urlscan.io logo urlscan.io
SecurityTrails logo

surveys.legeropinion.com Open in urlscan Pro
3.224.141.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.ly/U7k7geJ
Effective URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=...
Submission: On August 27 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 3 countries across 25 domains to perform 95 HTTP transactions. The main IP is 3.224.141.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is surveys.legeropinion.com.
TLS certificate: Issued by R3 on July 9th 2023. Valid for: 3 months.
This is the only time surveys.legeropinion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.22.1.232 13335 (CLOUDFLAR...)
1 1 69.172.200.185 19324 (DOSARREST)
1 3.224.141.128 14618 (AMAZON-AES)
2 3.160.5.32 16509 (AMAZON-02)
1 172.217.13.170 15169 (GOOGLE)
3 6 104.16.124.175 13335 (CLOUDFLAR...)
2 3.160.10.129 16509 (AMAZON-02)
2 104.17.24.14 13335 (CLOUDFLAR...)
6 172.217.13.142 15169 (GOOGLE)
2 172.217.13.168 15169 (GOOGLE)
9 172.217.13.110 15169 (GOOGLE)
7 3.160.5.3 16509 (AMAZON-02)
26 18.238.35.220 16509 (AMAZON-02)
1 54.175.49.101 14618 (AMAZON-AES)
2 172.217.13.163 15169 (GOOGLE)
2 31.13.71.7 32934 (FACEBOOK)
2 3.160.6.245 16509 (AMAZON-02)
5 23.44.237.178 20940 (AKAMAI-ASN1)
1 142.250.31.155 15169 (GOOGLE)
1 172.217.13.131 15169 (GOOGLE)
1 7 35.190.43.134 15169 (GOOGLE)
2 31.13.71.36 32934 (FACEBOOK)
1 2 172.217.13.98 15169 (GOOGLE)
1 172.217.13.102 15169 (GOOGLE)
4 172.217.13.202 15169 (GOOGLE)
1 172.217.13.196 15169 (GOOGLE)
1 172.217.13.118 15169 (GOOGLE)
1 172.217.13.161 15169 (GOOGLE)
2 172.217.13.195 15169 (GOOGLE)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
95 28
1    104.22.1.232 (None, )

ASN13335 (CLOUDFLARENET, US)
cutt.ly
1    69.172.200.185 (Canada)

ASN19324 (DOSARREST, US)
PTR: maxbounty.com
afflat3d2.com
1    3.224.141.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-141-128.compute-1.amazonaws.com
surveys.legeropinion.com
2    3.160.5.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-32.cmh68.r.cloudfront.net
builder-assets.unbounce.com
1    172.217.13.170 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f10.1e100.net
ajax.googleapis.com
6    104.16.124.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    3.160.10.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-10-129.cmh68.r.cloudfront.net
d1wbjksx0xxdn3.cloudfront.net
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    172.217.13.142 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f14.1e100.net
www.google-analytics.com
2    172.217.13.168 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f8.1e100.net
www.googletagmanager.com
9    172.217.13.110 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f14.1e100.net
www.youtube.com
analytics.google.com
7    3.160.5.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-3.cmh68.r.cloudfront.net
fonts.ub-assets.com
26    18.238.35.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-35-220.cmh68.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    54.175.49.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-49-101.compute-1.amazonaws.com
events.ub-analytics.com
2    172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net
fonts.gstatic.com
2    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
2    3.160.6.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-6-245.cmh68.r.cloudfront.net
sc-static.net
5    23.44.237.178 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-237-178.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
stats.g.doubleclick.net
1    172.217.13.131 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f3.1e100.net
www.google.ca
7    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
2    31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com
www.facebook.com
2    172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
googleads.g.doubleclick.net
1    172.217.13.102 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f6.1e100.net
static.doubleclick.net
4    172.217.13.202 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f10.1e100.net
jnn-pa.googleapis.com
1    172.217.13.196 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f4.1e100.net
www.google.com
1    172.217.13.118 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f22.1e100.net
i.ytimg.com
1    172.217.13.161 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f1.1e100.net
yt3.ggpht.com
2    172.217.13.195 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f3.1e100.net
www.gstatic.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
Apex Domain
Subdomains		 Transfer
28 cloudfront.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
224 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
972 KB
7 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 889
2 KB
7 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 26405
101 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
42 KB
6 unpkg.com
unpkg.com — Cisco Umbrella Rank: 886
8 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 745
134 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 366
jnn-pa.googleapis.com — Cisco Umbrella Rank: 243
62 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
static.doubleclick.net — Cisco Umbrella Rank: 289
1 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
49 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 489
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
216 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 166
www.google.com — Cisco Umbrella Rank: 2
15 KB
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1073
33 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
87 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
158 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
7 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 22323
37 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 241
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 108
23 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9075
408 B
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 31142
282 B
1 legeropinion.com
surveys.legeropinion.com
18 KB
1 afflat3d2.com
afflat3d2.com
947 B
1 cutt.ly
cutt.ly — Cisco Umbrella Rank: 68657
458 B
95 25
Domain Requested by
26 d9hhrg4mnvzow.cloudfront.net surveys.legeropinion.com
8 www.youtube.com surveys.legeropinion.com
www.youtube.com
7 tr.snapchat.com 1 redirects sc-static.net
7 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
6 www.google-analytics.com surveys.legeropinion.com
www.google-analytics.com
www.googletagmanager.com
6 unpkg.com 3 redirects surveys.legeropinion.com
5 analytics.tiktok.com surveys.legeropinion.com
analytics.tiktok.com
4 jnn-pa.googleapis.com www.youtube.com
2 pixel.tapad.com 2 redirects
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.facebook.com surveys.legeropinion.com
2 sc-static.net surveys.legeropinion.com
tr.snapchat.com
2 connect.facebook.net surveys.legeropinion.com
connect.facebook.net
2 fonts.gstatic.com www.youtube.com
2 www.googletagmanager.com surveys.legeropinion.com
www.googletagmanager.com
2 cdnjs.cloudflare.com surveys.legeropinion.com
2 d1wbjksx0xxdn3.cloudfront.net surveys.legeropinion.com
d1wbjksx0xxdn3.cloudfront.net
2 builder-assets.unbounce.com surveys.legeropinion.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.google.ca surveys.legeropinion.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 events.ub-analytics.com surveys.legeropinion.com
1 ajax.googleapis.com surveys.legeropinion.com
1 surveys.legeropinion.com
1 afflat3d2.com 1 redirects
1 cutt.ly 1 redirects
95 31

This site contains no links.

Subject Issuer Validity Valid
surveys.legeropinion.com
R3		 2023-07-09 -
2023-10-07		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02		 2023-06-01 -
2024-06-29		 a year crt.sh
*.ub-analytics.com
Amazon RSA 2048 M01		 2023-03-11 -
2024-04-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-05 -
2023-09-03		 3 months crt.sh
sc-static.net
Amazon RSA 2048 M02		 2023-01-20 -
2024-02-18		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-12		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Frame ID: FC7D9771E060DD5F5C6E2265870B1EC2
Requests: 71 HTTP requests in this frame

Frame: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Frame ID: BB91E4E0AB38971A9EDACDF0C5BECEE2
Requests: 20 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=b43f7478-c375-40c8-86a4-07f4cf4dbe31&u_scsid=ccfff261-f132-4304-98af-e70501056948&u_sclid=258062e6-f0db-4087-90b5-aab76b3c99b0
Frame ID: 311B30C7055506D2C552B2521FDC81DE
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1692983497087&pnid=140&pcid=e387b76a-c978-4af9-9d6d-c2e9e0214801
Frame ID: 958B3F6366C4F8E4A1F0795909A038DE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cutt.ly/U7k7geJ HTTP 301
    https://afflat3d2.com/lnk.asp?o=19984&c=150979&a=576401&k=899A915DCA416B65B27CA96443E745EC&l=20939 HTTP 302
    https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

96 %
HTTPS

0 %
IPv6

25
Domains

31
Subdomains

28
IPs

3
Countries

1976 kB
Transfer

5772 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.ly/U7k7geJ HTTP 301
    https://afflat3d2.com/lnk.asp?o=19984&c=150979&a=576401&k=899A915DCA416B65B27CA96443E745EC&l=20939 HTTP 302
    https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://unpkg.com/notie/dist/notie.min.css HTTP 302
  • https://unpkg.com/notie@4.3.1/dist/notie.min.css
Request Chain 7
  • https://unpkg.com/notie HTTP 302
  • https://unpkg.com/notie@4.3.1 HTTP 302
  • https://unpkg.com/notie@4.3.1/dist/notie.min.js
Request Chain 68
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 82
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1693096761626&u_scsid=73357804-0acc-405c-a6b1-05ee73f9479d&u_sclid=aa84b789-bacd-4f30-b5d7-96f5b02abc48 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1692983497087%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1692983497087%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1692983497087&pnid=140&pcid=e387b76a-c978-4af9-9d6d-c2e9e0214801

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
surveys.legeropinion.com/partner-mb-leads/
Redirect Chain
  • https://cutt.ly/U7k7geJ
  • https://afflat3d2.com/lnk.asp?o=19984&c=150979&a=576401&k=899A915DCA416B65B27CA96443E745EC&l=20939
  • https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
120 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.224.141.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-141-128.compute-1.amazonaws.com
Software
/
Resource Hash
e5012487fb86e00be64e80ba985c25e3cd0bdbbb5a0a4f074b4e8cba303e8bf1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-length
17411
content-location
https://surveys.legeropinion.com/partner-mb-leads/
content-type
text/html; charset=utf-8
date
Sun, 27 Aug 2023 00:39:20 GMT
etag
"d:8d738813e5624b33b577cfd46f529e81"
link
<https://surveys.legeropinion.com/partner-mb-leads/>; rel="canonical"
x-proxy-backend
page-server
x-unbounce-pageid
213eeaf8-d53e-4655-ae6f-6da93ca9f4cb
x-unbounce-variant
d
x-unbounce-visitorid
8d738813-e562-4b33-b577-cfd46f529e81

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
294
Content-Type
text/html
Date
Sun, 27 Aug 2023 00:39:20 GMT
Keep-Alive
timeout=20
Location
https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Server
nginx/1.20.2
X-DIS-Request-ID
49c182c135503a4921b704fa5044a29c
X-Powered-By
ASP.NET
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-32.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 22 May 2023 16:00:01 GMT
content-encoding
gzip
via
1.1 4b1f2d5e8ba06f891aac0914bfcf0ce0.cloudfront.net (CloudFront)
x-amz-version-id
Hi0GplZUCMAlUo2d3AkAvO_Jy02q1fIj
x-amz-cf-pop
CMH68-P4
age
8325560
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2902
last-modified
Mon, 13 Mar 2023 16:18:47 GMT
server
AmazonS3
etag
"15295835030f315ea1ec0147abd5ea63"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
meGIFsxYL6kerCS0pYo8taolh7fo6ctoPvbaG4m8xUW-S65yQs1mOw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f10.1e100.net
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 06:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 06:53:08 GMT
notie.min.css
unpkg.com/notie@4.3.1/dist/
Redirect Chain
  • https://unpkg.com/notie/dist/notie.min.css
  • https://unpkg.com/notie@4.3.1/dist/notie.min.css
2 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/notie@4.3.1/dist/notie.min.css
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Server
104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91a7dc14a31c8e47b24df8c1a31f77c8fe4f90240dbdfe06cc0968bc9c93282b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:20 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
10849858
last-modified
Sun, 05 Mar 2017 06:13:32 GMT
fly-request-id
01F3Z51XH9FQ1TT65YDC1N0KC8
server
cloudflare
etag
W/"6f5-czt8y7g9GjGMjisK+cfYowPsXkg"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fd041c2badbca6f-YUL

Redirect headers

date
Sun, 27 Aug 2023 00:39:20 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H8T6E590F8DQQ0KJA4CK8QYE-yul
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
475
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/notie@4.3.1/dist/notie.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
7fd041c27a94ca6f-YUL
ub.js
d1wbjksx0xxdn3.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799044
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.10.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-10-129.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 17:24:34 GMT
content-encoding
gzip
via
1.1 4cdcf8406ed0f002560c00fdc60b6ee0.cloudfront.net (CloudFront)
x-amz-version-id
DrDbRvFA9mO1umKMKkGWhgl31YCzXh7a
x-amz-cf-pop
CMH68-P4
age
5296487
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1864
last-modified
Mon, 26 Jun 2023 16:59:10 GMT
server
AmazonS3
etag
"118cee1e64f6b283233c55aee7da10da"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
TBAfuFZ-VUs7EGtXYRM97lOlLYPz8_H9pLOqZbV6FjeTc5LkFa12nw==
jquery.validate.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/jquery.validate.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
form-maker.js
unpkg.com/leosubscriptionformscript@1.0.46/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/leosubscriptionformscript@1.0.46/form-maker.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b9a6d948c839722f48fac341e17e16bb2768bee077982a897eedf1535c1062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:20 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5813593
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H3CYKTE44EBKA72P4DJ0DJZG-yul
server
cloudflare
etag
W/"2ed4-gMa8MqoQ5DMJfBxzWmZCye9tPoI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fd041c27a95ca6f-YUL
notify.min.js
cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/notify.min.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b524513a819f1964ef791a431c5896573f945edfb128d7bdd30c069f6e65a70f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8824910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6558
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-3562"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0l6lKdEnuYUjDBwEJB9wgDvTK2srg7yH2plcbKs4YNqJF3Yjik57%2Bb7gphHKzWEeQGtyNCF6xIIzaXLCMTPCUohXlNy27XPOOmRYbKYYFsp79YsqfpGR9s6sSR%2FMtKOcxRYcdswp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fd041c2790eca53-YUL
expires
Fri, 16 Aug 2024 00:39:20 GMT
notie.min.js
unpkg.com/notie@4.3.1/dist/
Redirect Chain
  • https://unpkg.com/notie
  • https://unpkg.com/notie@4.3.1
  • https://unpkg.com/notie@4.3.1/dist/notie.min.js
15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/notie@4.3.1/dist/notie.min.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Server
104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ecddac114140d491be21976d6c77e19315589d24b7ab86dac1ac530393e62fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:20 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
18467176
last-modified
Sun, 05 Mar 2017 06:13:30 GMT
fly-request-id
01GQKV7502022QTE0Y5M4137F2-yul
server
cloudflare
etag
W/"3a5d-uivKlLqVCotbghPTVIZhfrcZ7q8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fd041c2db19ca6f-YUL

Redirect headers

date
Sun, 27 Aug 2023 00:39:20 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GFJF7403E9PS46E7GRGP9AZ7-yyz
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
27103250
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/notie@4.3.1/dist/notie.min.js
cache-control
public, max-age=31536000
cf-ray
7fd041c2aac8ca6f-YUL
main.bundle-85a7477.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-32.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 15 May 2023 08:11:52 GMT
content-encoding
gzip
via
1.1 4b1f2d5e8ba06f891aac0914bfcf0ce0.cloudfront.net (CloudFront)
x-amz-version-id
TbQKLyFxqupjak3Mea65SB0HvILXqPo2
x-amz-cf-pop
CMH68-P4
age
8958449
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33747
last-modified
Mon, 27 Feb 2023 19:12:56 GMT
server
AmazonS3
etag
"b4081a636463cc60b1faf49e579e8cb9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
F_dY7t4Mubu6gFnLaeQy4XkI5vlhg40e41OhdRShfBP6z_94O71Jsw==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 26 Aug 2023 23:33:53 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3927
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 27 Aug 2023 01:33:53 GMT
gtm.js
www.googletagmanager.com/ 		192 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WW698L4
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2464c4fa72e7b6141a001d92980d580de7a1565d4b07f6ae0b016074c093763e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71406
x-xss-protection
0
last-modified
Sun, 27 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 27 Aug 2023 00:39:20 GMT
QSN4Aae_JsQ
www.youtube.com/embed/ Frame BB91 		80 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
78a6b80fb021dd2a6607d6d8327e5e86194c4ef81d167af202eb9c3a16a26a57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://surveys.legeropinion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 00:39:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/gif
f3d94fab-6b4a-480f-890c-01ca88f2e014
https://surveys.legeropinion.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://surveys.legeropinion.com/f3d94fab-6b4a-480f-890c-01ca88f2e014
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length
5523
Content-Type
text/css
css
fonts.ub-assets.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-3.cmh68.r.cloudfront.net
Software
/
Resource Hash
3c34e0c0a2572b84bd84bcf322672e09a0794e47d75e24bbe5e6e77de68e69c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 f62865a6aba38ebc6bc6283096c5ae5c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
x-amzn-requestid
6992615f-453b-4cd0-b2ef-d0240b4de14f
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
KS0w8FX0oAMEHgw=
content-length
842
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-64ea9b38-7f7253be5061c1c42a5f1894
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
-lObRThl80F_bEdTxUHbw4YLZLtZ4Eh2Og_GpHAwgd5AQW6NZmBniQ==
26842c4c-header-logo-1630076625.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/26842c4c-header-logo-1630076625.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aafb85a50093471a446a27309e9534209a957d5b7edae0c8ed2611b290e32e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 19 May 2023 16:52:22 GMT
x-amz-version-id
O9.Oa_eKl63vCnSsQfF5SB2fJr64MUV6
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P5
etag
W/"2d474839a6c984f70b97acee57ea1d65"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
8581619
x-amz-cf-id
MmM4-M_QNujabJZwlm01pGj80c5AJILv1dk5qLwoB4nztu5VQdb9hQ==
ab4c00a2-5d693c419e8ed-1638370933_109g0ax09g0aw000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ab4c00a2-5d693c419e8ed-1638370933_109g0ax09g0aw000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
920a5b7f7174d9c8a379d146afc96813aed40bac8c343df07a812a1c6ef49fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 08:47:31 GMT
x-amz-version-id
1VSUdFLW6NaYA3cORZE8jLpZOf6.Gf.6
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
6969110
etag
"95e6ba7c29a9144fbf96d0c59f55beca"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
17737
x-amz-cf-id
KZ3K2D3pHqa3T8e_QfI-CyDaRV_FcADC_q_IS06G5We0Jqi8RLJwmg==
27dafb42-instagram.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/27dafb42-instagram.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efc1b22c4a5569ce8e3ba06426b0361f6c467743afcc47af38a02560acffc98a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 19 May 2023 16:52:22 GMT
x-amz-version-id
sIIbD7T4G3d4.Aq2Sgq2fNSLe4QGBw1l
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P5
etag
W/"155763b35b3b6d828a02c0f29bc2f1ed"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
8581619
x-amz-cf-id
1d7nc9ICCt2k1OGeG37Ln1kTLuuQAhE1YUqGvetOs8K12oyFOowukA==
0846d830-facebook.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		757 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/0846d830-facebook.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05fb08fd8a6b1423ce01da783ddc642f773fa028ff7a7765a7c187bdbe684be6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:52:52 GMT
x-amz-version-id
_ZiQDfd16UUADJ3NHYYC4EqOektpFUPb
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
6932789
etag
"b673d738d229f35805123d7bb27f0abb"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
accept-ranges
bytes
content-length
757
x-amz-cf-id
H_YTWShR5z1tbfxk_8xcJElHqzTtKGrgqGh_RRBaTsK9ecaGNQf4Iw==
2c56bc20-horizons-icon.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		966 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/2c56bc20-horizons-icon.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
422615b7d66c56d9476d0468a809cac638fb45ac5aa027601629406dae6aa53a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 19:40:16 GMT
x-amz-version-id
9H2pMpDFysn.rb8FLVq1sijsXmqcCzH_
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
6325145
etag
"35ff732ec963181bc3d9f5f24bf656cc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
accept-ranges
bytes
content-length
966
x-amz-cf-id
yHfMYVDofRFIVMLSU7ASJ-AHau-Jq0iSXonKYByDyGSQbWosEmK7jw==
2c7e163b-visa_108q05d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/2c7e163b-visa_108q05d000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2ec0e3cf7ee094d15ff360d2d234f687881fc82f709b54dc04fe4ab16632e18

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 22:44:32 GMT
x-amz-version-id
m8bM6D60zQrmKlvieiC6MWz9sbRTADuw
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
7178089
etag
"c6830974835f3a5a0bd0193a240fb662"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
9692
x-amz-cf-id
OP2C02qNZzSBmY6VxFluq5EVgl-WkeGSutYpmuq_6jl1Bzo4n67mZA==
4656a83e-paypal.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/4656a83e-paypal.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 18:23:15 GMT
x-amz-version-id
RapImOmVRM2mmZx0w5xHqAke_PLEdJ1_
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P5
etag
W/"fa90774cf99780f6efdf8f65a400d8d2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
6588966
x-amz-cf-id
vEwU_rZCHn1JFuNB4Y9-Gf9B5fcj-LIXtHbcexv0wVmqxG5C0uexOw==
ccade685-amazon_106m042000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ccade685-amazon_106m042000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcbacbcc05c99252bc87c7307a31bf1f6d0dbe76ee97de230577dbc0ae56cb00

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 20:34:20 GMT
x-amz-version-id
Z3Jl2qX7a8PuuAReL_EKkR5TVPuYUwne
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
7185901
etag
"8e96d9c4e16a7d409cfc4c5e7a6af3b3"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1645
x-amz-cf-id
YBXJsT8UUBf1tjO62AiQoEiP4HAEZVvUqMDa8iWKTskrc5Gmjad05g==
da5bdcfc-airmiles-vert-electric-blue-rgb-f_103z03p000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/da5bdcfc-airmiles-vert-electric-blue-rgb-f_103z03p000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21f669556102ff8a863cd6b5025672870eff5964acfc48d75dad1a444dc9f94c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 23:32:47 GMT
x-amz-version-id
ZG0LIxdkx1ydyJp5TMmy14rZXFvcFknt
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
7088794
etag
"55ac6a583471bb24c03548edf63ecd42"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2463
x-amz-cf-id
N70Sgi9jpiecCIFHH4rrCQXQMHjY7ECjlxGVUdxtBvu5mSilteG_CA==
a020d335-starbucks-ombre_105z03s05z03p000001028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/a020d335-starbucks-ombre_105z03s05z03p000001028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
543258d97568f5aa658e2de5726c79ab0991ae4b717858fc624ae42cbf82d8aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 00:04:51 GMT
x-amz-version-id
No8L2wipH8n18qi.nwEQmfp7v56hALbF
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
7173270
etag
"10ef74b74aa0cde8a65e85b76dd69193"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
5420
x-amz-cf-id
MaoEK4jkx-V3hogF0Y2an8VJtmajhgdsYdKemBjd8sibVuMnwMX0Sg==
cbe23395-doordash-ca-1-ombre_106003w06003t000001028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/cbe23395-doordash-ca-1-ombre_106003w06003t000001028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2142d584ca9dbda1048c97653ba2a3265c9481eaee978f281bf39d288a74811

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 22:44:33 GMT
x-amz-version-id
O.6eA7XDDxQ9kRh1hD6tPmkTNRaEckB7
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
7178088
etag
"57a1d1c4f6c0d63baebaf860514699bc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2119
x-amz-cf-id
5nh5iJyOYZVPQAqVMACnk7j4z5vuaM82pQVxnlFsfxYtQG_0hqCdlA==
235a5ba7-ubereat_106703t06003t003000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/235a5ba7-ubereat_106703t06003t003000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fea26df9bd53ec38b85e08faaa8bb08888870c6fa0776b584a8d5aad8c846b28

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 22:07:40 GMT
x-amz-version-id
B.1cmaYvEDcAA_w8I7SqbQBQxtNRVoHa
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
7093901
etag
"3639d5c160c70d87bf0eccbba5dde917"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1976
x-amz-cf-id
wlRi0n8EsdXS3DBmxQE653j30cuzX1_4QVODFCTccqrplLc2GxWMXQ==
5183e0f6-aeroplan.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/5183e0f6-aeroplan.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
102020d6141eb7751a10c904bb36969ce9bc90e2e7c703a36807da569afa412d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 19:40:30 GMT
x-amz-version-id
Sj6.fkfwhsIVc7GO9C1eO1cz0a9OD2W8
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P5
etag
W/"5d4e8212d14bc4e974be8a1d86656804"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
6325131
x-amz-cf-id
7q0mIXhWHaarsbT7MftO_WXMvCY-h5esnOiEvV8MZpWT7tSSvy7z-w==
127ef0cf-mastercard_108n05c000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/127ef0cf-mastercard_108n05c000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ab5ad7a7ed2b911f7ae7071a31b4262988e8396ff6f1c1b22807a535bc120ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 23 May 2023 16:18:07 GMT
x-amz-version-id
vk23T7VNCHTEmNLvPnlgq_Me4IEPNTlv
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
8238074
etag
"907dc0bc18b93e13b0bc286ef4f50a9d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
9705
x-amz-cf-id
qV8zX_O8-WvoXrqhJw2qzOfQ4Vx_3spoZdEI6o4J_ksTx5TZcjHsqQ==
d088c2d4-uber.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/d088c2d4-uber.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be2e4d01f03207b8da8ff584516e52c2c861e1070487caab185dabcf55d6b156

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 19:40:29 GMT
x-amz-version-id
39CjkSt1sesoTMkCGOdy57dw0DImH70H
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P5
etag
W/"123584f785f8ac95629b185770323a1d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
6325131
x-amz-cf-id
7jQL7Q0fH7Dl57K3onUetERU-lcJ84TMTw7zRcMyNNL-FUA5HWOvJA==
06f47d08-tik-tok.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/06f47d08-tik-tok.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92e2b30fffac6fdebec5a82e4f126b5e19f52b0196a6f13c7b2d63c9503b4ff4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 24 May 2023 15:19:59 GMT
x-amz-version-id
PwgvkzPiHOlI_ka_6NTNjVqAk7kvAToq
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P5
etag
W/"f9e80e42183bad52c437226df38a6fb4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
8155162
x-amz-cf-id
k4ylAAJMrEEtEwd53LSO8tzyNXzaJk1gRFBUEsh2Dt2XbpW2ntYgRg==
fd708ad7-shirley-qc_102s03p02s02s000000000.jpg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/fd708ad7-shirley-qc_102s03p02s02s000000000.jpg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6edb6844bd2fa38bd9d30f861e20e01670094339280d5d0102bc092053ed5d2f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 23:32:47 GMT
x-amz-version-id
MokXK5uJT0T62iNwPmZlGgTIWRNd4eCq
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
7088794
etag
"fd7f6882a250af369074873afbfc7e1d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
4430
x-amz-cf-id
FTXtOcLjUx3lYM9YTolAF16bHjCtj3wH7-5aXxJTUGshN5BJd_yfUQ==
914b9a19-noun-five-stars-1717601.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/914b9a19-noun-five-stars-1717601.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63215488650cd849f5f3d4a8750712e3f997ef59ca16ea138253b27382dd9a0c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 04:42:20 GMT
x-amz-version-id
y9W32lrl2TQSohQCUq_6gxVisJI4uugO
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P5
etag
W/"8fa99ddb1d188610b23c0490462491bd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
7502221
x-amz-cf-id
dDzETYscSlewJNeesPTxyJAQRIV689YcvjuLDerFTXf_1yJ53D_-GA==
13f9ff4e-julia-on_102s03p02s02s00000g000.jpg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/13f9ff4e-julia-on_102s03p02s02s00000g000.jpg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b811a69408353fcf4f79b743ceeaa31bae164882a7fd368fc3b5f34bf8863a86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 24 May 2023 14:59:00 GMT
x-amz-version-id
X84_PSfMN0Ruwfcft40ngoqo_donGvDc
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
8156421
etag
"f540a0e519a79d54f2bb3c36e0a000d9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
10531
x-amz-cf-id
GKB0Kmmch-ip7gXO_c4N1i6iriVwe71n-Ff94APi28eNmOMiTJES3w==
6ffc537f-cedric-on_102s03p02s02s00000g000.jpg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/6ffc537f-cedric-on_102s03p02s02s00000g000.jpg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8052e8c26cbf16a0250c37f395182ead09d98db1d18f5ece8dd52095829dce7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 23 May 2023 21:55:49 GMT
x-amz-version-id
kRai7rdQHmYcotWpkhZy07MrqEiDNNuQ
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
8217812
etag
"4e5274c2319be383de645f7244909f7c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
4969
x-amz-cf-id
JW-OegPzhsPNsw19UFKC1oa-paZBF2IsAh0Fhujd9mKuJkWq-cmYog==
fd708ad7-shirley-qc_102s03p02s02s00000g01o.jpg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/fd708ad7-shirley-qc_102s03p02s02s00000g01o.jpg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a631cc8092dafae9d2ee86c0870c65ffa3c1dd16c7f7652fd27a7b361ca08040

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 23 May 2023 16:18:07 GMT
x-amz-version-id
1E4QU2fWWkl2tziYqEndVJaOXnXx.ch1
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
8238074
etag
"2125eca5fe03227981cb69032e5ac507"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1972
x-amz-cf-id
Ccf_CstPbFXfio95GLieS4KliKyLfxOd0KxaaAWoVkLcN8fsseSDNw==
13f9ff4e-julia-on_102s03p02s02s00000g01o.jpg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/13f9ff4e-julia-on_102s03p02s02s00000g01o.jpg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
940841057bd781047765cd03d6c66e4e0fc6c751f45fd80c4ef231b9aeb39b1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 07:49:34 GMT
x-amz-version-id
qc922tyiVLxhanEfCod9cCHFxqxtvdGb
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
6454187
etag
"09543a251a2965ffd29cd397dbc9ac45"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1874
x-amz-cf-id
czAYhwChWEabAoGGy2kjQC6DDG7tXg5JIymZM3nVJt55z9CT7akJfw==
5eab4ed0-google-reviews-copie_103h01y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/5eab4ed0-google-reviews-copie_103h01y000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed24bb758b8c29a3930b59272c9dbc1a7e5ca4c3eded41add3eec1293f2a6cd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 23:32:47 GMT
x-amz-version-id
tr.YesYV1jF.hR4ZQUzpi2IHfLr9qLWL
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
7088795
etag
"813abce298edfdb3cab19d77c3090882"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2123
x-amz-cf-id
0GP71Xptw78IvXMS2Wnrba2Hzm-HqC-ZJRiLH2P9OiwN54-iHKr64w==
ce7902cd-leger-leo-vectoriel-rvb-powered-by-leger_105k03f000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ce7902cd-leger-leo-vectoriel-rvb-powered-by-leger_105k03f000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce5f5aede2baa6fcafbae8430f733fc1de485d5d17d605c27e33b07bcedc1e0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 27 May 2023 00:24:38 GMT
x-amz-version-id
JwWX1kCp1OO376HcqJrW8VD.pLZ1exXm
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
7949683
etag
"d59739267e076e3828bad09af19a3e8c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2389
x-amz-cf-id
WMu0m9ZBb-nDUBnoRUHDgEK2W9RIcws6oXq-3T-H4Smhgm3BnSVPXg==
17df442b-rond-concours_108m09y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/17df442b-rond-concours_108m09y000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1c3be5efe9efa04675949486c7df2fdfe8fcba7ea8b2c211a4ed4875c7e453d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 23:32:47 GMT
x-amz-version-id
LvIiPTdIIMc_8Hbqi.Z8GBXnYQuy6e1x
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
7088795
etag
"0659f2700300782b3b6052e811641f11"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
50736
x-amz-cf-id
NeSBjI-ObYiJpv0mvHyyZ-NnYgGZX4lM6JeBRhPXROmH-cGL2-5DIg==
17df442b-rond-concours_107y096000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/17df442b-rond-concours_107y096000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.35.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-35-220.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eae164dca0034a3786e6e731514883ba4642dd9fa76ffa978def6f42c9aa4e0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 02:20:12 GMT
x-amz-version-id
Nb34XK7dQlNyl98wpRv7yZ5gJJkBxoPH
via
1.1 c9defa66f23588b2bfe3b619bdfa981c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5
age
6214750
etag
"70140c4f46e12bb9063c44df679db7eb"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
44163
x-amz-cf-id
xO0JbJ1hDiym77HkyUt6SDlwOk2GK8BIf6cY5gdizQ1epK2yJP1oEQ==
sp-2.14.0.js
d1wbjksx0xxdn3.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/sp-2.14.0.js
Requested by
Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.10.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-10-129.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 20:15:35 GMT
content-encoding
gzip
via
1.1 4cdcf8406ed0f002560c00fdc60b6ee0.cloudfront.net (CloudFront)
x-amz-version-id
0Jz2Bo4sfVFEftEdSoFX9n5OCEdIO6kj
x-amz-cf-pop
CMH68-P4
age
2262226
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30399
last-modified
Mon, 26 Jun 2023 16:59:50 GMT
server
AmazonS3
etag
"73de733c308b8b5e44d2a6242dc4bd99"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
NNFJ6hyfG39tMzP-TB7aP_4NWyxllNk1VbupA63axznyjb0GlJCb2A==
collect
www.google-analytics.com/j/ 		3 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1358470462&t=pageview&_s=1&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1308924743%26AffSub%3D576401&dp=%2Fpartner-mb-leads%2Fd%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1308924743%26AffSub%3D576401&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1004740559&gjid=645676955&cid=1200084903.1693096761&tid=UA-219875071-7&_gid=136296673.1693096761&_r=1&_slc=1&z=634188256
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://surveys.legeropinion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 00:39:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://surveys.legeropinion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
events.ub-analytics.com/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1693096760989&e=pv&url=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1308924743%26AffSub%3D576401&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=America%2FLos_Angeles&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=997040b7-0de0-45c6-a0d8-976c85bb1185&dtm=1693096760987&vp=1600x1200&ds=1600x3136&vid=1&sid=33fd7f2d-ad7c-490e-90e2-dd12ae5807e8&duid=e0042234-57dc-4072-a535-f672a1b50069&uid=8d738813-e562-4b33-b577-cfd46f529e81&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMjEzZWVhZjgtZDUzZS00NjU1LWFlNmYtNmRhOTNjYTlmNGNiIiwidmFyaWFudElkIjoiZCIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.49.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-49-101.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:21 GMT
server
akka-http/10.2.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
www-player.css
www.youtube.com/s/player/c153b631/ Frame BB91 		382 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c153b631/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
sffe /
Resource Hash
51ae3da0fdc534c81803325452272532929587b4a309fe109a1cb94bdc025f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 03:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
248112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49307
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 00:38:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 23 Aug 2024 03:44:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BB91 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:11:34 GMT
x-content-type-options
nosniff
age
34067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 15:11:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BB91 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 16:17:15 GMT
x-content-type-options
nosniff
age
30126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 16:17:15 GMT
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 27 Aug 2023 00:39:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
tJGOZLu5lJ03YaHoxwyj5ddMjCnAdEXJdjk3id0vf6x+P/KPlPt3TnllhBXMW3AhSFCWVUodW0LlCt3bk9zQ8g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
scevent.min.js
sc-static.net/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.6.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-6-245.cmh68.r.cloudfront.net
Software
CloudFront /
Resource Hash
c11dedd92331fe09d846fb3d73e6746709438f2c697ed1ae520103fe171515cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:21 GMT
content-encoding
gzip
via
1.1 e826e01cc4bc0a413496d51238909c7a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CMH68-P4
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
16388
x-amz-cf-id
grkRzx9uxdIvlUR5YpIc--Y6NKXCrkZVFZsdVjLHmqKja8VAFJeOwQ==
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC2FCH3C77U4HHTK36M0&lib=ttq
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.237.178 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-237-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e53c8bbf17ae1c5ad5ae7cf16a5202c2b55fe63ec90add8b2e12110e284337ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-akamai-request-id
b4e5d1ff.1f2321c3
date
Sun, 27 Aug 2023 00:39:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-44-237-174.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time
15,23.44.237.174
server-timing
cdn-cache; desc=MISS, edge; dur=9, origin; dur=6, inner; dur=3
content-length
1636
pragma
no-cache
server
nginx
x-tt-logid
20230827003921EF196BCAB34213D2B7DC
x-cache-remote
TCP_MISS from a23-220-104-204.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.220.104.204
x-tt-trace-host
01935e032c05a9f854e1c7a8b14200cae17467a3af54dd9a4bf6e97351e2dd2916b47b3c1d86de62863faf8ca7c287c00be374128c17fb21600454e69c0b7d863e231061ac98cc06ce875d43167c22651daabb5deb9e87decc4bb05d310323a50c1362a457c580c3b25fb96dacaaef78a3
expires
Sun, 27 Aug 2023 00:39:21 GMT
js
www.googletagmanager.com/gtag/ 		262 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FZD3MWNDCN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW698L4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
258cdc9c16eeaef17860481a53e4261cc5ca34045ec22d6eae49178709c0f38b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89338
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 27 Aug 2023 00:39:21 GMT
embed.js
www.youtube.com/s/player/c153b631/player_ias.vflset/en_US/ Frame BB91 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c153b631/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
sffe /
Resource Hash
9de9b57597f2d159f7d7fa8a1788e3e6ff3d7dfc9a65e90813f8bf32b98f349b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 03:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
248109
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15132
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 00:38:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 23 Aug 2024 03:44:12 GMT
www-embed-player.js
www.youtube.com/s/player/c153b631/www-embed-player.vflset/ Frame BB91 		318 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c153b631/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
sffe /
Resource Hash
ca4e68f2b09dd38e6b7b5347bc22aa914b2204a0181a4426cb85342c7579ec6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 03:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
248112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97327
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 00:38:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 23 Aug 2024 03:44:09 GMT
base.js
www.youtube.com/s/player/c153b631/player_ias.vflset/en_US/ Frame BB91 		2 MB
748 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c153b631/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
sffe /
Resource Hash
044731ffb595f4384703fe1107e1a4900d2a02c2a83ef6cc07cde6596d9802a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 03:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
765723
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 00:38:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 23 Aug 2024 03:44:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-3.cmh68.r.cloudfront.net
Software
/
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:25:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15744
via
1.1 b3f79c7629585fd4818d306efdc55e44.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
age
2834046
x-amzn-requestid
d71ec705-dc3d-43f9-806b-433a1d2f5567
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
ImttSFhfIAMFsdA=
content-length
15767
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-64bf5cbb-3040ab423bc631317e225b15
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
eEHThIhTmjU91OKrwPHqMxw64kLh1sYK1Wbr5kPaePz_LpxvS5SoTA==
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-3.cmh68.r.cloudfront.net
Software
/
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 03:19:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15740
via
1.1 b3f79c7629585fd4818d306efdc55e44.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
age
2063997
x-amzn-requestid
7ef82aef-5892-4f60-990a-0c6d2b8537ad
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
JEFtcHfiIAMF_Tw=
content-length
15763
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-64cb1cbc-182f1984495e0d346dc3aec8
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Wgnz1RKksBoIw7wC7zT2LboWii5qEjk5E1uMucTYak_HYtVFh8xndA==
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-3.cmh68.r.cloudfront.net
Software
/
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 20:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15752
via
1.1 b3f79c7629585fd4818d306efdc55e44.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
age
966383
x-amzn-requestid
cf7bef39-c691-41d0-9b46-94050d7bfad9
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
Jt9bqF20oAMEQTg=
content-length
15775
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-64dbdc4a-74c2d0912cf03a723abf136d
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
DghnNsxt271tATu27SlXQaNiDYx7J1IlbcDBEH3cH6WivQUpgixFvw==
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-3.cmh68.r.cloudfront.net
Software
/
Resource Hash
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 07:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
17508
via
1.1 b3f79c7629585fd4818d306efdc55e44.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
age
5938106
x-amzn-requestid
a6c30f09-5f40-4dd8-ad74-5626f892a4d2
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
GwTcBFcuIAMFe5w=
content-length
17536
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-648fff7f-580cdffc45b4212613d2b61b
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
LPOTjSivuEgyI7jROobwEUJJPee7zfL9FZyF7E7HBlEnbcSrvrU_XQ==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-3.cmh68.r.cloudfront.net
Software
/
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 21:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15860
via
1.1 b3f79c7629585fd4818d306efdc55e44.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
age
1047876
x-amzn-requestid
2f3db2dc-481f-43f3-8695-fefe4c78f611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
Jq2eWESJIAMEuIw=
content-length
15883
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-64da9df5-0d46a1ae4bb4c2fc6ad485d8
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
MFIeLgGxOctJja8Glj8yZFAVj_33vGcDuTO3GmJcQbW062Om_ea44w==
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-3.cmh68.r.cloudfront.net
Software
/
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 19:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15920
via
1.1 b3f79c7629585fd4818d306efdc55e44.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
age
3472875
x-amzn-requestid
742195c8-916e-49d6-9167-a117f96632e6
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
IOWERFR5IAMFWHg=
content-length
15943
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-64b59d4e-234211826f3eb7e23a87f962
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
xPB5Cz5-YEo9lEggcwGzZ1Iah2I7xgzbe5dYk3gE-RJ7qeaO0RAeAA==
1647986675543514
connect.facebook.net/signals/config/ 		137 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1647986675543514?v=2.9.125&r=stable&domain=surveys.legeropinion.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
b5b362759b808bc4a92c7a596d3a72435d539eb59f63d2e471c22fc31ebada64
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 27 Aug 2023 00:39:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
x1qHze1easjPAXta6MT0Xt5rEvDeNEz7WMfKLfWgBfsByAb8eZwdJpg3AeoPxAUcXMZRKvjBBxlxNywIKnRG6w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
170 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FZD3MWNDCN&gtm=45je38n0&_p=1358470462&_gaz=1&cid=1200084903.1693096761&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693096761&sct=1&seg=0&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1308924743%26AffSub%3D576401&dt=&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FZD3MWNDCN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 00:39:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://surveys.legeropinion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FZD3MWNDCN&cid=1200084903.1693096761&gtm=45je38n0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FZD3MWNDCN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 00:39:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://surveys.legeropinion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FZD3MWNDCN&cid=1200084903.1693096761&gtm=45je38n0&aip=1&z=1768923396
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 00:39:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MTE4Nzk5OTU3MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		381 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC2FCH3C77U4HHTK36M0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.237.178 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-237-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
83905d8eee9b97d22596d076c779d85f741275f64542f9def2c9d86027cada5e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-akamai-request-id
1f232237
date
Sun, 27 Aug 2023 00:39:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023082413361846B8AEA1AB20991CDB6B
vary
Accept-Encoding
x-cache
TCP_HIT from a23-44-237-174.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01834ffbd9776745b868fcf986f6daa465d90744251a097606bbbe40c710df5409687687d915f4d7361b9cdedb9452ddc6de94fe76be51192e9374d65c6a025d34e760d901b93bbf57834ffeef172324187af217caf099988a0e375845a5736d11
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
101500
b43f7478-c375-40c8-86a4-07f4cf4dbe31.js
tr.snapchat.com/config/com/ 		166 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/b43f7478-c375-40c8-86a4-07f4cf4dbe31.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
7a69fb9fc676b02bff3e7d15c813f5514ab22ed70e786978108f1bbe9a8bf50b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://surveys.legeropinion.com/
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://surveys.legeropinion.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
i
tr.snapchat.com/cm/ Frame 311B 		672 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=b43f7478-c375-40c8-86a4-07f4cf4dbe31&u_scsid=ccfff261-f132-4304-98af-e70501056948&u_sclid=258062e6-f0db-4087-90b5-aab76b3c99b0
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://surveys.legeropinion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
672
content-type
text/html
date
Sun, 27 Aug 2023 00:39:21 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
11
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1647986675543514&ev=PageView&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1308924743%26AffSub%3D576401&rl=&if=false&ts=1693096761313&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693096761312.423195484&it=1693096761174&coo=false&rqm=GET
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 27 Aug 2023 00:39:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
id
googleads.g.doubleclick.net/pagead/ Frame BB91
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef2de207d139ca1ad03e95b5d857173e19f6d2c097d7a297d52bc72c96ec975a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 27 Aug 2023 00:39:21 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame BB91 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c153b631/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:31:08 GMT
x-content-type-options
nosniff
age
493
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 27 Aug 2023 00:46:08 GMT
identify_7de69.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7de69.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.237.178 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-237-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-akamai-request-id
1f232326
date
Sun, 27 Aug 2023 00:39:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230824132939C5719EB06B4B4214395A
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-44-237-174.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01a042e3a877693ab79a02b0de2e8a494d3fcfe968c363308c89a374e5eea527b01225ea753e2318c7ff567626e8a14d3ed419a17b0c5e0a7a16e558df22d601198008e20ee8bc3221407780016f45c038d8492c803e8bb455d7d811e85e9544c3
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
30777
pixel
analytics.tiktok.com/api/v2/ 		0
792 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.237.178 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-237-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://surveys.legeropinion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
73eeaee2.1f23235d
date
Sun, 27 Aug 2023 00:39:21 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-44-237-174.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time
104,23.44.237.174
server-timing
cdn-cache; desc=MISS, edge; dur=19, origin; dur=95, inner; dur=93
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230827003921B84127B58370A9D53AAD
x-cache-remote
TCP_MISS from a23-220-104-205.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
95,23.220.104.205
x-tt-trace-host
01935e032c05a9f854e1c7a8b14200cae17467a3af54dd9a4bf6e97351e2dd29167634d20968770fb049dd52929055c15f2dbe64f9b1133b5b08afba12c84b91db6d22986b8aec79277d0302801bec8ba3696734ca215df6d356f6adb53e831bb0969d5ceeb80785c680f108a54c3039a6
access-control-allow-headers
Authorization,*
expires
Sun, 27 Aug 2023 00:39:21 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 27 Aug 2023 00:39:21 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BB91 		68 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c153b631/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f10.1e100.net
Software
ESF /
Resource Hash
fcd5159242761e70e4a9e3ce765306df40fa80c9f5a5ad696d53e7abe3f870f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 27 Aug 2023 00:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31656
x-xss-protection
0
remote.js
www.youtube.com/s/player/c153b631/player_ias.vflset/en_US/ Frame BB91 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c153b631/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c153b631/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
sffe /
Resource Hash
b7e1441d8357217bf1b355978f58e0a54ec8a623ae8963cdb4650ccfd8410fa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 03:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
248110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33444
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 00:38:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 23 Aug 2024 03:44:11 GMT
5JQkaJpkVQURMQXv_VY9PFIh0furx0fHkliW0WSYUAk.js
www.google.com/js/th/ Frame BB91 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/5JQkaJpkVQURMQXv_VY9PFIh0furx0fHkliW0WSYUAk.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c153b631/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
sffe /
Resource Hash
e49424689a645505113105effd563d3c5221d1fbabc747c7925896d164985009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 16:34:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
29111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14595
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Aug 2024 16:34:10 GMT
sddefault.jpg
i.ytimg.com/vi/QSN4Aae_JsQ/ Frame BB91 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/QSN4Aae_JsQ/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGDogZShbMA8=&rs=AOn4CLAfPELD24jMGX_8u4HqqaKCgdd-AQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.118 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f22.1e100.net
Software
sffe /
Resource Hash
95d333347b2f3d5c40c18f9258c79983f53fa26fb2465b8ec5e5f966027f6294
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:15:14 GMT
x-content-type-options
nosniff
age
1447
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23426
x-xss-protection
0
server
sffe
etag
"1638564064"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 27 Aug 2023 02:15:14 GMT
truncated
/ Frame BB91 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
AOPolaQyvZeFTNM4x87qC6BIP191wx2P92XXM8Dp0T7W=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame BB91 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AOPolaQyvZeFTNM4x87qC6BIP191wx2P92XXM8Dp0T7W=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
fife /
Resource Hash
0c699a8e6673a9721681be6384d575ef585a97090130a56ae43af275aef46eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 22:35:14 GMT
x-content-type-options
nosniff
age
7447
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2963
x-xss-protection
0
server
fife
etag
"v41"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 27 Aug 2023 22:35:14 GMT
scevent.min.js
sc-static.net/ Frame 311B 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=b43f7478-c375-40c8-86a4-07f4cf4dbe31&u_scsid=ccfff261-f132-4304-98af-e70501056948&u_sclid=258062e6-f0db-4087-90b5-aab76b3c99b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.6.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-6-245.cmh68.r.cloudfront.net
Software
CloudFront /
Resource Hash
c11dedd92331fe09d846fb3d73e6746709438f2c697ed1ae520103fe171515cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tr.snapchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:04:21 GMT
content-encoding
gzip
via
1.1 e826e01cc4bc0a413496d51238909c7a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CMH68-P4
age
77700
etag
0d6e407936704bd380072f5891d28b0e
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=86400, max-age=600
access-control-allow-headers
Content-Type
content-length
16388
x-amz-cf-id
0SG59ehqsQEqIEe5S2SIJ0einmWfGF7RfZ6WZaM_fMYKiKZQEbhD_w==
p
tr.snapchat.com/ 		68 B
207 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://surveys.legeropinion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 27 Aug 2023 00:39:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://surveys.legeropinion.com
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame BB91 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c153b631/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Aug 2023 00:39:21 GMT
p
tr.snapchat.com/cm/ Frame 958B
Redirect Chain
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1693096761626&u_scsid=73357804-0acc-405c-a6b1-05ee73f9479d&u_sclid=aa84b789-bacd-4f30-b5d7-96f5b02abc48
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1692983497087%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1692983497087%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1692983497087&pnid=140&pcid=e387b76a-c978-4af9-9d6d-c2e9e0214801
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/p?rand=1692983497087&pnid=140&pcid=e387b76a-c978-4af9-9d6d-c2e9e0214801
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://tr.snapchat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Sun, 27 Aug 2023 00:39:21 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
12

Redirect headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 27 Aug 2023 00:39:21 GMT
location
https://tr.snapchat.com/cm/p?rand=1692983497087&pnid=140&pcid=e387b76a-c978-4af9-9d6d-c2e9e0214801
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
generate_204
www.youtube.com/ Frame BB91 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?3xNY_w
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 00:39:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 27 Aug 2023 00:39:21 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BB91 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c153b631/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f10.1e100.net
Software
ESF /
Resource Hash
4b90b5790459ff47e4ab673790b258a5cdc2fe2a72264c4efddf4e15c8e74e02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 27 Aug 2023 00:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
hm
tr.snapchat.com/ 		68 B
89 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/hm
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://surveys.legeropinion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 27 Aug 2023 00:39:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
content-type
application/json
access-control-allow-origin
https://surveys.legeropinion.com
cache-control
no-cache, no-transform
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
hm
tr.snapchat.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/hm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://surveys.legeropinion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
https://surveys.legeropinion.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 27 Aug 2023 00:39:21 GMT
server
API Gateway
via
1.1 google
act
analytics.tiktok.com/api/v2/pixel/ 		0
789 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.237.178 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-237-178.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://surveys.legeropinion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
b4e5ea3d.1f232573
date
Sun, 27 Aug 2023 00:39:21 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-44-237-174.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
x-parent-response-time
43,23.44.237.174
server-timing
cdn-cache; desc=MISS, edge; dur=25, origin; dur=30, inner; dur=25
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202308270039211302B773AD49F9E60E69
x-cache-remote
TCP_MISS from a23-220-104-204.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
30,23.220.104.204
x-tt-trace-host
01935e032c05a9f854e1c7a8b14200cae17467a3af54dd9a4bf6e97351e2dd2916b47b3c1d86de62863faf8ca7c287c00b12c97e7bd98484d7c080ebaa3a125c8cf84a63bbfacea6dcab2b81f7ba54f90a25aa3b1e652be6162d5e838069be91bde0da39814de76b17b262d757d0ca46d6
access-control-allow-headers
Authorization,*
expires
Sun, 27 Aug 2023 00:39:21 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1647986675543514&ev=Microdata&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1308924743%26AffSub%3D576401&rl=&if=false&ts=1693096761830&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%7B%7D%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22http%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693096761312.423195484&it=1693096761174&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1308924743&AffSub=576401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 27 Aug 2023 00:39:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/116/ Frame BB91 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/116/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 20:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15373
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 15:06:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 27 Aug 2023 20:44:43 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1358470462&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1308924743%26AffSub%3D576401&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=0%20%25%20Scroll&ea=Scroll%20on%20page&el=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1308924743%26AffSub%3D576401&_u=aEDAAEABAAAAACAAI~&jid=1163331233&gjid=1191933665&cid=1200084903.1693096761&tid=UA-219875071-7&_gid=136296673.1693096761&_r=1&gtm=45He38n0n81WW698L4&z=1348286703
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://surveys.legeropinion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 00:39:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://surveys.legeropinion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW698L4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 26 Aug 2023 23:33:53 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3928
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 27 Aug 2023 01:33:53 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1358470462&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1308924743%26AffSub%3D576401&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=33%20%25%20Scroll&ea=Scroll%20on%20page&el=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1308924743%26AffSub%3D576401&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1200084903.1693096761&tid=UA-219875071-7&_gid=136296673.1693096761&gtm=45He38n0n81WW698L4&z=336110112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 07:27:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61923
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1358470462&t=timing&_s=2&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1308924743%26AffSub%3D576401&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3403&pdt=16&dns=42&rrt=1980&srt=35&tcp=64&dit=2314&clt=2314&_gst=2281&_gbt=2404&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1200084903.1693096761&tid=UA-219875071-7&_gid=136296673.1693096761&z=409991749
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 07:27:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61923
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame BB91 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c153b631/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
X-Goog-Request-Time
1693096763393
Content-Type
application/json
X-YouTube-Utc-Offset
-420
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
X-YouTube-Client-Version
1.20230822.01.01
X-YouTube-Time-Zone
America/Vancouver
X-Goog-Visitor-Id
CgtFeUNqak9Xc1pYTSi4tqqnBjIICgJDQRICGgA%3D
X-YouTube-Ad-Signals
dt=1693096761225&flash=0&frm=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 27 Aug 2023 00:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| ub object| module function| $ function| jQuery object| formSubmitter function| disableSubmit function| submitStatus function| nameInputValidator function| emailValidator function| passwordValidator function| errorHandling function| showError function| hideError string| GoogleAnalyticsObject function| ga object| eventTracker object| dataLayer object| notie function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| UnbounceSnowplowNamespace function| ubSnowplow object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_manager function| fbq function| _fbq function| snaptr object| r string| TiktokAnalyticsObject object| ttq function| onYouTubeIframeAPIReady object| _scPxHelper object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

29 Cookies

Domain/Path Name / Value
surveys.legeropinion.com/partner-mb-leads/ Name: ubpv
Value: d%2C213eeaf8-d53e-4655-ae6f-6da93ca9f4cb
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
cutt.ly/ Name: PHPSESSID
Value: kkuip070h230uopf1n9fg0r5g1
afflat3d2.com/ Name: mb_19984_SS
Value: AF=576401&AC=1308924743&CS=1309501144
afflat3d2.com/ Name: I_SS
Value: 1308924743
afflat3d2.com/ Name: I
Value: 1308924743
afflat3d2.com/ Name: mb%5F19984
Value: AC=1308924743&CS=1309501144&AF=576401
afflat3d2.com/ Name: ASPSESSIONIDAUTRARBC
Value: AKBONPDBGBJIEOCADDAAMHDJ
surveys.legeropinion.com/ Name: ubvs
Value: 8d738813-e562-4b33-b577-cfd46f529e81
.legeropinion.com/ Name: ubvt
Value: v2%7C8d738813-e562-4b33-b577-cfd46f529e81%7C213eeaf8-d53e-4655-ae6f-6da93ca9f4cb%3Ad%3Aweighted
.legeropinion.com/ Name: _gid
Value: GA1.2.136296673.1693096761
.legeropinion.com/ Name: _gat
Value: 1
.youtube.com/ Name: YSC
Value: qZP5Lt5--Yw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: EyCjjOWsZXM
.legeropinion.com/ Name: _gcl_au
Value: 1.1.1251725613.1693096761
.tiktok.com/ Name: _ttp
Value: 2UXrRtlKcmz0LVtg51Z376hieQm
.legeropinion.com/ Name: _ga_FZD3MWNDCN
Value: GS1.1.1693096761.1.0.1693096761.60.0.0
.legeropinion.com/ Name: _scid
Value: 86d91cad-22e6-4b27-bbc1-22b84eb5b99b
.legeropinion.com/ Name: _scid_r
Value: 86d91cad-22e6-4b27-bbc1-22b84eb5b99b
.legeropinion.com/ Name: _fbp
Value: fb.1.1693096761312.423195484
.legeropinion.com/ Name: _tt_enable_cookie
Value: 1
.legeropinion.com/ Name: _ttp
Value: tjiXdjzOOeE5tK4ZjzXYQTG69Gr
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GuRHAMAgEwIqY4RAgzt3ocxUq3qk32mmOsWpLgCE+W0mRW+w9bquic/iF64NkU2ZP3F/1A3gfjGxAAAAA
.tapad.com/ Name: TapAd_TS
Value: 1693096761771
.tapad.com/ Name: TapAd_DID
Value: e387b76a-c978-4af9-9d6d-c2e9e0214801
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.legeropinion.com/ Name: _sctr
Value: 1%7C1693033200000
.legeropinion.com/ Name: _ga
Value: GA1.2.1200084903.1693096761
.legeropinion.com/ Name: _gat_UA-219875071-7
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/jquery.validate.js
Message:
Failed to load resource: the server responded with a status of 502 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afflat3d2.com
ajax.googleapis.com
analytics.google.com
analytics.tiktok.com
builder-assets.unbounce.com
cdnjs.cloudflare.com
connect.facebook.net
cutt.ly
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.gstatic.com
fonts.ub-assets.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
pixel.tapad.com
sc-static.net
static.doubleclick.net
stats.g.doubleclick.net
surveys.legeropinion.com
tr.snapchat.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.16.124.175
104.17.24.14
104.22.1.232
142.250.31.155
172.217.13.102
172.217.13.110
172.217.13.118
172.217.13.131
172.217.13.142
172.217.13.161
172.217.13.163
172.217.13.168
172.217.13.170
172.217.13.195
172.217.13.196
172.217.13.202
172.217.13.98
18.238.35.220
23.44.237.178
3.160.10.129
3.160.5.3
3.160.5.32
3.160.6.245
3.224.141.128
31.13.71.36
31.13.71.7
34.111.113.62
35.190.43.134
54.175.49.101
69.172.200.185
044731ffb595f4384703fe1107e1a4900d2a02c2a83ef6cc07cde6596d9802a7
05fb08fd8a6b1423ce01da783ddc642f773fa028ff7a7765a7c187bdbe684be6
0ab5ad7a7ed2b911f7ae7071a31b4262988e8396ff6f1c1b22807a535bc120ce
0c699a8e6673a9721681be6384d575ef585a97090130a56ae43af275aef46eef
102020d6141eb7751a10c904bb36969ce9bc90e2e7c703a36807da569afa412d
18b9a6d948c839722f48fac341e17e16bb2768bee077982a897eedf1535c1062
1aafb85a50093471a446a27309e9534209a957d5b7edae0c8ed2611b290e32e3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21f669556102ff8a863cd6b5025672870eff5964acfc48d75dad1a444dc9f94c
2464c4fa72e7b6141a001d92980d580de7a1565d4b07f6ae0b016074c093763e
258cdc9c16eeaef17860481a53e4261cc5ca34045ec22d6eae49178709c0f38b
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3c34e0c0a2572b84bd84bcf322672e09a0794e47d75e24bbe5e6e77de68e69c9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
422615b7d66c56d9476d0468a809cac638fb45ac5aa027601629406dae6aa53a
4b90b5790459ff47e4ab673790b258a5cdc2fe2a72264c4efddf4e15c8e74e02
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
51ae3da0fdc534c81803325452272532929587b4a309fe109a1cb94bdc025f38
543258d97568f5aa658e2de5726c79ab0991ae4b717858fc624ae42cbf82d8aa
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
63215488650cd849f5f3d4a8750712e3f997ef59ca16ea138253b27382dd9a0c
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6edb6844bd2fa38bd9d30f861e20e01670094339280d5d0102bc092053ed5d2f
78a6b80fb021dd2a6607d6d8327e5e86194c4ef81d167af202eb9c3a16a26a57
7a69fb9fc676b02bff3e7d15c813f5514ab22ed70e786978108f1bbe9a8bf50b
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83905d8eee9b97d22596d076c779d85f741275f64542f9def2c9d86027cada5e
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
91a7dc14a31c8e47b24df8c1a31f77c8fe4f90240dbdfe06cc0968bc9c93282b
920a5b7f7174d9c8a379d146afc96813aed40bac8c343df07a812a1c6ef49fa7
92e2b30fffac6fdebec5a82e4f126b5e19f52b0196a6f13c7b2d63c9503b4ff4
940841057bd781047765cd03d6c66e4e0fc6c751f45fd80c4ef231b9aeb39b1b
95d333347b2f3d5c40c18f9258c79983f53fa26fb2465b8ec5e5f966027f6294
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
9de9b57597f2d159f7d7fa8a1788e3e6ff3d7dfc9a65e90813f8bf32b98f349b
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
9ecddac114140d491be21976d6c77e19315589d24b7ab86dac1ac530393e62fa
a1c3be5efe9efa04675949486c7df2fdfe8fcba7ea8b2c211a4ed4875c7e453d
a2142d584ca9dbda1048c97653ba2a3265c9481eaee978f281bf39d288a74811
a631cc8092dafae9d2ee86c0870c65ffa3c1dd16c7f7652fd27a7b361ca08040
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2ec0e3cf7ee094d15ff360d2d234f687881fc82f709b54dc04fe4ab16632e18
b524513a819f1964ef791a431c5896573f945edfb128d7bdd30c069f6e65a70f
b5b362759b808bc4a92c7a596d3a72435d539eb59f63d2e471c22fc31ebada64
b7e1441d8357217bf1b355978f58e0a54ec8a623ae8963cdb4650ccfd8410fa1
b811a69408353fcf4f79b743ceeaa31bae164882a7fd368fc3b5f34bf8863a86
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bcbacbcc05c99252bc87c7307a31bf1f6d0dbe76ee97de230577dbc0ae56cb00
be2e4d01f03207b8da8ff584516e52c2c861e1070487caab185dabcf55d6b156
c11dedd92331fe09d846fb3d73e6746709438f2c697ed1ae520103fe171515cf
ca4e68f2b09dd38e6b7b5347bc22aa914b2204a0181a4426cb85342c7579ec6d
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce5f5aede2baa6fcafbae8430f733fc1de485d5d17d605c27e33b07bcedc1e0f
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49424689a645505113105effd563d3c5221d1fbabc747c7925896d164985009
e5012487fb86e00be64e80ba985c25e3cd0bdbbb5a0a4f074b4e8cba303e8bf1
e53c8bbf17ae1c5ad5ae7cf16a5202c2b55fe63ec90add8b2e12110e284337ac
e8052e8c26cbf16a0250c37f395182ead09d98db1d18f5ece8dd52095829dce7
eae164dca0034a3786e6e731514883ba4642dd9fa76ffa978def6f42c9aa4e0f
ed24bb758b8c29a3930b59272c9dbc1a7e5ca4c3eded41add3eec1293f2a6cd2
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2de207d139ca1ad03e95b5d857173e19f6d2c097d7a297d52bc72c96ec975a
efc1b22c4a5569ce8e3ba06426b0361f6c467743afcc47af38a02560acffc98a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fcd5159242761e70e4a9e3ce765306df40fa80c9f5a5ad696d53e7abe3f870f2
fea26df9bd53ec38b85e08faaa8bb08888870c6fa0776b584a8d5aad8c846b28
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e