI84KeHTylvb2iXIoYBdf2NtJ%2BpLBChGCldpFJDzGbCzIwADigypjUQ1mOjD4MDCEVdxqE1qQjNBaABHm5%2B3ar%2BHERiYgRTn%2FzeQDhAftZ"}],"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6239fedb0df94ece-FRA
cf-request-id: 08581d9ce200004ece0a17b000000001

GET
H2 200 survey.js Show response
dollarsurvey.org/js/ 310 KB
93 KB 31ms
28ms Script
application/javascript 2606:4700:20::681a:9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/js/survey.js
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b3a058991ff676ef51da0ed5380d2813d61ab5b8d26b592a9a0b2a07ec4712

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4248
cf-polished: origSize=317005
cf-request-id: 08581d9ce200004ece1a150000000001
last-modified: Thu, 18 Feb 2021 15:50:44 GMT
server: cloudflare
etag: W/"602e8cd4-4d64d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3KAwqdPx7OmWOf%2BPSM6L%2Bez8%2FJKxKc%2FpcC53PCBmL58qnpWYUJTXwhdc7Mcrr7UCDkhjwq6VHDLK76QvDCSJl0kM9%2B59DLZLa2Q3ekAIK3jdnKiDHjIyzfz4ojMQ"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6239fedb0df64ece-FRA
cf-bgj: minify

GET
H2 200 sd-1203030.js Show response
dollarsurvey.org/js/data/ 11 KB
2 KB 17ms
15ms Script
application/javascript 2606:4700:20::681a:9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/js/data/sd-1203030.js
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/js/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48b12f93bcc807dd75c192119531640c6a0f13b366f1db7d9f6a74ae0de98da8

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5068
cf-polished: origSize=16822
cf-request-id: 08581d9ce200004ece1ca43000000001
last-modified: Thu, 18 Feb 2021 15:50:44 GMT
server: cloudflare
etag: W/"602e8cd4-41b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I2YX7eCr56tg5EdgDX%2FsnF1MTDa18fLeyd2BDtdgvrrRf5tWp7Z66J11%2BjadfVEAm7%2FA89e01J9UIFL8mG3L%2FZg4WDKuYzEO6MvcJd51Z10Pw%2FONBA19miOkTAGS"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6239fedb0dfa4ece-FRA
cf-bgj: minify

GET
H2 200 tag.js Show response
tagstaticx.com/ 81 KB
36 KB 47ms
19ms Script
application/javascript 2606:4700:3033::6815:3d08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tagstaticx.com/tag.js
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/js/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3d08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ddcc38e1b0f35fc1ea36a59847a1d5adf048138c755589f205409be4b6aa47

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Feb 2021 21:08:32 GMT
server: cloudflare
age: 3064
etag: W/"6019bf50-14250"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aitv67mSE5VblcP9JrSxjlzI7oG3nfOPxuTdkJm1Eg%2BqFUr0V31tWaXzJG690O3R50e4C4VmpMEnUxL%2FIz08cQfY4ZwEnWXJv6ZYwb8esCrlcp3kpMOP36tnvw%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6239fedb2cb2e00b-FRA
cf-request-id: 08581d9cf80000e00be6be3000000001

GET
H2 200 micro.tag.min.js Show response
dollarsurvey.org/pfe/current/ 131 KB
32 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dollarsurvey.org/pfe/current/micro.tag.min.js?z=3907166&sw=/sw/sw3907166.js&var=3945676&ymid=3891600&cdn=1&domain=ugyplysh.com
Requested by: Host: dollarsurvey.org
URL: https://dollarsurvey.org/js/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce5b70f4867cc996d2cc6d4b6627e68490349fc6f7f1896b4983f02baba7a28

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Feb 2021 15:50:44 GMT
server: cloudflare
age: 4229
etag: W/"602e8cd4-20bd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C2pwZ4p6%2FLDZbvu%2BItb3Go7A4t%2F%2Bh2tcIAEjWjni3cJCPP0TiPL95JelYrMb7QnFd0RLal2HtksyDZhfa2gjRh0QKbkJhRsS7CgHmuX1PCkgthJrO3sE1%2FxyIbrA"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6239fedb4e754ece-FRA
cf-request-id: 08581d9d0a00004ece0a17f000000001

POST
H/1.1 429
Too Many Requests / Show response
o24257.ingest.sentry.io/api/5219077/store/ 45 B
582 B 496ms
123ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o24257.ingest.sentry.io/api/5219077/store/?sentry_key=3bace7bf2fdc4ab880d8160dd2edcfce&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

77e29e7c2ef665fb66daa4adbd5a877ad518b9698c165e1a486813acf9ee84f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dollarsurvey.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 18 Feb 2021 19:01:14 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 45
x-sentry-rate-limits: 60:default;error;transaction;security;attachment:organization:usage_exceeded
retry-after: 60

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 30ms
30ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5083e50f75ba7069e8e22f1fb2e25eaeb42647d9129469bf1e18c6bb68646cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
34 KB 40ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLSFF85

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

234d5af600187b737060feab0f31216b95b8f0fa47a12aa4b259b5a23fb1cde0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34099
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Feb 2021 19:01:14 GMT

OPTIONS
H/1.1 200
OK pix.jpg
tagdatax.com/ 0
0 110ms
33ms Other 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/pix.jpg
Protocol: HTTP/1.1
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://dollarsurvey.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Thu, 18 Feb 2021 19:01:14 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 64ms
35ms Fetch
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 13846652425973723064
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 18 Feb 2021 19:01:14 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 35ms
31ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5083e50f75ba7069e8e22f1fb2e25eaeb42647d9129469bf1e18c6bb68646cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H/1.1 200
OK version.js Show response
tagdatax.com/ 57 B
259 B 101ms
29ms Script
application/javascript 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/version.js
Requested by: Host: tagstaticx.com
URL: https://tagstaticx.com/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bb2730705a2219216c1a86125c57060372c770eccd59e5606c7f9cdff0119968

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 19:01:14 GMT
Cache-Control: private, max-age=63072000
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 57
Content-Type: application/javascript

GET
H/1.1 200
OK pix.jpg Show response
tagdatax.com/ 28 B
620 B 42ms
29ms XHR
image/jpeg 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/pix.jpg
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Thu, 18 Feb 2021 19:01:14 GMT
Server: nginx/1.16.1
Etag: bc7167c4-9e68-4ad4-98c7-6d8db807111c
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Expose-Headers: ETag
Cache-Control: private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 28

GET
H2 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 16ms
14ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Thu, 18 Feb 2021 19:01:14 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 16ms
15ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Thu, 18 Feb 2021 19:01:14 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 17ms
16ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Thu, 18 Feb 2021 19:01:14 GMT

GET
H2 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 20ms
19ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Thu, 18 Feb 2021 19:01:14 GMT

GET
H2 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 21ms
21ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Thu, 18 Feb 2021 19:01:14 GMT

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
493 B 38ms
38ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vctx?t=82892

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: ab395ea90c5c4f36b7d24187721df97f
pragma: no-cache
date: Thu, 18 Feb 2021 19:01:12 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H/1.1 200
OK add Show response
tagdatax.com/ir/ 2 B
468 B 44ms
29ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/ir/add
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Thu, 18 Feb 2021 19:01:14 GMT
Server: nginx/1.16.1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

OPTIONS
H/1.1 200
OK add
tagdatax.com/ir/ 0
0 106ms
35ms Other 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/ir/add
Protocol: HTTP/1.1
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://dollarsurvey.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Thu, 18 Feb 2021 19:01:14 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

POST
H/1.1 429
Too Many Requests / Show response
o24257.ingest.sentry.io/api/5219077/store/ 45 B
582 B 491ms
121ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o24257.ingest.sentry.io/api/5219077/store/?sentry_key=3bace7bf2fdc4ab880d8160dd2edcfce&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

77e29e7c2ef665fb66daa4adbd5a877ad518b9698c165e1a486813acf9ee84f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dollarsurvey.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 18 Feb 2021 19:01:14 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 45
x-sentry-rate-limits: 60:default;error;transaction;security;attachment:organization:usage_exceeded
retry-after: 60

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLSFF85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4437
date: Thu, 18 Feb 2021 17:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 18 Feb 2021 19:47:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
25 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: installyourfiles.com
URL: https://installyourfiles.com/show.php?l=0&u=274520&id=31173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: cDOVQG2AfJIQxA0r0jYQs7/J/Iq8vrKNXOsBVhAtm05M+69yPVp4PSW6kjKI8CGv2yZf+JLfgqk5gvbW5ReLKA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 18 Feb 2021 19:01:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
66 KB 145ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLSFF85

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6cc431ef68ca8ba830abbd7e9cc021644a3904d0ac181f3e8389b4fc40e219b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
content-encoding: br
last-modified: Mon, 15 Feb 2021 13:31:56 GMT
etag: "602bfd68-105e2"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67042
expires: Thu, 18 Feb 2021 20:01:14 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 47ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-174297796-1&cid=1135445063.1613674874&jid=1472548987&gjid=1008600780&_gid=1787268584.1613674874&_u=YGBAgEABAAAAAE~&z=1256150337

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 18 Feb 2021 19:01:14 GMT
content-type: text/plain
access-control-allow-origin: https://dollarsurvey.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 7ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=228415049&t=pageview&_s=1&dl=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26comments%3Dfr%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991254%26utm_content%3Dzd_public_v2%26var%3D3891600%26survey_id%3D1203030&ul=en-us&de=UTF-8&dt=Voulez-vous%20faire%20une%20grande%20carri%C3%A8re%20en%20ligne%20et%20devenir%20millionnaire%20d%27ici%202021%C2%A0%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1472548987&gjid=1008600780&cid=1135445063.1613674874&tid=UA-174297796-1&_gid=1787268584.1613674874&gtm=2wg2a1NLSFF85&z=265493162

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 07:19:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42109
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 vbl
propeller-tracking.com/ 0
493 B 37ms
37ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vbl?t=82892&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: f39a51a628ab0e9cab6bdb8c5e9b2b99
pragma: no-cache
date: Thu, 18 Feb 2021 19:01:12 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 735954656947281 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 11ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/735954656947281?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81c8bd84cd7ba16e2f2b0edada897d27cc32c0cd4372a5f4ec54be29358b8619

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70982
x-fb-rlafr: 0
pragma: public
x-fb-debug: XHQb9IRM1MsMoZGEKeB+pNwjlOomo8b8IfjQuxkrJScrCjNbi0o/bDF/dhrQaewaRD/1QIutl9XWVCyupq0lxA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 18 Feb 2021 19:01:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 88274340
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
274 B 31ms
30ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-174297796-1&cid=1135445063.1613674874&jid=1472548987&_u=YGBAgEABAAAAAE~&z=608937637

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 19:01:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 50ms
30ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-174297796-1&cid=1135445063.1613674874&jid=1472548987&_u=YGBAgEABAAAAAE~&z=608937637

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 19:01:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 21ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=735954656947281&ev=PageView&dl=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26comments%3Dfr%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991254%26utm_content%3Dzd_public_v2%26var%3D3891600%26survey_id%3D1203030&rl=&if=false&ts=1613674874352&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1613674874350.1630814042&it=1613674874292&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Feb 2021 19:01:14 GMT

OPTIONS
H/1.1 200
OK etag
tagdatax.com/ 0
0 35ms
35ms Other 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/etag
Protocol: HTTP/1.1
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://dollarsurvey.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Thu, 18 Feb 2021 19:01:14 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK etag Show response
tagdatax.com/ 2 B
468 B 247ms
247ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/etag
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Thu, 18 Feb 2021 19:01:14 GMT
Server: nginx/1.16.1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

POST
H/1.1 200
OK add Show response
tagdatax.com/log/ 2 B
468 B 31ms
30ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/log/add
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Thu, 18 Feb 2021 19:01:14 GMT
Server: nginx/1.16.1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

OPTIONS
H/1.1 200
OK add
tagdatax.com/log/ 0
0 250ms
250ms Other 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://tagdatax.com/log/add
Protocol: HTTP/1.1
Server: 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://dollarsurvey.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Thu, 18 Feb 2021 19:01:14 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://dollarsurvey.org
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

GET
H2

200

1 Show response
mc.yandex.ru/watch/66423859/
Redirect Chain

https://mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26comme...
https://mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26com...

167 B
249 B

55ms
54ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26comments%3Dfr%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991254%26utm_content%3Dzd_public_v2%26var%3D3891600%26survey_id%3D1203030&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A226%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A191912310761%3Ahid%3A885871317%3Az%3A60%3Ai%3A20210218200114%3Aet%3A1613674875%3Ac%3A1%3Arn%3A465879889%3Au%3A161367487543122268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613674873888%3Awv%3A2%3Ads%3A7%2C17%2C45%2C1%2C68%2C0%2C%2C150%2C0%2C%2C%2C%2C292%3Adsn%3A7%2C17%2C44%2C1%2C68%2C0%2C%2C153%2C0%2C%2C%2C%2C292%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613674875%3At%3AVoulez-vous%20faire%20une%20grande%20carri%C3%A8re%20en%20ligne%20et%20devenir%20millionnaire%20d%27ici%202021%C2%A0%3F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9ecf62d9c62022691769683a533b0d453feff1cf6adcc6d5490dea467e14c3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 19:01:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 18-Feb-2021 19:01:14 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dollarsurvey.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 18-Feb-2021 19:01:14 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Feb 2021 19:01:14 GMT
last-modified: Thu, 18-Feb-2021 19:01:14 GMT
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26comments%3Dfr%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991254%26utm_content%3Dzd_public_v2%26var%3D3891600%26survey_id%3D1203030&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A226%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A191912310761%3Ahid%3A885871317%3Az%3A60%3Ai%3A20210218200114%3Aet%3A1613674875%3Ac%3A1%3Arn%3A465879889%3Au%3A161367487543122268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613674873888%3Awv%3A2%3Ads%3A7%2C17%2C45%2C1%2C68%2C0%2C%2C150%2C0%2C%2C%2C%2C292%3Adsn%3A7%2C17%2C44%2C1%2C68%2C0%2C%2C153%2C0%2C%2C%2C%2C292%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613674875%3At%3AVoulez-vous%20faire%20une%20grande%20carri%C3%A8re%20en%20ligne%20et%20devenir%20millionnaire%20d%27ici%202021%C2%A0%3F
strict-transport-security: max-age=31536000
access-control-allow-origin: https://dollarsurvey.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 18-Feb-2021 19:01:14 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 48ms
47ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:14 GMT
last-modified: Mon, 15 Feb 2021 13:31:56 GMT
etag: "602bfd68-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 18 Feb 2021 20:01:14 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/66423859/ 43 B
73 B 56ms
55ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.org%2Fnotification_permission&page-ref=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26comments%3Dfr%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991254%26utm_content%3Dzd_public_v2%26var%3D3891600%26survey_id%3D1203030&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A191912310761%3Ahid%3A885871317%3Az%3A60%3Ai%3A20210218200114%3Aet%3A1613674875%3Ac%3A1%3Arn%3A502074213%3Au%3A161367487543122268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613674873888%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C682%2C682%2C1%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C682%2C682%2C1%2C%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613674875%3At%3AVoulez-vous%20faire%20une%20grande%20carri%C3%A8re%20en%20ligne%20et%20devenir%20millionnaire%20d%27ici%202021%C2%A0%3F

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 19:01:14 GMT
last-modified: Thu, 18-Feb-2021 19:01:14 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://dollarsurvey.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 18-Feb-2021 19:01:14 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/66423859/ 43 B
73 B 51ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fdollarsurvey.org%2Fnotification_permission&page-ref=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26comments%3Dfr%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991254%26utm_content%3Dzd_public_v2%26var%3D3891600%26survey_id%3D1203030&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A1%3Als%3A191912310761%3Ahid%3A885871317%3Az%3A60%3Ai%3A20210218200114%3Aet%3A1613674875%3Ac%3A1%3Arn%3A900769299%3Au%3A161367487543122268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1613674873888%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1613674875%3At%3AVoulez-vous%20faire%20une%20grande%20carri%C3%A8re%20en%20ligne%20et%20devenir%20millionnaire%20d%27ici%202021%C2%A0%3F

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 19:01:14 GMT
last-modified: Thu, 18-Feb-2021 19:01:14 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://dollarsurvey.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 18-Feb-2021 19:01:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=735954656947281&ev=Microdata&dl=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26comments%3Dfr%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991254%26utm_content%3Dzd_public_v2%26var%3D3891600%26survey_id%3D1203030&rl=&if=false&ts=1613674875856&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Voulez-vous%20faire%20une%20grande%20carri%C3%A8re%20en%20ligne%20et%20devenir%20millionnaire%20d%27ici%202021%C2%A0%3F%22%2C%22meta%3Adescription%22%3A%22survey%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1613674874350.1630814042&it=1613674874292&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:01:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Feb 2021 19:01:15 GMT

POST
H2 204 vbri
propeller-tracking.com/ 0
493 B 29ms
29ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vbri?t=82892&bid=undefined&aid=undefined&tp=2395.6250003539026

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 05edcb5d9b93e2389284e00de32b9aa6
pragma: no-cache
date: Thu, 18 Feb 2021 19:01:14 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://dollarsurvey.org
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 66423859 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 53ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/66423859?wmode=0&wv-part=1&wv-hit=885871317&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26comments%3Dfr%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991254%26utm_content%3Dzd_public_v2%26var%3D3891600%26survey_id%3D1203030&rn=983360533&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1613674877%3Aw%3A1600x1200%3Av%3A421%3Az%3A60%3Ai%3A20210218200116%3Au%3A161367487543122268%3Avf%3Acaxsklyqnpvsij3%3Ati%3A2%3Ast%3A1613674877

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 19:01:16 GMT
last-modified: Thu, 18-Feb-2021 19:01:16 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://dollarsurvey.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 18-Feb-2021 19:01:16 GMT

POST
H2 200 66423859 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 55ms
55ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/66423859?wmode=0&wv-part=1&wv-hit=885871317&page-url=https%3A%2F%2Fdollarsurvey.org%2Fsurvey.html%3Fgeo%3DFR%26oaid%3D9c6dac0d9ec443b395a86541cee35ed3%26s%3D386342846031999960%26z%3D3945676%26comments%3Dfr%26theme%3Ddark-v2%26utm_campaign%3D3891600%26utm_medium%3D3945676%26utm_source%3Dzd_4052446%26utm_term%3D7991254%26utm_content%3Dzd_public_v2%26var%3D3891600%26survey_id%3D1203030&rn=881468505&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1613674877%3Aw%3A1600x1200%3Av%3A421%3Az%3A60%3Ai%3A20210218200116%3Au%3A161367487543122268%3Avf%3Acaxsklyqnpvsij3%3Ati%3A2%3Ast%3A1613674877

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dollarsurvey.org/survey.html?geo=FR&oaid=9c6dac0d9ec443b395a86541cee35ed3&s=386342846031999960&z=3945676&comments=fr&theme=dark-v2&utm_campaign=3891600&utm_medium=3945676&utm_source=zd_4052446&utm_term=7991254&utm_content=zd_public_v2&var=3891600&survey_id=1203030
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 19:01:16 GMT
last-modified: Thu, 18-Feb-2021 19:01:16 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://dollarsurvey.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 18-Feb-2021 19:01:16 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dollarsurvey.org/	1970-01-20 01:00:10	Name: _ym_d Value: 1613674875
.dollarsurvey.org/	1970-01-19 18:24:10	Name: _fbp Value: fb.1.1613674874350.1630814042
.dollarsurvey.org/	1970-01-19 16:14:34	Name: _dc_gtm_UA-174297796-1 Value: 1
.dollarsurvey.org/	1970-01-20 09:45:46	Name: _ga Value: GA1.2.1135445063.1613674874
.dollarsurvey.org/	1970-01-20 01:00:10	Name: _ym_uid Value: 161367487543122268
.dollarsurvey.org/	1970-01-19 16:16:01	Name: _gid Value: GA1.2.1787268584.1613674874
.dollarsurvey.org/	1970-01-19 16:57:46	Name: __cfduid Value: dfbe9136f6af5cb4bbf5058b7caaefa2f1613674873

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://browser.sentry-cdn.com/5.15.5/bundle.min.js(Line 2) Message: TypeError: Cannot read property 'split' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abstrg.me
airsle.com
bainushe.com
browser.sentry-cdn.com
connect.facebook.net
dollarsurvey.org
get.w0pt0p.online
go.secureclickers.com
installyourfiles.com
mc.yandex.ru
my.rtmark.net
o24257.ingest.sentry.io
official-redirect.com
pagead2.googlesyndication.com
propeller-tracking.com
rouonixon.com
stats.g.doubleclick.net
tagdatax.com
tagstaticx.com
thanks-page.velac.me
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
yo.wackotracko.com
139.45.195.153
139.45.195.8
139.45.196.86
139.45.197.240
18.184.38.55
18.195.123.247
212.32.250.1
216.104.36.157
2606:4700:20::681a:80
2606:4700:20::681a:9c0
2606:4700:3033::6815:3d08
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2004
2a00:1450:400c:c0c::9b
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::729
3.127.153.20
35.188.42.15
37.48.68.71
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10b3a058991ff676ef51da0ed5380d2813d61ab5b8d26b592a9a0b2a07ec4712
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13ddcc38e1b0f35fc1ea36a59847a1d5adf048138c755589f205409be4b6aa47
1b11563a7467f9ccf6dbe54b00c14077fe31ebad725dc77659f1dae25837d36a
1ee94537308b969ae3e3fe075f960e89e5817fc57f9464fd66b65a124448c66a
234d5af600187b737060feab0f31216b95b8f0fa47a12aa4b259b5a23fb1cde0
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
34eae45b4ed40954f4396ebc16fbf0695eaa4722d08c0b7d99d64665dbec3e0d
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18
467c377cb4132ee8749c7ebc040a07f9898fd4eb5333f84fd163645e3cc11775
48b12f93bcc807dd75c192119531640c6a0f13b366f1db7d9f6a74ae0de98da8
4ce5b70f4867cc996d2cc6d4b6627e68490349fc6f7f1896b4983f02baba7a28
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5083e50f75ba7069e8e22f1fb2e25eaeb42647d9129469bf1e18c6bb68646cd0
5137c00148f92edf7bb0ce9ce0fb084c4243bb360e5bf36140e8b2fcb2980724
53238ba1ca81b42a76bc2557ae62d62f03be9dc837311be22eec152a46524bdc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5e3baa47e20acdf1e50d25f07a70d61ae4d14009aee73523993b7e6eeb815532
64a92922801ea676a88192b928a94d9179fe23c789767bba01647c21fb289904
6cc431ef68ca8ba830abbd7e9cc021644a3904d0ac181f3e8389b4fc40e219b1
7451d450f924d17165431bc8b6c19b14f66351268b472b3da790a14db8d33f4e
77e29e7c2ef665fb66daa4adbd5a877ad518b9698c165e1a486813acf9ee84f2
81c8bd84cd7ba16e2f2b0edada897d27cc32c0cd4372a5f4ec54be29358b8619
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9ecf62d9c62022691769683a533b0d453feff1cf6adcc6d5490dea467e14c3e3
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
bb2730705a2219216c1a86125c57060372c770eccd59e5606c7f9cdff0119968
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
bdee772b1da3742339ad59c5f520e02320560daebd53b2cf7aaa82ab87adc5a4
bf48781168f5a06ef2be09fed5e1d6a595a567217bf4979e49698e33fb69ac67
c5fc2d36d29f9c542c89c9cd07793ae2c77f651cb8d3818ab487677527138ac1
cbe7be535da1105155e50d93dfe55af741c9cdca1dfa6be4c23e4969fd08832a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f9d46ba58f9ebd7c32a9ddb7ae96268e7d7136c9dc5a9da5836e376d25bbe1
eea2b44c8edd1517dea365bc40ae8b641425a77a8db1fa02f5958c208179bae9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

dollarsurvey.org Open in urlscan Pro 2606:4700:20::681a:9c0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

54 %IPv6

26 Domains

26 Subdomains

21 IPs

6 Countries

503 kBTransfer

1492 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dollarsurvey.org Open in urlscan Pro
2606:4700:20::681a:9c0 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

54 %
IPv6

26
Domains

26
Subdomains

21
IPs

6
Countries

503 kB
Transfer

1492 kB
Size

7
Cookies

60 HTTP transactions
0 data transactions