urlscan.io logo urlscan.io
SecurityTrails logo

surveys.legeropinion.com Open in urlscan Pro
3.224.141.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tinyurl.com/25m4wees
Effective URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=...
Submission: On September 25 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 2 countries across 25 domains to perform 95 HTTP transactions. The main IP is 3.224.141.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is surveys.legeropinion.com.
TLS certificate: Issued by R3 on September 17th 2023. Valid for: 3 months.
This is the only time surveys.legeropinion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.1.225 13335 (CLOUDFLAR...)
1 1 69.172.200.185 19324 (DOSARREST)
1 3.224.141.128 14618 (AMAZON-AES)
2 99.84.160.79 16509 (AMAZON-02)
1 172.253.62.95 15169 (GOOGLE)
3 6 104.16.125.175 13335 (CLOUDFLAR...)
2 13.249.90.207 16509 (AMAZON-02)
2 104.17.25.14 13335 (CLOUDFLAR...)
6 172.253.63.100 15169 (GOOGLE)
2 142.250.31.97 15169 (GOOGLE)
8 142.251.163.136 15169 (GOOGLE)
7 99.84.160.19 16509 (AMAZON-02)
26 18.154.230.222 16509 (AMAZON-02)
3 142.251.163.94 15169 (GOOGLE)
1 54.88.121.233 14618 (AMAZON-AES)
2 3.162.129.245 16509 (AMAZON-02)
2 31.13.80.12 32934 (FACEBOOK)
5 23.47.144.84 20940 (AKAMAI-ASN1)
1 142.251.111.100 15169 (GOOGLE)
1 142.251.167.154 15169 (GOOGLE)
1 2 172.253.122.156 15169 (GOOGLE)
1 172.253.115.149 15169 (GOOGLE)
4 172.253.115.95 15169 (GOOGLE)
1 142.251.163.147 15169 (GOOGLE)
1 142.251.163.119 15169 (GOOGLE)
1 142.251.167.132 15169 (GOOGLE)
1 7 35.190.43.134 15169 (GOOGLE)
2 31.13.80.36 32934 (FACEBOOK)
2 172.253.122.94 15169 (GOOGLE)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
95 28
1    172.67.1.225 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
1    69.172.200.185 (United States)

ASN19324 (DOSARREST, US)
PTR: maxbounty.com
afflat3e1.com
1    3.224.141.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-141-128.compute-1.amazonaws.com
surveys.legeropinion.com
2    99.84.160.79 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-160-79.ord52.r.cloudfront.net
builder-assets.unbounce.com
1    172.253.62.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f95.1e100.net
ajax.googleapis.com
6    104.16.125.175 (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    13.249.90.207 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-90-207.ord52.r.cloudfront.net
d1wbjksx0xxdn3.cloudfront.net
2    104.17.25.14 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    172.253.63.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f100.1e100.net
www.google-analytics.com
2    142.250.31.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f97.1e100.net
www.googletagmanager.com
8    142.251.163.136 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f136.1e100.net
www.youtube.com
7    99.84.160.19 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-160-19.ord52.r.cloudfront.net
fonts.ub-assets.com
26    18.154.230.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-230-222.iad55.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
3    142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net
fonts.gstatic.com
www.google.ca
1    54.88.121.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-121-233.compute-1.amazonaws.com
events.ub-analytics.com
2    3.162.129.245 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-129-245.iad61.r.cloudfront.net
sc-static.net
2    31.13.80.12 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net
connect.facebook.net
5    23.47.144.84 (Hillside, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-47-144-84.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    142.251.111.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f100.1e100.net
analytics.google.com
1    142.251.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net
stats.g.doubleclick.net
2    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
googleads.g.doubleclick.net
1    172.253.115.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f149.1e100.net
static.doubleclick.net
4    172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net
jnn-pa.googleapis.com
1    142.251.163.147 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f147.1e100.net
www.google.com
1    142.251.163.119 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f119.1e100.net
i.ytimg.com
1    142.251.167.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f132.1e100.net
yt3.ggpht.com
7    35.190.43.134 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
2    31.13.80.36 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-yyz1.facebook.com
www.facebook.com
2    172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net
www.gstatic.com
2    34.111.113.62 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
Apex Domain
Subdomains		 Transfer
28 cloudfront.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
224 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 80
1015 KB
7 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 955
2 KB
7 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 42241
101 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
42 KB
6 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1425
8 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 875
140 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 720
jnn-pa.googleapis.com — Cisco Umbrella Rank: 305
63 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
static.doubleclick.net — Cisco Umbrella Rank: 400
1 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
49 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 802
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
216 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 270
www.google.com — Cisco Umbrella Rank: 11
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
168 KB
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1100
33 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
181 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
19 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 38350
37 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 194
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
23 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 8716
408 B
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 46256
282 B
1 legeropinion.com
surveys.legeropinion.com
18 KB
1 afflat3e1.com
afflat3e1.com — Cisco Umbrella Rank: 116732
945 B
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 21350
856 B
95 25
Domain Requested by
26 d9hhrg4mnvzow.cloudfront.net surveys.legeropinion.com
8 www.youtube.com surveys.legeropinion.com
www.youtube.com
7 tr.snapchat.com 1 redirects sc-static.net
surveys.legeropinion.com
7 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
6 www.google-analytics.com surveys.legeropinion.com
www.google-analytics.com
www.googletagmanager.com
6 unpkg.com 3 redirects surveys.legeropinion.com
5 analytics.tiktok.com surveys.legeropinion.com
analytics.tiktok.com
4 jnn-pa.googleapis.com www.youtube.com
2 pixel.tapad.com 2 redirects
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 www.facebook.com surveys.legeropinion.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 connect.facebook.net surveys.legeropinion.com
connect.facebook.net
2 sc-static.net www.googletagmanager.com
tr.snapchat.com
2 fonts.gstatic.com www.youtube.com
2 www.googletagmanager.com surveys.legeropinion.com
www.googletagmanager.com
2 cdnjs.cloudflare.com surveys.legeropinion.com
2 d1wbjksx0xxdn3.cloudfront.net surveys.legeropinion.com
d1wbjksx0xxdn3.cloudfront.net
2 builder-assets.unbounce.com surveys.legeropinion.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.google.ca surveys.legeropinion.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 events.ub-analytics.com surveys.legeropinion.com
1 ajax.googleapis.com surveys.legeropinion.com
1 surveys.legeropinion.com
1 afflat3e1.com 1 redirects
1 tinyurl.com 1 redirects
95 31

This site contains no links.

Subject Issuer Validity Valid
surveys.legeropinion.com
R3		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02		 2023-06-01 -
2024-06-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.ub-analytics.com
Amazon RSA 2048 M01		 2023-03-11 -
2024-04-08		 a year crt.sh
sc-static.net
Amazon RSA 2048 M02		 2023-01-20 -
2024-02-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-07 -
2023-10-02		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-12		 a year crt.sh

This page contains 4 frames:

Primary Page: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Frame ID: 4CE6FED9EEFAEE0312A8811029795499
Requests: 71 HTTP requests in this frame

Frame: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Frame ID: CB9F0303D148329BE7E041CB2DC55EF7
Requests: 20 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=e2dfd50a-9204-439e-9a1c-6c17ca3d3f6f&u_scsid=47d683d9-cd43-4ece-a7e8-01a7b66a032b&u_sclid=938d2306-1a5c-43a3-8404-9d7f98b33777
Frame ID: 9BD9651F6C8F9C5288633698EA007950
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1695433281334&pnid=140&pcid=6a072ee3-ff45-434c-874c-c324ac7e195a
Frame ID: 6A96ED664705CB0B4FE320B2B4D5E30E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tinyurl.com/25m4wees HTTP 301
    https://afflat3e1.com/lnk.asp?o=19984&c=150966&a=315372&k=42B35A8DAE501082D35E50456B2DC1C3&l=20939 HTTP 302
    https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

96 %
HTTPS

0 %
IPv6

25
Domains

31
Subdomains

28
IPs

2
Countries

2141 kB
Transfer

6352 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tinyurl.com/25m4wees HTTP 301
    https://afflat3e1.com/lnk.asp?o=19984&c=150966&a=315372&k=42B35A8DAE501082D35E50456B2DC1C3&l=20939 HTTP 302
    https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://unpkg.com/notie/dist/notie.min.css HTTP 302
  • https://unpkg.com/notie@4.3.1/dist/notie.min.css
Request Chain 7
  • https://unpkg.com/notie HTTP 302
  • https://unpkg.com/notie@4.3.1 HTTP 302
  • https://unpkg.com/notie@4.3.1/dist/notie.min.js
Request Chain 64
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 87
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1695653531524&u_scsid=2de3b4c6-8462-4e65-a7c0-a13c11d35996&u_sclid=81bc06a2-db28-42b9-92c3-3404cc27adb7 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1695433281334%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1695433281334%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1695433281334&pnid=140&pcid=6a072ee3-ff45-434c-874c-c324ac7e195a

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
surveys.legeropinion.com/partner-mb-leads/
Redirect Chain
  • http://tinyurl.com/25m4wees
  • https://afflat3e1.com/lnk.asp?o=19984&c=150966&a=315372&k=42B35A8DAE501082D35E50456B2DC1C3&l=20939
  • https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
120 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.224.141.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-141-128.compute-1.amazonaws.com
Software
/
Resource Hash
c2feaf03b14c3c11cfddc2ca9bf8f1d08bac2f6650a54433473d0afcea5add05

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-length
17413
content-location
https://surveys.legeropinion.com/partner-mb-leads/
content-type
text/html; charset=utf-8
date
Mon, 25 Sep 2023 14:52:10 GMT
etag
"d:d6e21f8a2b7d4fdd9777b04fa84176e4"
link
<https://surveys.legeropinion.com/partner-mb-leads/>; rel="canonical"
x-proxy-backend
page-server
x-unbounce-pageid
213eeaf8-d53e-4655-ae6f-6da93ca9f4cb
x-unbounce-variant
d
x-unbounce-visitorid
d6e21f8a-2b7d-4fdd-9777-b04fa84176e4

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
294
Content-Type
text/html
Date
Mon, 25 Sep 2023 14:52:09 GMT
Keep-Alive
timeout=20
Location
https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Server
nginx/1.20.2
X-DIS-Request-ID
9ef99d2a33feac7c74117e3a62614c49
X-Powered-By
ASP.NET
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-79.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 14:34:29 GMT
content-encoding
gzip
via
1.1 37069e7b3e0fcab3339e435d9be900e8.cloudfront.net (CloudFront)
x-amz-version-id
fMGT9YqOCj6GvXj65o03BPFmMJDaNxvc
x-amz-cf-pop
ORD52-C2
age
1297062
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2902
last-modified
Tue, 11 Jul 2023 16:18:48 GMT
server
AmazonS3
etag
"99b89a3d5f7bab4f89aad694ef70a6d8"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3VQFkLoxJNLmVmKAX6PMEzCEjv5dkRTihGaSUCWA3sI38fmgTVjT3A==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 11:27:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Sep 2024 11:27:14 GMT
notie.min.css
unpkg.com/notie@4.3.1/dist/
Redirect Chain
  • https://unpkg.com/notie/dist/notie.min.css
  • https://unpkg.com/notie@4.3.1/dist/notie.min.css
2 KB
707 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/notie@4.3.1/dist/notie.min.css
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Server
104.16.125.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91a7dc14a31c8e47b24df8c1a31f77c8fe4f90240dbdfe06cc0968bc9c93282b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8212973
last-modified
Sun, 05 Mar 2017 06:13:32 GMT
fly-request-id
01H3HMQ18NX39CCE71S3JGGAKN-yyz
server
cloudflare
etag
W/"6f5-czt8y7g9GjGMjisK+cfYowPsXkg"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80c416e3d8cd3705-YYZ

Redirect headers

date
Mon, 25 Sep 2023 14:52:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HB6CRQW1PYWPXDWVVCK8ZCW8-yyz
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
470
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/notie@4.3.1/dist/notie.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
80c416e3886d3705-YYZ
ub.js
d1wbjksx0xxdn3.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1695165334
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.90.207 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-90-207.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 23:47:15 GMT
content-encoding
gzip
via
1.1 8542aaf5305e0e6e067cca1e9561db6e.cloudfront.net (CloudFront)
x-amz-version-id
DrDbRvFA9mO1umKMKkGWhgl31YCzXh7a
x-amz-cf-pop
ORD52-C1
age
486296
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1864
last-modified
Mon, 26 Jun 2023 16:59:10 GMT
server
AmazonS3
etag
"118cee1e64f6b283233c55aee7da10da"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
oQnZUPio7IJLUsWnZpq10eNIvydlG22aE_BNuXT_-bvyfzfkKsg7Aw==
jquery.validate.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/jquery.validate.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2553eb901c3a1ef665fcf8f728a69da7f714fd7b7a472d1f252b878cf6d02b70
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8704341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11719
last-modified
Fri, 11 Jun 2021 11:01:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60c342a7-2dc7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2B5zH0mSfj%2FntayYP0a4GDW1thsBOze4OjlWKGTZ5IX3DeHEPL0x15aa9oqV%2Bm%2BJYqwGUt5ICO9p9RMdrAL465kzNBYLoLCs2j8FEbrbDokcM%2Fg7mopWelGupa5yWPoQ7kItntn2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80c416e38ded5497-YYZ
expires
Sat, 14 Sep 2024 14:52:10 GMT
form-maker.js
unpkg.com/leosubscriptionformscript@1.0.46/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/leosubscriptionformscript@1.0.46/form-maker.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.125.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b9a6d948c839722f48fac341e17e16bb2768bee077982a897eedf1535c1062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8212972
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H3HMQ163ZNZK46TNNCR69BQP-yyz
server
cloudflare
etag
W/"2ed4-gMa8MqoQ5DMJfBxzWmZCye9tPoI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80c416e3886f3705-YYZ
notify.min.js
cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/notify.min.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b524513a819f1964ef791a431c5896573f945edfb128d7bdd30c069f6e65a70f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13033271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6558
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-3562"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1UQHfZr2y8hG4iKqoz5dpwK2nhuPkhFgs67L8fD%2BqGYsQ2UCAnNF8pibTSrq2fzEdpPeMAdUQ4i51gu%2FzR2H7g1%2BktAoPu0AygHVC%2F%2BHUsO7U%2BHESPV5NPswSA0rv4dG2wL8xM%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80c416e38a34a210-YYZ
expires
Sat, 14 Sep 2024 14:52:10 GMT
notie.min.js
unpkg.com/notie@4.3.1/dist/
Redirect Chain
  • https://unpkg.com/notie
  • https://unpkg.com/notie@4.3.1
  • https://unpkg.com/notie@4.3.1/dist/notie.min.js
15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/notie@4.3.1/dist/notie.min.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Server
104.16.125.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ecddac114140d491be21976d6c77e19315589d24b7ab86dac1ac530393e62fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8212973
last-modified
Sun, 05 Mar 2017 06:13:30 GMT
fly-request-id
01H3HMQ1BZEDBEN2D9TDFR3PS0-yyz
server
cloudflare
etag
W/"3a5d-uivKlLqVCotbghPTVIZhfrcZ7q8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80c416e429583705-YYZ

Redirect headers

date
Mon, 25 Sep 2023 14:52:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H3HMQ17A59QAW983MK9KZ2YE-yyz
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8212973
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/notie@4.3.1/dist/notie.min.js
cache-control
public, max-age=31536000
cf-ray
80c416e3d8cf3705-YYZ
main.bundle-85a7477.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-79.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 11:44:39 GMT
content-encoding
gzip
via
1.1 37069e7b3e0fcab3339e435d9be900e8.cloudfront.net (CloudFront)
x-amz-version-id
TsqXEulHpCIWQfLEsYTo7.zRFGF4af5e
x-amz-cf-pop
ORD52-C2
age
961652
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33747
last-modified
Mon, 10 Jul 2023 18:38:42 GMT
server
AmazonS3
etag
"6ce35e88e5299f623189adcaf266b9b3"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jvQytU1vyUftXnQEzOeFkDrAPYz_XlQx-jTfAw2ZpJ3bKE_Iql0AiQ==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Sep 2023 13:41:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4229
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 25 Sep 2023 15:41:41 GMT
gtm.js
www.googletagmanager.com/ 		253 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WW698L4
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e1b474ade18a4a7f56e5ad22e1a4279a6a001b7fe9a526f91078266575adeece
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91006
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Sep 2023 14:52:10 GMT
QSN4Aae_JsQ
www.youtube.com/embed/ Frame CB9F 		90 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
ESF /
Resource Hash
4ff0e9c9632d564b226d5b95231ab5b6e7fcc568616a473918d779af1fb82b0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://surveys.legeropinion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 14:52:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/gif
39732b93-9098-4f42-9321-c0396a70b6b9
https://surveys.legeropinion.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://surveys.legeropinion.com/39732b93-9098-4f42-9321-c0396a70b6b9
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length
5523
Content-Type
text/css
css
fonts.ub-assets.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-19.ord52.r.cloudfront.net
Software
/
Resource Hash
3c34e0c0a2572b84bd84bcf322672e09a0794e47d75e24bbe5e6e77de68e69c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 28858a97d9085a1c936c63ea0b2b4b46.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
x-amzn-requestid
db069b39-0dca-42bc-9061-138613a285d8
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
L0W4MG95oAMEcoQ=
content-length
842
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-65119e9a-6c3dcb3a65b4120d01fb3432
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
XMG4BO_KbIw96D9LyfOeIaNyaY5QNNHGIn8PpSQAZJNePFagyjO9Yw==
26842c4c-header-logo-1630076625.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/26842c4c-header-logo-1630076625.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aafb85a50093471a446a27309e9534209a957d5b7edae0c8ed2611b290e32e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:49:28 GMT
x-amz-version-id
O9.Oa_eKl63vCnSsQfF5SB2fJr64MUV6
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
etag
W/"2d474839a6c984f70b97acee57ea1d65"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
16822963
x-amz-cf-id
K7O_T2z89Rzed6avvdqllbh94P9u1jDJDBrbQuHK5MtnMoe6irKu3w==
ab4c00a2-5d693c419e8ed-1638370933_109g0ax09g0aw000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ab4c00a2-5d693c419e8ed-1638370933_109g0ax09g0aw000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
920a5b7f7174d9c8a379d146afc96813aed40bac8c343df07a812a1c6ef49fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 19:27:47 GMT
x-amz-version-id
1VSUdFLW6NaYA3cORZE8jLpZOf6.Gf.6
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
7154664
etag
"95e6ba7c29a9144fbf96d0c59f55beca"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
17737
x-amz-cf-id
k7Demv2qF-jwhe6YyZdadNPhacEVmg3H6ZHVM3zkrSgTUopxAeFXOw==
27dafb42-instagram.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/27dafb42-instagram.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efc1b22c4a5569ce8e3ba06426b0361f6c467743afcc47af38a02560acffc98a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:57:29 GMT
x-amz-version-id
sIIbD7T4G3d4.Aq2Sgq2fNSLe4QGBw1l
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
etag
W/"155763b35b3b6d828a02c0f29bc2f1ed"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
16829682
x-amz-cf-id
XmwTZd8ks_in9YTEkL1EzF9ezX_98ooI8Z1MHeTAF65fEsPLDHlWGA==
0846d830-facebook.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		757 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/0846d830-facebook.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05fb08fd8a6b1423ce01da783ddc642f773fa028ff7a7765a7c187bdbe684be6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 27 May 2023 05:05:29 GMT
x-amz-version-id
_ZiQDfd16UUADJ3NHYYC4EqOektpFUPb
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
10489602
etag
"b673d738d229f35805123d7bb27f0abb"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
accept-ranges
bytes
content-length
757
x-amz-cf-id
TeWZfiy_bK4eOhWhchFkaTzKAwU08YlR8ht6CXXaTtH8sCfM7Z-UJA==
2c56bc20-horizons-icon.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		966 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/2c56bc20-horizons-icon.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
422615b7d66c56d9476d0468a809cac638fb45ac5aa027601629406dae6aa53a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:57:29 GMT
x-amz-version-id
9H2pMpDFysn.rb8FLVq1sijsXmqcCzH_
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
16829682
etag
"35ff732ec963181bc3d9f5f24bf656cc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
accept-ranges
bytes
content-length
966
x-amz-cf-id
7RFk69vwfdnu4MXkAeeAuK36dewRLNOUqeam1aZ79Yaq0XtdNzprHw==
2c7e163b-visa_108q05d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/2c7e163b-visa_108q05d000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2ec0e3cf7ee094d15ff360d2d234f687881fc82f709b54dc04fe4ab16632e18

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 16:39:44 GMT
x-amz-version-id
m8bM6D60zQrmKlvieiC6MWz9sbRTADuw
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
7164747
etag
"c6830974835f3a5a0bd0193a240fb662"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
9692
x-amz-cf-id
cBCYfpzHTl43rGkTmPWFGwzeCe2he1aDWvm_dVvQyVFTJ25CpgYAaw==
4656a83e-paypal.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/4656a83e-paypal.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:52:16 GMT
x-amz-version-id
RapImOmVRM2mmZx0w5xHqAke_PLEdJ1_
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
etag
W/"fa90774cf99780f6efdf8f65a400d8d2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
6631195
x-amz-cf-id
632e3eS_RE8U7FH_Bel6Qbbe0ql6KHe65X1EZNVioKZQvCUWI0aCBA==
ccade685-amazon_106m042000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ccade685-amazon_106m042000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcbacbcc05c99252bc87c7307a31bf1f6d0dbe76ee97de230577dbc0ae56cb00

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:52:16 GMT
x-amz-version-id
Z3Jl2qX7a8PuuAReL_EKkR5TVPuYUwne
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
6631195
etag
"8e96d9c4e16a7d409cfc4c5e7a6af3b3"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1645
x-amz-cf-id
ZC2TtVeZICgeEztzRNcdctEvS8x5dkVJA1zi460VgPPCILhIVon3SQ==
da5bdcfc-airmiles-vert-electric-blue-rgb-f_103z03p000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/da5bdcfc-airmiles-vert-electric-blue-rgb-f_103z03p000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21f669556102ff8a863cd6b5025672870eff5964acfc48d75dad1a444dc9f94c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 18:51:09 GMT
x-amz-version-id
ZG0LIxdkx1ydyJp5TMmy14rZXFvcFknt
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
6379262
etag
"55ac6a583471bb24c03548edf63ecd42"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2463
x-amz-cf-id
-baizBvxFjVd4OX3jtJsK0QbDr-_0dStSuKRmFJibqCYTUVS5_vEOw==
a020d335-starbucks-ombre_105z03s05z03p000001028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/a020d335-starbucks-ombre_105z03s05z03p000001028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
543258d97568f5aa658e2de5726c79ab0991ae4b717858fc624ae42cbf82d8aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:49:28 GMT
x-amz-version-id
No8L2wipH8n18qi.nwEQmfp7v56hALbF
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
16822963
etag
"10ef74b74aa0cde8a65e85b76dd69193"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
5420
x-amz-cf-id
OQuvcAt7Sr-EfzdHBjyNiwtZ_ziVs7xSQmlpVqRwxcnkRmwSEwn70Q==
cbe23395-doordash-ca-1-ombre_106003w06003t000001028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/cbe23395-doordash-ca-1-ombre_106003w06003t000001028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2142d584ca9dbda1048c97653ba2a3265c9481eaee978f281bf39d288a74811

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 18:51:09 GMT
x-amz-version-id
O.6eA7XDDxQ9kRh1hD6tPmkTNRaEckB7
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
6379262
etag
"57a1d1c4f6c0d63baebaf860514699bc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2119
x-amz-cf-id
xSJL9h7vOn4ttVoRv3qyr5Nsy4UVjgRDqiLDf84axyj7gcNjePQAYA==
235a5ba7-ubereat_106703t06003t003000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/235a5ba7-ubereat_106703t06003t003000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fea26df9bd53ec38b85e08faaa8bb08888870c6fa0776b584a8d5aad8c846b28

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 18:51:09 GMT
x-amz-version-id
B.1cmaYvEDcAA_w8I7SqbQBQxtNRVoHa
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
6379262
etag
"3639d5c160c70d87bf0eccbba5dde917"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1976
x-amz-cf-id
DnnQpr_rrG7FwvkKIAGxriJw7rUmNfzrSONIMJHprNskFE1DdypLqw==
5183e0f6-aeroplan.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/5183e0f6-aeroplan.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
102020d6141eb7751a10c904bb36969ce9bc90e2e7c703a36807da569afa412d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 19:57:29 GMT
x-amz-version-id
Sj6.fkfwhsIVc7GO9C1eO1cz0a9OD2W8
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
etag
W/"5d4e8212d14bc4e974be8a1d86656804"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
16829682
x-amz-cf-id
fdc47S7YxjHEf-J1fFV60qldggsd63y_nnq8vNwuU72RqtjQjwsR_w==
127ef0cf-mastercard_108n05c000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/127ef0cf-mastercard_108n05c000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ab5ad7a7ed2b911f7ae7071a31b4262988e8396ff6f1c1b22807a535bc120ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 19:27:47 GMT
x-amz-version-id
vk23T7VNCHTEmNLvPnlgq_Me4IEPNTlv
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
7154664
etag
"907dc0bc18b93e13b0bc286ef4f50a9d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
9705
x-amz-cf-id
Pt8OEI47fr2r8zaQ1ajCfx3TcmVbnBt2fP1EfhI5eG3x9_lfvzZEkA==
d088c2d4-uber.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/d088c2d4-uber.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be2e4d01f03207b8da8ff584516e52c2c861e1070487caab185dabcf55d6b156

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:52:16 GMT
x-amz-version-id
39CjkSt1sesoTMkCGOdy57dw0DImH70H
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
etag
W/"123584f785f8ac95629b185770323a1d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
6631195
x-amz-cf-id
G3xOvtd-xZoay9_kn5ZHwolNRwPE77A4PgM1JRub3OxPZf_JET1ozA==
06f47d08-tik-tok.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/06f47d08-tik-tok.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92e2b30fffac6fdebec5a82e4f126b5e19f52b0196a6f13c7b2d63c9503b4ff4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:49:28 GMT
x-amz-version-id
PwgvkzPiHOlI_ka_6NTNjVqAk7kvAToq
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
etag
W/"f9e80e42183bad52c437226df38a6fb4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
16822963
x-amz-cf-id
QMNm1xBESVBbjt0qfCGzoKVVGxBMpxQgxT3PkqtCi1_IEqcQ6Ustfw==
fd708ad7-shirley-qc_102s03p02s02s000000000.jpg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/fd708ad7-shirley-qc_102s03p02s02s000000000.jpg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6edb6844bd2fa38bd9d30f861e20e01670094339280d5d0102bc092053ed5d2f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:52:16 GMT
x-amz-version-id
MokXK5uJT0T62iNwPmZlGgTIWRNd4eCq
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
6631195
etag
"fd7f6882a250af369074873afbfc7e1d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
4430
x-amz-cf-id
Jy7WF-Zh0jxzJ7-8rk5flOZoShxQYpjj2wgKIDfgaelvzt9PQ2lzgA==
914b9a19-noun-five-stars-1717601.svg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/914b9a19-noun-five-stars-1717601.svg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63215488650cd849f5f3d4a8750712e3f997ef59ca16ea138253b27382dd9a0c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 23:55:09 GMT
x-amz-version-id
y9W32lrl2TQSohQCUq_6gxVisJI4uugO
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P5
etag
W/"8fa99ddb1d188610b23c0490462491bd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
313022
x-amz-cf-id
yWh1iFACXi3QrswAvkoNcmCOOe1maYiKGbjMkW4c_NxK2S_0QoAI6Q==
13f9ff4e-julia-on_102s03p02s02s00000g000.jpg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/13f9ff4e-julia-on_102s03p02s02s00000g000.jpg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b811a69408353fcf4f79b743ceeaa31bae164882a7fd368fc3b5f34bf8863a86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:49:28 GMT
x-amz-version-id
X84_PSfMN0Ruwfcft40ngoqo_donGvDc
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
16822963
etag
"f540a0e519a79d54f2bb3c36e0a000d9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
10531
x-amz-cf-id
0EHIq2ylFPQbiKIL1AxGY5Uktp7mwV88gJ-gdUAxROlcqUh2sXO9hQ==
6ffc537f-cedric-on_102s03p02s02s00000g000.jpg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/6ffc537f-cedric-on_102s03p02s02s00000g000.jpg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8052e8c26cbf16a0250c37f395182ead09d98db1d18f5ece8dd52095829dce7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:52:16 GMT
x-amz-version-id
kRai7rdQHmYcotWpkhZy07MrqEiDNNuQ
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
6631195
etag
"4e5274c2319be383de645f7244909f7c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
4969
x-amz-cf-id
oz62avy8dRWCGYQS9TFiFlKsy5YqvDcOgsqLI6E3pQRNMhIK76kKdg==
fd708ad7-shirley-qc_102s03p02s02s00000g01o.jpg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/fd708ad7-shirley-qc_102s03p02s02s00000g01o.jpg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a631cc8092dafae9d2ee86c0870c65ffa3c1dd16c7f7652fd27a7b361ca08040

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 16:39:45 GMT
x-amz-version-id
1E4QU2fWWkl2tziYqEndVJaOXnXx.ch1
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
7164746
etag
"2125eca5fe03227981cb69032e5ac507"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1972
x-amz-cf-id
VT5r5pwkDVqjbpzZ2Q39z8wwuVCjP2IAPUbQGz4LpaEl1RevyuukGw==
13f9ff4e-julia-on_102s03p02s02s00000g01o.jpg
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/13f9ff4e-julia-on_102s03p02s02s00000g01o.jpg
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
940841057bd781047765cd03d6c66e4e0fc6c751f45fd80c4ef231b9aeb39b1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:52:16 GMT
x-amz-version-id
qc922tyiVLxhanEfCod9cCHFxqxtvdGb
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
6631195
etag
"09543a251a2965ffd29cd397dbc9ac45"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1874
x-amz-cf-id
qOruVu8mGTrNbd2pw-6K68tiCq6vn_VcBt3OkeejuJoDqZj_3422EQ==
5eab4ed0-google-reviews-copie_103h01y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/5eab4ed0-google-reviews-copie_103h01y000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed24bb758b8c29a3930b59272c9dbc1a7e5ca4c3eded41add3eec1293f2a6cd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:52:16 GMT
x-amz-version-id
tr.YesYV1jF.hR4ZQUzpi2IHfLr9qLWL
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
6631195
etag
"813abce298edfdb3cab19d77c3090882"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2123
x-amz-cf-id
JxQqQHWXdF6nDQzvS60zlqBaUhQLedOYqxBLQiQCHTgTAWza-oZCLA==
ce7902cd-leger-leo-vectoriel-rvb-powered-by-leger_105k03f000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ce7902cd-leger-leo-vectoriel-rvb-powered-by-leger_105k03f000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce5f5aede2baa6fcafbae8430f733fc1de485d5d17d605c27e33b07bcedc1e0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 18:51:09 GMT
x-amz-version-id
JwWX1kCp1OO376HcqJrW8VD.pLZ1exXm
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
6379262
etag
"d59739267e076e3828bad09af19a3e8c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2389
x-amz-cf-id
joIhp9agx68lYC7KNwrWRChDwTVBsVuZiPCTEYzRmwaVVRkMoU3PEg==
17df442b-rond-concours_108m09y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/17df442b-rond-concours_108m09y000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1c3be5efe9efa04675949486c7df2fdfe8fcba7ea8b2c211a4ed4875c7e453d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:52:16 GMT
x-amz-version-id
LvIiPTdIIMc_8Hbqi.Z8GBXnYQuy6e1x
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
6631195
etag
"0659f2700300782b3b6052e811641f11"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
50736
x-amz-cf-id
OCRSiJQZ1cMMbkjS8F6HXT126aisPbwD7OuLLG-OyMuy85pCjLYTJw==
17df442b-rond-concours_107y096000000000000028.png
d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/surveys.legeropinion.com/partner-mb-leads/17df442b-rond-concours_107y096000000000000028.png
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-222.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eae164dca0034a3786e6e731514883ba4642dd9fa76ffa978def6f42c9aa4e0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 18:51:09 GMT
x-amz-version-id
Nb34XK7dQlNyl98wpRv7yZ5gJJkBxoPH
via
1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Mar 2023 15:04:29 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
6379262
etag
"70140c4f46e12bb9063c44df679db7eb"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
44163
x-amz-cf-id
SVswv3ryepS4-ylmMywkPUwdI2oAalzrz35ZLw3hq2bVRhwcozfNzA==
sp-2.14.0.js
d1wbjksx0xxdn3.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/sp-2.14.0.js
Requested by
Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1695165334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.90.207 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-90-207.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 10:33:20 GMT
content-encoding
gzip
via
1.1 8542aaf5305e0e6e067cca1e9561db6e.cloudfront.net (CloudFront)
x-amz-version-id
0Jz2Bo4sfVFEftEdSoFX9n5OCEdIO6kj
x-amz-cf-pop
ORD52-C1
age
1052331
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30399
last-modified
Mon, 26 Jun 2023 16:59:50 GMT
server
AmazonS3
etag
"73de733c308b8b5e44d2a6242dc4bd99"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
vvpetzX_oTlYa8fInpQFAoO3NcxOq0QwM5vj4aa1NhEsf0u_dWuMHg==
collect
www.google-analytics.com/j/ 		3 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=560984363&t=pageview&_s=1&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1329517315%26AffSub%3D315372&dp=%2Fpartner-mb-leads%2Fd%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1329517315%26AffSub%3D315372&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2123564622&gjid=304191644&cid=1115244729.1695653530&tid=UA-219875071-7&_gid=1992169608.1695653530&_r=1&_slc=1&z=118687068
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://surveys.legeropinion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 14:52:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://surveys.legeropinion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/f130aa11/ Frame CB9F 		378 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f130aa11/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
sffe /
Resource Hash
184f263c8a0cf32ae43d5a71874448ee748057dae78d16b189355f20856d1571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 10:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48765
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 01:59:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Sep 2024 10:49:10 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB9F 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 23:47:16 GMT
x-content-type-options
nosniff
age
227094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2024 23:47:16 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB9F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 16:51:40 GMT
x-content-type-options
nosniff
age
252030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2024 16:51:40 GMT
i
events.ub-analytics.com/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1695653530525&e=pv&url=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1329517315%26AffSub%3D315372&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=America%2FLos_Angeles&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=00f56ba1-c298-4acb-938e-de40b75a5f93&dtm=1695653530523&vp=1600x1200&ds=1600x3136&vid=1&sid=dd53ca75-9614-4f86-b5f5-8ab75ad49ade&duid=bc8ea3d4-2b88-4097-8c02-de5e78255673&uid=d6e21f8a-2b7d-4fdd-9777-b04fa84176e4&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMjEzZWVhZjgtZDUzZS00NjU1LWFlNmYtNmRhOTNjYTlmNGNiIiwidmFyaWFudElkIjoiZCIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.121.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-121-233.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:10 GMT
server
akka-http/10.2.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
embed.js
www.youtube.com/s/player/f130aa11/player_ias.vflset/en_US/ Frame CB9F 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f130aa11/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
sffe /
Resource Hash
8469c3122d71ff9edca3bdd359a7b6b9b25511c9e4787e361002a694838336a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:33:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
1117
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17268
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 01:59:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Sep 2024 14:33:33 GMT
www-embed-player.js
www.youtube.com/s/player/f130aa11/www-embed-player.vflset/ Frame CB9F 		314 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f130aa11/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
sffe /
Resource Hash
814a083900a57d4247f0698dc4c4ebc204e44e3e24d481506fda5e82e0d05bab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:39:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96189
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 01:59:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Sep 2024 14:39:05 GMT
base.js
www.youtube.com/s/player/f130aa11/player_ias.vflset/en_US/ Frame CB9F 		2 MB
783 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f130aa11/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
sffe /
Resource Hash
042600f19909ce6a89dbd4809814f12ebe0784229938b7c9bb185c9feda98531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:37:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
878
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
801154
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 01:59:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Sep 2024 14:37:32 GMT
scevent.min.js
sc-static.net/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW698L4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.129.245 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-129-245.iad61.r.cloudfront.net
Software
CloudFront /
Resource Hash
25f0d9a182b9a8883cf36f88666a255c54f4ee878e07ab76b73b6db27d2faaa9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:10 GMT
content-encoding
gzip
via
1.1 f638767bb567304644b370360b61ed30.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD61-P3
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
16649
x-amz-cf-id
wIRTSPzBkHhncHwekEVxbSLqvhQStVmCPwhQYLQF32tC7TT5t_vgeg==
fbevents.js
connect.facebook.net/en_US/ 		197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.12 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 25 Sep 2023 14:52:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53243
x-xss-protection
0
pragma
public
x-fb-debug
We6A7CDU72GXgpGz7nAPsy3wF/x8/toX6boQTIMFdFMx4nQyp9k9264BDY2Uoy0sue2IDysFIOjC6hWVZ/BShg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC2FCH3C77U4HHTK36M0&lib=ttq
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.84 Hillside, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a51cb0262bff234b32859f5a254ed8ee685be9762d86a15f962294d3b4967056

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-akamai-request-id
2085139
date
Mon, 25 Sep 2023 14:52:10 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-64-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=14
content-length
1721
pragma
no-cache
server
nginx
x-tt-logid
20230925145210783F18EB9054EFB8FAED
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.54.64.148
x-tt-trace-host
0184542658679108c4dc7dc495c85107364c2136ebec7bd95f31acec81d6192db1fa0dcaf79c6d929c0e773bf5361c66c9f578209f2edebfcfca8aba97f12ad7f6f952aa2818be5bb5fad80d1e64b2509de571b10fdcccbc299b79c0a067737c13
expires
Mon, 25 Sep 2023 14:52:10 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FZD3MWNDCN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW698L4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
23f17f989d27d0f548111dbcac3788d1a8dd0252e9e06b569b73e6a5b1b5b19e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93803
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 25 Sep 2023 14:52:10 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-19.ord52.r.cloudfront.net
Software
/
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 07:03:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15744
via
1.1 de33a243d95a626772ee38d6f5849f96.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
age
805748
x-amzn-requestid
cc165792-11b5-4c09-8a4a-179a640a9a34
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
LVnuFFP7oAMEQQQ=
content-length
15767
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-65055326-511d24f745a56a33181ddf23
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
DUub-ei9BR6qMpor5yfE4GkN-IlVeXiz8zwTrRN0ouVhnzeq1uaVBg==
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-19.ord52.r.cloudfront.net
Software
/
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 06:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15740
via
1.1 de33a243d95a626772ee38d6f5849f96.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
age
894203
x-amzn-requestid
2b5529e3-c750-4fbf-82a9-ac51c24c7c21
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
LSPw7FC2IAMEFDQ=
content-length
15763
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6503f99f-5da109c23b82cd3249fc23fd
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
rFV_aSp_SPmLB8Ssawmg28DlOGzkTKuj2jJgW6VrxRoxstcdeRrcbw==
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-19.ord52.r.cloudfront.net
Software
/
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 07:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15752
via
1.1 de33a243d95a626772ee38d6f5849f96.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
age
4260356
x-amzn-requestid
cfac902a-164c-4e96-a962-731b7c8312fb
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
JR1niG9toAMF8bg=
content-length
15775
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-64d09c96-0338ec24264a1a073fa5a72b
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
2fULU6F_5bEUr8bHhWfjWCLXjOjAKLDNone-2CYu0SEvACAY5y6mag==
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-19.ord52.r.cloudfront.net
Software
/
Resource Hash
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 27 May 2023 09:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
17508
via
1.1 de33a243d95a626772ee38d6f5849f96.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
age
10472401
x-amzn-requestid
8f782ce3-40e9-4f20-9f3a-25462344856d
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
Fk3fhEPwoAMFtBg=
content-length
17536
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6471d2c9-04c605c473bee7d521c60746
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
bjtOtuQo2R51OoIzSJXV1HrEKeeiYjqEY2zjpR6aIpP-l7TQJlhhqw==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-19.ord52.r.cloudfront.net
Software
/
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 01:50:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15860
via
1.1 de33a243d95a626772ee38d6f5849f96.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
age
565324
x-amzn-requestid
2c5ec73d-16e9-4d60-a6cc-2979ce9f0e89
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
LeysSEOqIAMEKNw=
content-length
15883
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6508fe4e-5073929e47bee19e140e945e
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
VaZtOyIsTPwpSkP_c4XsXTyylwO9Z6TAEsOVqPEvuj2oRSt5OBVE6Q==
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.160.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-160-19.ord52.r.cloudfront.net
Software
/
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:regular,500,900,300italic,300,700
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 19:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15920
via
1.1 de33a243d95a626772ee38d6f5849f96.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C2
age
6029644
x-amzn-requestid
742195c8-916e-49d6-9167-a117f96632e6
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
IOWERFR5IAMFWHg=
content-length
15943
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-64b59d4e-234211826f3eb7e23a87f962
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
7XugmDKCedIF7GI1Rpxw13w-Lx4y7QGZ3XrsNkiG8KXfXjKuSdTZfw==
collect
analytics.google.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FZD3MWNDCN&gtm=45je39k2&_p=560984363&_gaz=1&cid=1115244729.1695653530&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1695653530&sct=1&seg=0&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1329517315%26AffSub%3D315372&dt=&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FZD3MWNDCN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 14:52:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://surveys.legeropinion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FZD3MWNDCN&cid=1115244729.1695653530&gtm=45je39k2&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FZD3MWNDCN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 14:52:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://surveys.legeropinion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FZD3MWNDCN&cid=1115244729.1695653530&gtm=45je39k2&aip=1&z=530958487
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 14:52:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1647986675543514
connect.facebook.net/signals/config/ 		421 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1647986675543514?v=2.9.128&r=stable&domain=surveys.legeropinion.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.12 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
af05cea958f8b3a2c011866e55a8f1124f341775f110f21b4c27749f06165988
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 25 Sep 2023 14:52:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
BMBm5iQ99sx+lW+x1WVPL/ZXaWAN+A8jdCelT1qE4Oa0A3Fr1DJ+3vEjqaSf9Mucmb9O4BbX6T4OHVtKHKWCRg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame CB9F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
1ea46e01f6fe85518c63cf7ffacb985f94fca543d3d1ab37422c88658bcccce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 25 Sep 2023 14:52:11 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame CB9F 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f149.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:51:06 GMT
x-content-type-options
nosniff
age
65
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 15:06:06 GMT
main.MWQ0NWRkZTlhMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		389 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC2FCH3C77U4HHTK36M0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.84 Hillside, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-akamai-request-id
2085453
date
Mon, 25 Sep 2023 14:52:10 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202309211238249B40D06E5811ED3F06CF
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-54-64-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01e68c89e9533e0e233a263f4c0d0625e6f86756d6c9a5c07023c49b300e24cac13e31120745d21d5474c603720e3b9e5d9e15e5335334ecf3d1bcaeeefa279eda008371c40e978e083963c4fa5e1eee82ae3e3357b2ac503e0cf7e53955751588
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
102779
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 25 Sep 2023 14:52:11 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CB9F 		68 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
be15ab27844b2a1c43f698f428f54d48c5e115b7d761977663c4ce5c68945f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 25 Sep 2023 14:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32155
x-xss-protection
0
remote.js
www.youtube.com/s/player/f130aa11/player_ias.vflset/en_US/ Frame CB9F 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f130aa11/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
sffe /
Resource Hash
8b3a87803788cad8d50157b7b586a8e0f2ce8dd36809e3f4eb30d7dcf740823a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
1266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33591
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 01:59:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 24 Sep 2024 14:31:05 GMT
qj1nkYDZFsZ45STQC_t91Ttn5FIAUhjsWqGcw3cvHws.js
www.google.com/js/th/ Frame CB9F 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/qj1nkYDZFsZ45STQC_t91Ttn5FIAUhjsWqGcw3cvHws.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f147.1e100.net
Software
sffe /
Resource Hash
aa3d679180d916c678e524d00bfb7dd53b67e452005218ec5aa19cc3772f1f0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 19:40:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
241926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14633
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 19:40:05 GMT
sddefault.jpg
i.ytimg.com/vi/QSN4Aae_JsQ/ Frame CB9F 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/QSN4Aae_JsQ/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGDogZShbMA8=&rs=AOn4CLAfPELD24jMGX_8u4HqqaKCgdd-AQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f119.1e100.net
Software
sffe /
Resource Hash
95d333347b2f3d5c40c18f9258c79983f53fa26fb2465b8ec5e5f966027f6294
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:11 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23426
x-xss-protection
0
server
sffe
etag
"1638564064"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 25 Sep 2023 16:52:11 GMT
truncated
/ Frame CB9F 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/png
AOPolaQyvZeFTNM4x87qC6BIP191wx2P92XXM8Dp0T7W=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CB9F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AOPolaQyvZeFTNM4x87qC6BIP191wx2P92XXM8Dp0T7W=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
fife /
Resource Hash
0c699a8e6673a9721681be6384d575ef585a97090130a56ae43af275aef46eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:25:35 GMT
x-content-type-options
nosniff
age
1596
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2963
x-xss-protection
0
server
fife
etag
"v41"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 26 Sep 2023 14:25:35 GMT
e2dfd50a-9204-439e-9a1c-6c17ca3d3f6f.js
tr.snapchat.com/config/com/ 		171 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/e2dfd50a-9204-439e-9a1c-6c17ca3d3f6f.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
f41de8ede1d2affcc5afb22672e717ba0f67de4d5ad7f51556ec8c9771d6be3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://surveys.legeropinion.com/
Origin
https://surveys.legeropinion.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google, 1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://surveys.legeropinion.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i
tr.snapchat.com/cm/ Frame 9BD9 		672 B
757 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=e2dfd50a-9204-439e-9a1c-6c17ca3d3f6f&u_scsid=47d683d9-cd43-4ece-a7e8-01a7b66a032b&u_sclid=938d2306-1a5c-43a3-8404-9d7f98b33777
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://surveys.legeropinion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html
date
Mon, 25 Sep 2023 14:52:11 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
9
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1647986675543514&ev=PageView&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1329517315%26AffSub%3D315372&rl=&if=false&ts=1695653531148&sw=1600&sh=1200&v=2.9.128&r=stable&ec=0&o=30&fbp=fb.1.1695653531146.1594849622&it=1695653530846&coo=false&rqm=GET
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.36 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-yyz1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 25 Sep 2023 14:52:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
identify_7dd78.js
analytics.tiktok.com/i18n/pixel/static/ 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.84 Hillside, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-akamai-request-id
2085805
date
Mon, 25 Sep 2023 14:52:11 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230907110722BE5A37099DEB289E3DD5
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-54-64-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01be7bceeb1c5e98927b8b7e6d9921ff22b89821d975187910558a0ac67ae19ca5d1c77dccacb1fb8a84fbed04929f837ab56f5853edbc2942e30c39df52e3e32a69b3328709820e1d83d86684be8a22bc188ab87b3ed85702bb70b20183e78783
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
35742
pixel
analytics.tiktok.com/api/v2/ 		0
647 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.84 Hillside, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://surveys.legeropinion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
208590e
date
Mon, 25 Sep 2023 14:52:11 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-64-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
server-timing
inner; dur=39, cdn-cache; desc=MISS, edge; dur=6, origin; dur=49
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230925145211CDEE5CE9DEF14366AB5B
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
49,23.54.64.148
x-tt-trace-host
0184542658679108c4dc7dc495c85107364c2136ebec7bd95f31acec81d6192db120ab72fb07799950f4411d7f73146ca5202625aeaace1af1e3f9f8d0b7322292b586dcc6a7940f920b280c8263080ee940ae1b520c61761a2bca134e31dd84a5
access-control-allow-headers
Authorization,*
expires
Mon, 25 Sep 2023 14:52:11 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CB9F 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
189b6379e65a1589a26eae562eec78fda1afae8e53515ebc0ae3a3fcd21d313a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 25 Sep 2023 14:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 25 Sep 2023 14:52:11 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame CB9F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Sep 2023 14:52:11 GMT
scevent.min.js
sc-static.net/ Frame 9BD9 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=e2dfd50a-9204-439e-9a1c-6c17ca3d3f6f&u_scsid=47d683d9-cd43-4ece-a7e8-01a7b66a032b&u_sclid=938d2306-1a5c-43a3-8404-9d7f98b33777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.129.245 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-129-245.iad61.r.cloudfront.net
Software
CloudFront /
Resource Hash
25f0d9a182b9a8883cf36f88666a255c54f4ee878e07ab76b73b6db27d2faaa9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tr.snapchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 23:41:01 GMT
content-encoding
gzip
via
1.1 f638767bb567304644b370360b61ed30.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD61-P3
age
54670
etag
0d6e407936704bd380072f5891d28b0e
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=86400, max-age=600
access-control-allow-headers
Content-Type
content-length
16649
x-amz-cf-id
fnlFJE5BYuckAw3Uls1bPqMrv9iDifRiCBQmxsnGYLSYgGMYX-21iA==
p
tr.snapchat.com/ 		68 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=e2dfd50a-9204-439e-9a1c-6c17ca3d3f6f&ev=PAGE_VIEW&intg=gtm&e_su=1&pids=e2dfd50a-9204-439e-9a1c-6c17ca3d3f6f&pl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1329517315%26AffSub%3D315372&bt=1d53c387&if=false&d_bvs=%5B%5D&huah=true&m_dcl=909&df=true&m_fcps=927&m_pi=909&m_pl=0&m_pv=2&m_rd=1958&m_sl=0&m_sh=1200&m_sw=1600&rf=&trackId=51f18cfb-0f8c-490f-b963-a5430fa423f4&ts=1695653531382&u_c1=bb70d566-912a-46d4-accc-5c53fdaa5d26&u_sclid=938d2306-1a5c-43a3-8404-9d7f98b33777&u_scsid=47d683d9-cd43-4ece-a7e8-01a7b66a032b&v=3.4.0-2309212320
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
0
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
generate_204
www.youtube.com/ Frame CB9F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?mTr4PA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 14:52:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
act
analytics.tiktok.com/api/v2/pixel/ 		0
649 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.144.84 Hillside, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-144-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://surveys.legeropinion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
2085c3b
date
Mon, 25 Sep 2023 14:52:11 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-64-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
server-timing
inner; dur=194, cdn-cache; desc=MISS, edge; dur=8, origin; dur=204
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023092514521179685C83204ACA6A4535
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
204,23.54.64.148
x-tt-trace-host
0184542658679108c4dc7dc495c85107364c2136ebec7bd95f31acec81d6192db131b1003b2270d7d8d14a52d56c55815d2a26dd1dff3edf1c3cce8011f28cbed0df2b81ac4e9d3bcf860fed34d8118f548bce2bf4d8a03a0d1095350c9f6cffd8
access-control-allow-headers
Authorization,*
expires
Mon, 25 Sep 2023 14:52:11 GMT
cast_sender.js
www.gstatic.com/eureka/clank/117/ Frame CB9F 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/117/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 16:20:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15373
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 15:05:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 25 Sep 2023 16:20:11 GMT
p
tr.snapchat.com/cm/ Frame 6A96
Redirect Chain
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1695653531524&u_scsid=2de3b4c6-8462-4e65-a7c0-a13c11d35996&u_sclid=81bc06a2-db28-42b9-92c3-3404cc27adb7
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1695433281334%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1695433281334%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1695433281334&pnid=140&pcid=6a072ee3-ff45-434c-874c-c324ac7e195a
0
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/p?rand=1695433281334&pnid=140&pcid=6a072ee3-ff45-434c-874c-c324ac7e195a
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://tr.snapchat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Mon, 25 Sep 2023 14:52:11 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
14

Redirect headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 25 Sep 2023 14:52:11 GMT
location
https://tr.snapchat.com/cm/p?rand=1695433281334&pnid=140&pcid=6a072ee3-ff45-434c-874c-c324ac7e195a
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
p
tr.snapchat.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://surveys.legeropinion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Sep 2023 14:52:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
access-control-allow-origin
https://surveys.legeropinion.com
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p
tr.snapchat.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://surveys.legeropinion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
https://surveys.legeropinion.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 25 Sep 2023 14:52:11 GMT
server
API Gateway
via
1.1 google
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1647986675543514&ev=Microdata&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1329517315%26AffSub%3D315372&rl=&if=false&ts=1695653531652&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%7B%7D%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22http%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.128&r=stable&ec=1&o=30&fbp=fb.1.1695653531146.1594849622&it=1695653530846&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: surveys.legeropinion.com
URL: https://surveys.legeropinion.com/partner-mb-leads/?affcode=maxbounty&affsub=affiliate&utm_source=&utm_medium=referral&ExternalId=1329517315&AffSub=315372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.36 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-yyz1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 25 Sep 2023 14:52:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=560984363&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1329517315%26AffSub%3D315372&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=0%20%25%20Scroll&ea=Scroll%20on%20page&el=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1329517315%26AffSub%3D315372&_u=aEDAAEABAAAAACAAI~&jid=1482746620&gjid=730852547&cid=1115244729.1695653530&tid=UA-219875071-7&_gid=1992169608.1695653530&_r=1&gtm=45He39k2n81WW698L4&z=502918824
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://surveys.legeropinion.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 14:52:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://surveys.legeropinion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW698L4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Sep 2023 13:41:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4230
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 25 Sep 2023 15:41:41 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=560984363&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1329517315%26AffSub%3D315372&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=33%20%25%20Scroll&ea=Scroll%20on%20page&el=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1329517315%26AffSub%3D315372&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1115244729.1695653530&tid=UA-219875071-7&_gid=1992169608.1695653530&gtm=45He39k2n81WW698L4&z=1335513567
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Sep 2023 18:02:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74987
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=560984363&t=timing&_s=2&dl=https%3A%2F%2Fsurveys.legeropinion.com%2Fpartner-mb-leads%2F%3Faffcode%3Dmaxbounty%26affsub%3Daffiliate%26utm_source%3D%26utm_medium%3Dreferral%26ExternalId%3D1329517315%26AffSub%3D315372&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2471&pdt=4&dns=23&rrt=473&srt=71&tcp=95&dit=909&clt=909&_gst=869&_gbt=1051&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1115244729.1695653530&tid=UA-219875071-7&_gid=1992169608.1695653530&z=1253279779
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://surveys.legeropinion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Sep 2023 18:02:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74987
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame CB9F 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f130aa11/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
X-Goog-Request-Time
1695653532904
Content-Type
application/json
X-YouTube-Utc-Offset
-420
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/QSN4Aae_JsQ?wmode=opaque
X-YouTube-Client-Version
1.20230919.12.00
X-YouTube-Time-Zone
America/Vancouver
X-Goog-Visitor-Id
CgtsaGZfX0ZsUHdPRSiavcaoBjIICgJDQRICGgA%3D
X-YouTube-Ad-Signals
dt=1695653530655&flash=0&frm=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 25 Sep 2023 14:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| ub object| module function| $ function| jQuery object| formSubmitter function| disableSubmit function| submitStatus function| nameInputValidator function| emailValidator function| passwordValidator function| errorHandling function| showError function| hideError string| GoogleAnalyticsObject function| ga object| eventTracker object| dataLayer object| notie function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| UnbounceSnowplowNamespace function| ubSnowplow object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_manager function| snaptr function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq function| onYouTubeIframeAPIReady object| _scPxHelper object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

28 Cookies

Domain/Path Name / Value
surveys.legeropinion.com/partner-mb-leads/ Name: ubpv
Value: d%2C213eeaf8-d53e-4655-ae6f-6da93ca9f4cb
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
afflat3e1.com/ Name: mb_19984_SS
Value: AF=315372&AC=1329517315&CS=1329832687
afflat3e1.com/ Name: I_SS
Value: 1329517315
afflat3e1.com/ Name: I
Value: 1329517315
afflat3e1.com/ Name: mb%5F19984
Value: AC=1329517315&CS=1329832687&AF=315372
afflat3e1.com/ Name: ASPSESSIONIDSECASSTB
Value: NLKHJFMAJEGHGCKCPNDMCCIC
surveys.legeropinion.com/ Name: ubvs
Value: d6e21f8a-2b7d-4fdd-9777-b04fa84176e4
.legeropinion.com/ Name: ubvt
Value: v2%7Cd6e21f8a-2b7d-4fdd-9777-b04fa84176e4%7C213eeaf8-d53e-4655-ae6f-6da93ca9f4cb%3Ad%3Aweighted
.legeropinion.com/ Name: _gid
Value: GA1.2.1992169608.1695653530
.legeropinion.com/ Name: _gat
Value: 1
.youtube.com/ Name: YSC
Value: kfv0J9odJSM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: lhf__FlPwOE
.legeropinion.com/ Name: _gcl_au
Value: 1.1.1870389713.1695653531
.legeropinion.com/ Name: _ga_FZD3MWNDCN
Value: GS1.1.1695653530.1.0.1695653530.60.0.0
.tiktok.com/ Name: _ttp
Value: 2VtRkCQxToJd7MUbzY4qdZuCNbl
.legeropinion.com/ Name: _scid
Value: bb70d566-912a-46d4-accc-5c53fdaa5d26
.legeropinion.com/ Name: _scid_r
Value: bb70d566-912a-46d4-accc-5c53fdaa5d26
.legeropinion.com/ Name: _fbp
Value: fb.1.1695653531146.1594849622
.legeropinion.com/ Name: _tt_enable_cookie
Value: 1
.legeropinion.com/ Name: _ttp
Value: 98WFkA0coJlNkkII4DzHomZxKEX
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwRHAIAwDsIlyFzsYAtsQ2i0Yvt/qJeYk3jGsjrY1B2yzaMgM+YOo4kXzhT7VFQrcX/0Dm2S1f0AAAAA=
.tapad.com/ Name: TapAd_TS
Value: 1695653531696
.tapad.com/ Name: TapAd_DID
Value: 6a072ee3-ff45-434c-874c-c324ac7e195a
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.legeropinion.com/ Name: _sctr
Value: 1%7C1695625200000
.legeropinion.com/ Name: _ga
Value: GA1.2.1115244729.1695653530
.legeropinion.com/ Name: _gat_UA-219875071-7
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afflat3e1.com
ajax.googleapis.com
analytics.google.com
analytics.tiktok.com
builder-assets.unbounce.com
cdnjs.cloudflare.com
connect.facebook.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.gstatic.com
fonts.ub-assets.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
pixel.tapad.com
sc-static.net
static.doubleclick.net
stats.g.doubleclick.net
surveys.legeropinion.com
tinyurl.com
tr.snapchat.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.16.125.175
104.17.25.14
13.249.90.207
142.250.31.97
142.251.111.100
142.251.163.119
142.251.163.136
142.251.163.147
142.251.163.94
142.251.167.132
142.251.167.154
172.253.115.149
172.253.115.95
172.253.122.156
172.253.122.94
172.253.62.95
172.253.63.100
172.67.1.225
18.154.230.222
23.47.144.84
3.162.129.245
3.224.141.128
31.13.80.12
31.13.80.36
34.111.113.62
35.190.43.134
54.88.121.233
69.172.200.185
99.84.160.19
99.84.160.79
042600f19909ce6a89dbd4809814f12ebe0784229938b7c9bb185c9feda98531
05fb08fd8a6b1423ce01da783ddc642f773fa028ff7a7765a7c187bdbe684be6
0ab5ad7a7ed2b911f7ae7071a31b4262988e8396ff6f1c1b22807a535bc120ce
0c699a8e6673a9721681be6384d575ef585a97090130a56ae43af275aef46eef
102020d6141eb7751a10c904bb36969ce9bc90e2e7c703a36807da569afa412d
184f263c8a0cf32ae43d5a71874448ee748057dae78d16b189355f20856d1571
189b6379e65a1589a26eae562eec78fda1afae8e53515ebc0ae3a3fcd21d313a
18b9a6d948c839722f48fac341e17e16bb2768bee077982a897eedf1535c1062
1aafb85a50093471a446a27309e9534209a957d5b7edae0c8ed2611b290e32e3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ea46e01f6fe85518c63cf7ffacb985f94fca543d3d1ab37422c88658bcccce9
21f669556102ff8a863cd6b5025672870eff5964acfc48d75dad1a444dc9f94c
23f17f989d27d0f548111dbcac3788d1a8dd0252e9e06b569b73e6a5b1b5b19e
2553eb901c3a1ef665fcf8f728a69da7f714fd7b7a472d1f252b878cf6d02b70
25f0d9a182b9a8883cf36f88666a255c54f4ee878e07ab76b73b6db27d2faaa9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15
3c34e0c0a2572b84bd84bcf322672e09a0794e47d75e24bbe5e6e77de68e69c9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
422615b7d66c56d9476d0468a809cac638fb45ac5aa027601629406dae6aa53a
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
4ff0e9c9632d564b226d5b95231ab5b6e7fcc568616a473918d779af1fb82b0e
543258d97568f5aa658e2de5726c79ab0991ae4b717858fc624ae42cbf82d8aa
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
63215488650cd849f5f3d4a8750712e3f997ef59ca16ea138253b27382dd9a0c
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6edb6844bd2fa38bd9d30f861e20e01670094339280d5d0102bc092053ed5d2f
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
814a083900a57d4247f0698dc4c4ebc204e44e3e24d481506fda5e82e0d05bab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8469c3122d71ff9edca3bdd359a7b6b9b25511c9e4787e361002a694838336a4
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
8b3a87803788cad8d50157b7b586a8e0f2ce8dd36809e3f4eb30d7dcf740823a
91a7dc14a31c8e47b24df8c1a31f77c8fe4f90240dbdfe06cc0968bc9c93282b
920a5b7f7174d9c8a379d146afc96813aed40bac8c343df07a812a1c6ef49fa7
92e2b30fffac6fdebec5a82e4f126b5e19f52b0196a6f13c7b2d63c9503b4ff4
940841057bd781047765cd03d6c66e4e0fc6c751f45fd80c4ef231b9aeb39b1b
95d333347b2f3d5c40c18f9258c79983f53fa26fb2465b8ec5e5f966027f6294
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
9ecddac114140d491be21976d6c77e19315589d24b7ab86dac1ac530393e62fa
a1c3be5efe9efa04675949486c7df2fdfe8fcba7ea8b2c211a4ed4875c7e453d
a2142d584ca9dbda1048c97653ba2a3265c9481eaee978f281bf39d288a74811
a51cb0262bff234b32859f5a254ed8ee685be9762d86a15f962294d3b4967056
a631cc8092dafae9d2ee86c0870c65ffa3c1dd16c7f7652fd27a7b361ca08040
aa3d679180d916c678e524d00bfb7dd53b67e452005218ec5aa19cc3772f1f0b
af05cea958f8b3a2c011866e55a8f1124f341775f110f21b4c27749f06165988
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
b2ec0e3cf7ee094d15ff360d2d234f687881fc82f709b54dc04fe4ab16632e18
b524513a819f1964ef791a431c5896573f945edfb128d7bdd30c069f6e65a70f
b811a69408353fcf4f79b743ceeaa31bae164882a7fd368fc3b5f34bf8863a86
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bcbacbcc05c99252bc87c7307a31bf1f6d0dbe76ee97de230577dbc0ae56cb00
be15ab27844b2a1c43f698f428f54d48c5e115b7d761977663c4ce5c68945f40
be2e4d01f03207b8da8ff584516e52c2c861e1070487caab185dabcf55d6b156
c2feaf03b14c3c11cfddc2ca9bf8f1d08bac2f6650a54433473d0afcea5add05
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce5f5aede2baa6fcafbae8430f733fc1de485d5d17d605c27e33b07bcedc1e0f
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1b474ade18a4a7f56e5ad22e1a4279a6a001b7fe9a526f91078266575adeece
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8052e8c26cbf16a0250c37f395182ead09d98db1d18f5ece8dd52095829dce7
eae164dca0034a3786e6e731514883ba4642dd9fa76ffa978def6f42c9aa4e0f
ed24bb758b8c29a3930b59272c9dbc1a7e5ca4c3eded41add3eec1293f2a6cd2
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc1b22c4a5569ce8e3ba06426b0361f6c467743afcc47af38a02560acffc98a
f41de8ede1d2affcc5afb22672e717ba0f67de4d5ad7f51556ec8c9771d6be3f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fea26df9bd53ec38b85e08faaa8bb08888870c6fa0776b584a8d5aad8c846b28
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e