www.legeropinion.com Open in urlscan Pro
40.69.96.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url5638.legeropinion.com/ls/click?upn=RwAUOFV22ob6WrGnPrhiwI4ExdbLi4jWoKJZ7vuHidn5-2BK5nci4eC-2FzTlFNxW6iEBk5lAwLCVw-2Fxc...
Effective URL:
https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Submission: On February 25 via manual (February 25th 2020, 8:26:44 pm UTC) from US

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 7 countries across 14 domains to perform 54 HTTP transactions. The main IP is 40.69.96.22, located in Québec, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.legeropinion.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 18th 2019. Valid for: 2 years.

This is the only time www.legeropinion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.54 167.89.123.54	11377 (SENDGRID) (SENDGRID)
22	40.69.96.22 40.69.96.22	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81e::2008	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	23.210.248.108 23.210.248.108	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
3	92.122.156.242 92.122.156.242	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	52.242.27.213 52.242.27.213	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.112.175 151.101.112.175	54113 (FASTLY) (FASTLY)
1	54.229.134.18 54.229.134.18	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.175 151.101.12.175	54113 (FASTLY) (FASTLY)
54	19

1 167.89.123.54 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x54.outbound-mail.sendgrid.net

url5638.legeropinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 40.69.96.22 (Québec, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.legeropinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.248.108 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-108.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.122.156.242 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-156-242.deploy.static.akamaitechnologies.com

secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.242.27.213 (Québec, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.legeropinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.134.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-134-18.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	legeropinion.com 1 redirects url5638.legeropinion.com www.legeropinion.com api.legeropinion.com	688 KB
5	livechatinc.com cdn.livechatinc.com secure.livechatinc.com	75 KB
5	google-analytics.com 1 redirects www.google-analytics.com	18 KB
4	krxd.net cdn.krxd.net beacon.krxd.net consumer.krxd.net	87 KB
4	facebook.com 1 redirects www.facebook.com	772 B
3	facebook.net connect.facebook.net	255 KB
2	google.de www.google.de	219 B
2	google.com 1 redirects www.google.com	303 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
2	googletagmanager.com www.googletagmanager.com	62 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	atdmt.com cx.atdmt.com	318 B
1	googleadservices.com www.googleadservices.com	10 KB
54	14

	Domain	Requested by
22	www.legeropinion.com	www.legeropinion.com
5	www.google-analytics.com	1 redirects www.googletagmanager.com
4	www.facebook.com	1 redirects www.legeropinion.com
3	secure.livechatinc.com	cdn.livechatinc.com
3	connect.facebook.net	www.legeropinion.com connect.facebook.net
2	cdn.krxd.net	www.legeropinion.com cdn.krxd.net
2	api.legeropinion.com	www.legeropinion.com
2	www.google.de	www.legeropinion.com
2	www.google.com	1 redirects www.legeropinion.com
2	cdn.livechatinc.com	www.legeropinion.com
2	www.googletagmanager.com	www.legeropinion.com www.googletagmanager.com
1	consumer.krxd.net	cdn.krxd.net
1	beacon.krxd.net	cdn.krxd.net
1	fonts.gstatic.com	www.legeropinion.com
1	cx.atdmt.com	www.legeropinion.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	ajax.googleapis.com	www.legeropinion.com
1	fonts.googleapis.com	www.legeropinion.com
1	url5638.legeropinion.com	1 redirects
54	21

This site contains no links.

Subject Issuer	Validity	Valid
*.legeropinion.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-18` - `2021-11-17`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.livechatinc.com DigiCert ECC Secure Server CA	`2019-02-10` - `2020-05-11`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-01-20` - `2020-04-19`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.c.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-08-23` - `2020-08-23`	a year	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Frame ID: C20AD687AA98E27D47F51D0F358E4308
Requests: 53 HTTP requests in this frame

Frame: https://secure.livechatinc.com/licence/9811255/v2/open_chat.cgi?license=9811255&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 4A4A75A5B7E62693D7EC784B79F8778B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://url5638.legeropinion.com/ls/click?upn=RwAUOFV22ob6WrGnPrhiwI4ExdbLi4jWoKJZ7vuHidn5-2BK5nci4eC-2FzTlFN... HTTP 302
https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.livechatinc\.com\/.*tracking\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

54
Requests

100 %
HTTPS

57 %
IPv6

14
Domains

21
Subdomains

19
IPs

7
Countries

1239 kB
Transfer

4283 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url5638.legeropinion.com/ls/click?upn=RwAUOFV22ob6WrGnPrhiwI4ExdbLi4jWoKJZ7vuHidn5-2BK5nci4eC-2FzTlFNxW6iEBk5lAwLCVw-2FxchH5YmSbO4XghwjjhmnZ2RbMn5hVYXdqPixreuJlhToZ1dJe3iPfBSzSWfgVeyokuEaqxGKe1A-3D-3DfHlm_r-2FJzegpM3dPSV7vyvkn8rWbXF-2FpMZJ3U9bbI2ZsXhxbac0KaRy5m7T9VGqF-2BfvGgppM-2BFJZpJSWhOkdXLjOiQ84guiP-2FUzVNqx1MqsLN1rUFbUAj1lpHn5xLEG5IZ4RcMR80nJfg5XWgUn79a3-2FQ6fapXd4Ap2mGNsWjn2fUXFv6Xanv-2BI4KTNce1AHpShvZkQlJHbP2vP15b5zClZfY9ISj1pWywrX-2FxXC3m-2BP5pZp5FgSQGVB4Qw833SnRjbB-2BQbYzbbxKBoD7UKqXOjAVdz83qeyzosj0C8-2FWVn8G7Ejl5hvl8ZuB9xl5FV5FzA1jfUc7Aw988Favwf8MkvEYpWum8PCs-2BDfYT-2BRNYbWB1CrVQI2Pxz6Ly1czatQDZk3aQgoXpwRMA81W9ZTDzb846gzZ-2Fjm5nNowSZBQryxWQYg-3D HTTP 302
https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1603591524&t=pageview&_s=1&dl=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=L%C3%A9ger%20Opinion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1649626607&gjid=1501855688&cid=696714215.1582662387&tid=UA-48838584-6&_gid=1148048276.1582662387&_r=1&gtm=2wg2c0M4N7CJF&z=1603500327 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-48838584-6&cid=696714215.1582662387&jid=1649626607&_gid=1148048276.1582662387&gjid=1501855688&_v=j81&z=1603500327 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48838584-6&cid=696714215.1582662387&jid=1649626607&_v=j81&z=1603500327 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48838584-6&cid=696714215.1582662387&jid=1649626607&_v=j81&z=1603500327&slf_rd=1&random=1728999152

Request Chain 20

https://www.facebook.com/tr/?id=1605221339538233&ev=PageView&dl=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&rl=&if=false&ts=1582662386836&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582662386811.239362508&it=1582662386772&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=10770207079556793098&f=AYwuQvPHkR0lWWN1sMRhA0qXl01TVu1Km_a9pRDNvfwmUxxGWVvF9GU8fIIRfXeS5xsb9FfFdHD4cAMVLFHHju12&id=1605221339538233&l=3&v=0

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request register Show response
www.legeropinion.com/
Redirect Chain

http://url5638.legeropinion.com/ls/click?upn=RwAUOFV22ob6WrGnPrhiwI4ExdbLi4jWoKJZ7vuHidn5-2BK5nci4eC-2FzTlFNxW6iEBk5lAwLCVw-2FxchH5YmSbO4XghwjjhmnZ2RbMn5hVYXdqPixreuJlhToZ1dJe3iPfBSzSWfgVeyokuEaqxG...
https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

2 KB
1 KB

533ms
120ms

Document
text/html

40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: a43c9c0d7b9a59be58d5876ffe3c18a0dc73ab4d66d3732faeec3c0db7d5dcd6

Request headers

Host: www.legeropinion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Feb 2020 20:26:26 GMT
Server: Apache
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
ETag: "99b-59d632f8b1920-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1139
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Server: nginx
Date: Tue, 25 Feb 2020 20:26:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
X-Robots-Tag: noindex, nofollow

GET
H2 200 css
fonts.googleapis.com/ 12 KB
937 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Requested by

Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1e84d9fcc76d16198e1a0437d161a3b34c606cac4e088d7e3d7e68061ed2618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Feb 2020 20:26:26 GMT
server: ESF
date: Tue, 25 Feb 2020 20:26:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Feb 2020 20:26:26 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 18 Jan 2020 01:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3351547
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Jan 2021 01:27:19 GMT

GET
H/1.1 200
OK styles.css
www.legeropinion.com/app/www/ 98 KB
15 KB 124ms
123ms Stylesheet
text/css 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/styles.css
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: b5f57640e3ae03d2eb4c4e6f14b4bb3ea27a98593cc0b501426e8b59ec6397d0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 25 Feb 2020 20:26:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "186e2-59d632f8abb60-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15055

GET
H/1.1 200
OK runtime.js Show response
www.legeropinion.com/app/www/ 2 KB
1 KB 353ms
121ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/runtime.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 5942cf01e0f6606ba9f58e2c25c5a8b6d76e9f3f1e8e919680cc939f09c49701

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "87c-59d632f8aabc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1088

GET
H/1.1 200
OK polyfills.js Show response
www.legeropinion.com/app/www/ 152 KB
50 KB 372ms
128ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/polyfills.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 1645c3e538b44ed65aca537bb4c8fa2ee597074946e21c48e711677c13e7ce19

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "25ee0-59d632f8abb60-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 51270

GET
H/1.1 200
OK main.js Show response
www.legeropinion.com/app/www/ 1 MB
391 KB 375ms
130ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/main.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: af7ea5ccab7ac349fc29d8dda9bd9d4eddbae02ec5bad470579f7eb289efef7c

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "17ede9-59d632f8abb60-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 66 KB
23 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M4N7CJF

Requested by

Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c0f0d7990c849d7620f32c73275900da3fe588a97a99cb693b089161bbc78a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 25 Feb 2020 20:26:26 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 23839
x-xss-protection: 0
last-modified: Tue, 25 Feb 2020 18:20:43 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Feb 2020 20:26:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
39 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6M30HP4M0T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4N7CJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a86aca61a1740974420c1bd063a0b5ec135a50eb999e35b13e322ac268549495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 25 Feb 2020 20:26:26 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 39762
x-xss-protection: 0
expires: Tue, 25 Feb 2020 20:26:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4N7CJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2055
date: Tue, 25 Feb 2020 19:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Tue, 25 Feb 2020 21:52:11 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 35ms
35ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4N7CJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 25 Feb 2020 20:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 9478280665056484852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Feb 2020 20:26:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: L9ARL/Wwjfr7rJMyVai4UyF9iyQdiomPN/WSfCkmwL3O6gGA3BT1pli+6koinTq5/4flQdQj4HZPEGzBTN9+iA==
x-fb-trip-id: 1850256238
date: Tue, 25 Feb 2020 20:26:26 GMT, Tue, 25 Feb 2020 20:26:26 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tracking.js Show response
cdn.livechatinc.com/ 215 KB
59 KB 92ms
38ms Script
application/javascript 23.210.248.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.248.108 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-108.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0c8138cabf60812665788a3b032d26cc672f9d3bbe6d3bec32c85ab4e2b2edf8

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: cJJVMKOg.6SKMaMeHThHmd4WB8DKdUF6
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 11:19:25 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Date: Tue, 25 Feb 2020 20:26:26 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=28800
Connection: keep-alive
Content-Length: 59900
X-Amz-Cf-Id: XgDk5Hisa0eVIHW502c2BO2INK6au4aGvJISqyt8xxCDNemPqPeTEw==
Expires: Wed, 26 Feb 2020 04:26:26 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1603591524&t=pageview&_s=1&dl=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-48838584-6&cid=696714215.1582662387&jid=1649626607&_gid=1148048276.1582662387&gjid=1501855688&_v=j81&z=1603500327
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48838584-6&cid=696714215.1582662387&jid=1649626607&_v=j81&z=1603500327
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48838584-6&cid=696714215.1582662387&jid=1649626607&_v=j81&z=1603500327&slf_rd=1&random=1728999152

42 B
109 B

19ms
19ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48838584-6&cid=696714215.1582662387&jid=1649626607&_v=j81&z=1603500327&slf_rd=1&random=1728999152

Requested by

Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Feb 2020 20:26:26 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Feb 2020 20:26:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48838584-6&cid=696714215.1582662387&jid=1649626607&_v=j81&z=1603500327&slf_rd=1&random=1728999152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 423163728521665 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/423163728521665?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d224f2c6d67bba4f65cd612c95498a021b4786f7cf54f8967c8f170990cd7d73

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114962
x-xss-protection: 0
pragma: public
x-fb-debug: vAueI0MbKc8+ULAYStfSBLiuoX82AllFNcL2STodGdRLuAK9p6AsR9XarTjI+quwa2MhdhMsFTzhd9TLsG9WAA==
x-fb-trip-id: 1850256238
date: Tue, 25 Feb 2020 20:26:26 GMT, Tue, 25 Feb 2020 20:26:26 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/g/ 35 B
133 B 13ms
12ms Other
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/g/collect?v=2&tid=G-6M30HP4M0T&gtm=2oe2c0&_p=1603591524&sr=1600x1200&ul=en-us&cid=696714215.1582662387&_s=1&en=page_view&_fv=2&_ss=2&dl=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&dr=&dt=L%C3%A9ger%20Opinion&sid=1582662386&sct=1&seg=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6M30HP4M0T&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Origin: https://www.legeropinion.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Feb 2020 20:26:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: https://www.legeropinion.com
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/713250302/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/713250302/?random=1582662386790&cv=9&fst=1582662386790&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&tiba=L%C3%A9ger%20Opinion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2084666243a2e5d456de3c164d4fe9800ce76fb56a5ce6c6e1461ee477b759a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Tue, 25 Feb 2020 20:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1044
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1605221339538233 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1605221339538233?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8056b32aa5d9b7ea3d095a06966356eff4c4468e8063a95694462dcd42266661

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 115040
x-xss-protection: 0
pragma: public
x-fb-debug: bzPNxlxSduE0pukZM5e3E6zf+cWLFTMarH/HstoR0/9Ee7Ekd+/DIVC4DzooyQWqWUzQjLEWteT5qbt/nO33Vg==
x-fb-trip-id: 1850256238
date: Tue, 25 Feb 2020 20:26:26 GMT, Tue, 25 Feb 2020 20:26:26 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
253 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=423163728521665&ev=PageView&dl=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&rl=&if=false&ts=1582662386812&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1582662386811.239362508&it=1582662386772&coo=false&rqm=GET

Requested by

Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 25 Feb 2020 20:26:26 GMT, Tue, 25 Feb 2020 20:26:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 25 Feb 2020 20:26:26 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/713250302/ 42 B
117 B 22ms
22ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/713250302/?random=1582662386790&cv=9&fst=1582660800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&tiba=L%C3%A9ger%20Opinion&async=1&fmt=3&is_vtc=1&random=3309417370&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 25 Feb 2020 20:26:26 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/713250302/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/713250302/?random=1582662386790&cv=9&fst=1582660800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&tiba=L%C3%A9ger%20Opinion&async=1&fmt=3&is_vtc=1&random=3309417370&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 25 Feb 2020 20:26:26 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1605221339538233&ev=PageView&dl=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&rl=&if=false&ts=158266...
https://cx.atdmt.com/?c=10770207079556793098&f=AYwuQvPHkR0lWWN1sMRhA0qXl01TVu1Km_a9pRDNvfwmUxxGWVvF9GU8fIIRfXeS5xsb9FfFdHD4cAMVLFHHju12&id=1605221339538233&l=3&v=0

42 B
318 B

39ms
39ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=10770207079556793098&f=AYwuQvPHkR0lWWN1sMRhA0qXl01TVu1Km_a9pRDNvfwmUxxGWVvF9GU8fIIRfXeS5xsb9FfFdHD4cAMVLFHHju12&id=1605221339538233&l=3&v=0
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 25 Feb 2020 20:26:26 GMT, Tue, 25 Feb 2020 20:26:26 GMT, Tue, 25 Feb 2020 20:26:26 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-24=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 25 Feb 2020 20:26:26 GMT, Tue, 25 Feb 2020 20:26:26 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=10770207079556793098&f=AYwuQvPHkR0lWWN1sMRhA0qXl01TVu1Km_a9pRDNvfwmUxxGWVvF9GU8fIIRfXeS5xsb9FfFdHD4cAMVLFHHju12&id=1605221339538233&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-24=":443"; ma=3600
content-length: 0
expires: 0

GET
H/1.1 200
OK get_dynamic_config.js Show response
secure.livechatinc.com/licence/9811255/v2/ 1 KB
2 KB 314ms
179ms Script
application/javascript 92.122.156.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/9811255/v2/get_dynamic_config.js?t=1582662386858&referrer=&url=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&params=&channel_type=code&jsonp=__lc_data_983936
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 92.122.156.242 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-156-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ffe3376cf057af2c3b44f00fad554faf50330c27ba30fbb900223fde8343fecb

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Expose-Headers: X-RateLimit-Remaining, X-RateLimit-Reset
Cache-Control: max-age=0, no-cache, no-store
X-RateLimit-Reset: 1582662391
X-RateLimit-Remaining: 4997
Connection: keep-alive
Content-Length: 547
Expires: Tue, 25 Feb 2020 20:26:27 GMT

GET
H/1.1 200
OK get_static_config.0.214.5.5.3933.223.237.183.10.8.5.7.17.js Show response
secure.livechatinc.com/licence/9811255/v2/ 7 KB
3 KB 103ms
102ms Script
application/javascript 92.122.156.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/9811255/v2/get_static_config.0.214.5.5.3933.223.237.183.10.8.5.7.17.js?&jsonp=__lc_data_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 92.122.156.242 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-156-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7cc7a495b2c4b27c82e967a68b0563061b22afb623934e972990158f4a59156f

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS, POST
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://api.chat.io
Access-Control-Expose-Headers: location
Cache-Control: public, max-age=486
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type, accept
Content-Length: 2140
Expires: Tue, 25 Feb 2020 20:34:33 GMT

GET
H/1.1 200
OK open_chat.cgi
secure.livechatinc.com/licence/9811255/v2/ Frame 4A4A 0
0 198ms
198ms Document
text/html 92.122.156.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/9811255/v2/open_chat.cgi?license=9811255&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 92.122.156.242 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-156-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: secure.livechatinc.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: __livechat=lc_all_invitation%3D0%26lc_auto_invites_shown%3D%26lc_chat_number%3D0%26lc_client_version%3D%26lc_goals_achieved%3D%26lc_integration_params%3D%26lc_lang%3Den%26lc_last_chat_start_time%3D0%26lc_last_conference_id%3D%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_last_operator_key_per_skill%3D%26lc_last_operator_per_skill%3D%26lc_last_visit%3D1582662387%26lc_nick%3D%26lc_ok_invitation%3D0%26lc_page_view%3D0%26lc_session%3DS1582662387.18dcbd644f%26lc_visit_number%3D0%26mcid%3D%26mcid_done%3D0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

Response headers

Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Tue, 25 Feb 2020 20:26:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Length: 1500
Connection: keep-alive

GET
H2 200 /
www.facebook.com/tr/ 44 B
152 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=423163728521665&ev=Microdata&dl=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&rl=&if=false&ts=1582662387344&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22L%C3%A9ger%20Opinion%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22L%C3%A9ger%20Opinion%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1582662386811.239362508&it=1582662386772&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 25 Feb 2020 20:26:27 GMT, Tue, 25 Feb 2020 20:26:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 25 Feb 2020 20:26:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
106 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1605221339538233&ev=Microdata&dl=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&rl=&if=false&ts=1582662387345&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22L%C3%A9ger%20Opinion%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22L%C3%A9ger%20Opinion%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582662386811.239362508&it=1582662386772&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 25 Feb 2020 20:26:27 GMT, Tue, 25 Feb 2020 20:26:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 25 Feb 2020 20:26:27 GMT

GET
H/1.1 200
OK common.js Show response
www.legeropinion.com/app/www/ 62 KB
16 KB 123ms
123ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/common.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/runtime.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 6b8b243f034b63ee14c4d65920862815ef5b07602ed53c64695ef3f707957852

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "f732-59d632f8aabc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15675

GET
H/1.1 200
OK 63.js Show response
www.legeropinion.com/app/www/ 27 KB
7 KB 122ms
122ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/63.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/runtime.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 807597e403e40742807380208525769bef2b80af6cde2387ee5fb36bb4f5341a

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "6a40-59d632f8acb00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7214

GET
H/1.1 200
OK EN.json Show response
www.legeropinion.com/app/www/assets/i18n/ 28 KB
28 KB 121ms
121ms XHR
application/json 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/assets/i18n/EN.json
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: e22b15455e72cabadc20936879764d4eb47039f0412b8d98fb1395eacadf8960

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "6eaf-59d632f8af9e0"
Content-Type: application/json
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 28335

GET
H/1.1 200
OK 3.js Show response
www.legeropinion.com/app/www/ 342 KB
75 KB 130ms
129ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/3.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/runtime.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: a90c882245d42372deaa23aeafa2d0de047fd1a1a9015fd9dc6437d184a2b5c8

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "55613-59d632f8aabc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK 51.js Show response
www.legeropinion.com/app/www/ 47 KB
8 KB 242ms
121ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/51.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/runtime.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 6469f6ecc39a78e7ebd5775ee1905e25c928e67c85ad125fc68df927a37a3a40

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "bd74-59d632f8acb00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8026

GET
H/1.1 200
OK 49.js Show response
www.legeropinion.com/app/www/ 11 KB
3 KB 240ms
120ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/49.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/runtime.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: ee30d6cae9368a10a5a7eed6b88da760460edb7d91f8b5a2ffa5743e1f795485

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "2a2e-59d632f8abb60-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2749

GET
H/1.1 200
OK leo-logo.png
www.legeropinion.com/app/www/assets/images/ 2 KB
2 KB 230ms
120ms Image
image/png 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.legeropinion.com/app/www/assets/images/leo-logo.png
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 6301aa95ca1ecabd30b6f8533f71edaaeb9d0acc2ff7cba7bc9a0ac48b30c199

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "859-59d632f8b0980"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2137

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Origin: https://www.legeropinion.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 19:10:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2855756
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 22 Jan 2021 19:10:31 GMT

GET
H/1.1 200
OK 18.js Show response
www.legeropinion.com/app/www/ 2 KB
1 KB 231ms
121ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/18.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/runtime.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 868e3b88bfc9881f27b14b502283484971997dc4e1ed5c72fdee11b1d1bbd76a

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "826-59d632f8abb60-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 914

GET
H/1.1 200
OK 12.js Show response
www.legeropinion.com/app/www/ 851 B
765 B 134ms
122ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/12.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/runtime.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 6463fe053f159cdffbf26519fb4ff34d18c1602ae65eb1878c17d5f848425726

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "353-59d632f8abb60-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 431

GET
H/1.1 200
OK / Show response
www.legeropinion.com/api/app-version/undefined/ 22 B
311 B 127ms
127ms XHR
application/json 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/api/app-version/undefined/
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: ee90c8f90af6526c2e798ba378fdd35dd8e9cca061858348fbe27543d5ac38d3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Feb 2020 20:26:28 GMT
Server: Apache
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: Keep-Alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 22
Keep-Alive: timeout=5, max=99

OPTIONS
H/1.1 200
OK API.API Show response
api.legeropinion.com/ 0
315 B 679ms
129ms XHR
text/plain 52.242.27.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.legeropinion.com/API.API
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.242.27.213 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.legeropinion.com
Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: apikey,content-type

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 25 Feb 2020 20:26:28 GMT
Access-Control-Allow-Headers: apikey,content-type
X-Powered-By: ASP.NET
Content-Length: 0

GET
H/1.1 200
OK 7.js Show response
www.legeropinion.com/app/www/ 604 B
733 B 120ms
120ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/7.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/runtime.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 54a7b9e71db965a0a6f5b4cc3ae9e571ad1ce72feda217132c1406e52b7bb2b5

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "25c-59d632f8aabc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 400

GET
H/1.1 200
OK 71.js Show response
www.legeropinion.com/app/www/ 15 KB
4 KB 121ms
120ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/71.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/runtime.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 64657bddf2fee8c6f20d8fc2dbefa1802b1959eaaaec39bd4a927067279e7db9

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "3ab4-59d632f8acb00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4272

GET
H/1.1 200
OK leo-logo-red.svg
www.legeropinion.com/app/www/assets/images/ 2 KB
2 KB 121ms
121ms Image
image/svg+xml 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.legeropinion.com/app/www/assets/images/leo-logo-red.svg
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: d72a1a93ec3a77c2d74e3c9964c8bde7853de5aa231bbd3356f7d66fc6663d88

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 25 Feb 2020 20:26:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "9a4-59d632f8b0980-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1334

GET
H/1.1 200
OK roboto-light-webfont.woff
www.legeropinion.com/app/www/ 25 KB
25 KB 121ms
120ms Font
application/font-woff 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/roboto-light-webfont.woff
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 1dd1a2af3cc93b46b276f7e9028074e8417e5727b6c01609fc970617f0ccb6ad

Request headers

Referer: https://www.legeropinion.com/app/www/styles.css
Origin: https://www.legeropinion.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Feb 2020 20:26:28 GMT
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "647c-59d632f8aabc0"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 25724

GET
H/1.1 200
OK robotocondensed-regular-webfont.woff
www.legeropinion.com/app/www/ 26 KB
26 KB 121ms
120ms Font
application/font-woff 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/robotocondensed-regular-webfont.woff
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 3e4878b777d5483461a802f8358279070c87574ca8bafb11b8858417605dd244

Request headers

Referer: https://www.legeropinion.com/app/www/styles.css
Origin: https://www.legeropinion.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Feb 2020 20:26:28 GMT
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "66f8-59d632f8aabc0"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 26360

GET
H/1.1 200
OK roboto-regular-webfont.woff
www.legeropinion.com/app/www/ 26 KB
26 KB 177ms
120ms Font
application/font-woff 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/roboto-regular-webfont.woff
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: ee6c751fd4b9160877aa068ba6b5d7336036387548f15ef62eb3b29e009b8223

Request headers

Referer: https://www.legeropinion.com/app/www/styles.css
Origin: https://www.legeropinion.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Feb 2020 20:26:28 GMT
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "66e8-59d632f8aabc0"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 26344

GET
H/1.1 200
OK 111.js Show response
www.legeropinion.com/app/www/ 3 KB
1 KB 120ms
120ms Script
application/javascript 40.69.96.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legeropinion.com/app/www/111.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/app/www/runtime.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.69.96.22 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 131dde170ae8d818911d31b227926ef2045b8ffd1f3da85158a97416f617fccc

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 22:43:28 GMT
Server: Apache
ETag: "daf-59d632f8adaa0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1132

GET
H/1.1 200
OK uemnm0tdg.js Show response
cdn.krxd.net/controltag/ 20 KB
6 KB 62ms
20ms Script
text/javascript 151.101.112.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/uemnm0tdg.js
Requested by: Host: www.legeropinion.com
URL: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 69240d3c0ff9ee074fa1f4cf4e1c6b87ffcde5c90e22f89e64a515c1a5ccff00

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
Date: Tue, 25 Feb 2020 20:26:28 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 673
X-Cache: MISS, HIT, HIT
X-App-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5777
X-Served-By: config-service-a002-ash-prod.krxd.net, cache-iad2120-IAD, cache-hhn4036-HHN
X-Response-Time: 1
X-Do-Esi: esi
X-Timer: S1582662388.455165,VS0,VE0
ETag: "df5bff119e50b21374c78a08b56e23f40f114665"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=1200
Accept-Ranges: bytes
X-Age: 0
X-Cache-Hits: 0, 2, 1

GET
H/1.1 200
OK controltag.js.cee73ba6ab74e5caa8092ae34993bbaa Show response
cdn.krxd.net/ctjs/ 249 KB
80 KB 21ms
20ms Script
application/javascript 151.101.112.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.cee73ba6ab74e5caa8092ae34993bbaa
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/uemnm0tdg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 068bed61e83437f5e2d270cba661153f7912233b984631298cdd5ea1a2bb7fa2

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date: Tue, 25 Feb 2020 20:26:28 GMT
Content-Encoding: gzip
Age: 3993032
X-Cache: HIT
Connection: keep-alive
Content-Length: 81273
X-Served-By: cache-hhn4036-HHN
Last-Modified: Thu, 02 Jan 2020 17:46:59 GMT
X-Timer: S1582662388.479096,VS0,VE0
ETag: "cee73ba6ab74e5caa8092ae34993bbaa"
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Sun, 30 Dec 2029 17:46:58 GMT
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
X-Cache-Hits: 1009252

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1603591524&t=pageview&_s=1&dl=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=Sign%20up%20to%20LEO!%20Get%20Paid%20for%20Your%20Opinion!%20-%20Leger%20Opinion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEAB~&jid=&gjid=&cid=696714215.1582662387&tid=UA-48838584-6&_gid=1148048276.1582662387&gtm=2wg2c0M4N7CJF&z=1151470225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 19:56:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1816195
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 62 B
221 B 37ms
37ms Script
text/javascript 54.229.134.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.quebecor.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.cee73ba6ab74e5caa8092ae34993bbaa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.134.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-134-18.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2e81cd7c3c0ffdbe5f299f8edcc47fd34a5a8bb90cecca44f0bf852ab2c33d3

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Tue, 25 Feb 2020 20:26:28 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=28 t=1582662388
x-served-by: beacon-n020-dub-prod.krxd.net
content-type: text/javascript

GET
H/1.1 206
Partial Content new_message.a37211a6.ogg
cdn.livechatinc.com/widget/static/media/ 11 KB
12 KB 27ms
26ms Media
application/octet-stream 23.210.248.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/media/new_message.a37211a6.ogg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.248.108 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-108.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Sec-Fetch-Dest: audio
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: zRdEy7iD0zUuwnU_iwMvYg5i5CX4xJxN
Last-Modified: Thu, 27 Jun 2019 11:06:23 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "a37211a6cfcda45352d5abcff1e446bb"
Content-Type: application/octet-stream
Content-Range: bytes 0-11403/11404
Cache-Control: max-age=31536000
Date: Tue, 25 Feb 2020 20:26:28 GMT
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 11404
X-Amz-Cf-Id: KkHBfAT3my9xEMzowpNekVwwNNdbpCoZlNSNzozzSpjNHQJsNHPKNQ==
Expires: Wed, 24 Feb 2021 20:26:28 GMT

GET
H/1.1 200
OK 11cd67da-8dba-447b-81d2-8a70f433cb4e Show response
consumer.krxd.net/consent/get/ 236 B
614 B 96ms
50ms Script
text/javascript 151.101.12.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/11cd67da-8dba-447b-81d2-8a70f433cb4e?idt=device&dt=kxcookie&callback=Krux.ns.quebecor.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.cee73ba6ab74e5caa8092ae34993bbaa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 580145be2d2600c24cba45f1c60ba9c3f2fbd735866fe10744421e470b0dd0d5

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 25 Feb 2020 20:26:28 GMT
Via: 1.1 varnish
Age: 0
X-Timer: S1582662389.697340,VS0,VE25
Vary: Accept-Encoding
X-Cache: MISS, MISS
Content-Type: text/javascript; charset=UTF-8
Cache-Control: max-age=1800
X-Cache-Hits: 0, 0
Connection: keep-alive
Accept-Ranges: bytes
Content-Encoding: gzip
X-Age: 0
Content-Length: 188
X-Served-By: consumer-a004-dub-prod.krxd.net, cache-fra19180-FRA

POST
H/1.1 200
OK API.API Show response
api.legeropinion.com/ 173 B
907 B 974ms
974ms XHR
text/html 52.242.27.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.legeropinion.com/API.API
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.242.27.213 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eb28ecdc27935530be01fe2d0dd331f79c600c687222081d9024cb4ecf38791d

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Origin: https://www.legeropinion.com
APIKEY: 9A12FF8F-3C4B-4E4F-AD3E-85CD6454303C
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 25 Feb 2020 20:26:29 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
APISecurityToken: 3BCF4917EF59770B25C3EAD8BA739DBD982B2D75225DC99605142253137DB0B4525E5FCB4F92B0C7D7E34D349D342D97F304617AF0985D542D622D8340A5BC056786A3D3E1025036C2406DADF04F4F8B77663E95B6652010
Cache-Control: private
Content-Length: 277

POST
H2 200 collect
www.google-analytics.com/g/ 35 B
111 B 13ms
13ms Other
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/g/collect?v=2&tid=G-6M30HP4M0T&gtm=2oe2c0&_p=1603591524&sr=1600x1200&ul=en-us&cid=696714215.1582662387&_s=2&en=scroll&_et=1625&epn.percent_scrolled=90&dl=https%3A%2F%2Fwww.legeropinion.com%2Fregister%3FAffCode%3D2020%26utm_source%3Doutreach_en%26utm_medium%3Demail&dr=&dt=Sign%20up%20to%20LEO!%20Get%20Paid%20for%20Your%20Opinion!%20-%20Leger%20Opinion&sid=1582662386&sct=1&seg=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6M30HP4M0T&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.legeropinion.com/register?AffCode=2020&utm_source=outreach_en&utm_medium=email
Origin: https://www.legeropinion.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Feb 2020 20:26:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: https://www.legeropinion.com
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.livechatinc.com/licence/9811255	1970-01-20 10:37:42	Name: __livechat Value: lc_all_invitation%3D0%26lc_auto_invites_shown%3D%26lc_chat_number%3D0%26lc_client_version%3D%26lc_goals_achieved%3D%26lc_integration_params%3D%26lc_lang%3Den%26lc_last_chat_start_time%3D0%26lc_last_conference_id%3D%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_last_operator_key_per_skill%3D%26lc_last_operator_per_skill%3D%26lc_last_visit%3D1582662387%26lc_nick%3D%26lc_ok_invitation%3D0%26lc_page_view%3D0%26lc_session%3DS1582662387.18dcbd644f%26lc_visit_number%3D0%26mcid%3D%26mcid_done%3D0
.legeropinion.com/	1970-01-19 09:47:18	Name: _fbp Value: fb.1.1582662386811.239362508
.legeropinion.com/	1970-01-20 01:08:54	Name: _ga_6M30HP4M0T Value: GS1.1.1582662386.1.0.1582662386.0
.legeropinion.com/	1970-01-20 01:08:54	Name: _ga Value: GA1.1.696714215.1582662387
.legeropinion.com/	1970-01-19 07:37:42	Name: _gat_UA-48838584-6 Value: 1
.legeropinion.com/	1970-01-19 07:39:08	Name: _gid Value: GA1.2.1148048276.1582662387

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.legeropinion.com/app/www/main.js(Line 1) Message: Native: tried calling Keyboard.setResizeMode, but Cordova is not available. Make sure to include cordova.js or run in a device/simulator
console-api	warning	URL: https://www.legeropinion.com/app/www/main.js(Line 1) Message: [DEPRECATED][CSS] Ionic CSS attributes are deprecated. Replace: '<ion-content padding>' With: '<ion-content class="ion-padding">'
console-api	error	URL: https://www.legeropinion.com/app/www/main.js(Line 1) Message: ERROR TypeError: Cannot read property 'split' of undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.legeropinion.com
beacon.krxd.net
cdn.krxd.net
cdn.livechatinc.com
connect.facebook.net
consumer.krxd.net
cx.atdmt.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
secure.livechatinc.com
stats.g.doubleclick.net
url5638.legeropinion.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.legeropinion.com
151.101.112.175
151.101.12.175
167.89.123.54
172.217.21.194
23.210.248.108
2a00:1450:4001:800::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:819::200a
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::2008
2a00:1450:400c:c0a::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
40.69.96.22
52.242.27.213
54.229.134.18
92.122.156.242
068bed61e83437f5e2d270cba661153f7912233b984631298cdd5ea1a2bb7fa2
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c8138cabf60812665788a3b032d26cc672f9d3bbe6d3bec32c85ab4e2b2edf8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
131dde170ae8d818911d31b227926ef2045b8ffd1f3da85158a97416f617fccc
1645c3e538b44ed65aca537bb4c8fa2ee597074946e21c48e711677c13e7ce19
1c0f0d7990c849d7620f32c73275900da3fe588a97a99cb693b089161bbc78a7
1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d
1dd1a2af3cc93b46b276f7e9028074e8417e5727b6c01609fc970617f0ccb6ad
2084666243a2e5d456de3c164d4fe9800ce76fb56a5ce6c6e1461ee477b759a6
3e4878b777d5483461a802f8358279070c87574ca8bafb11b8858417605dd244
54a7b9e71db965a0a6f5b4cc3ae9e571ad1ce72feda217132c1406e52b7bb2b5
580145be2d2600c24cba45f1c60ba9c3f2fbd735866fe10744421e470b0dd0d5
5942cf01e0f6606ba9f58e2c25c5a8b6d76e9f3f1e8e919680cc939f09c49701
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6301aa95ca1ecabd30b6f8533f71edaaeb9d0acc2ff7cba7bc9a0ac48b30c199
6463fe053f159cdffbf26519fb4ff34d18c1602ae65eb1878c17d5f848425726
64657bddf2fee8c6f20d8fc2dbefa1802b1959eaaaec39bd4a927067279e7db9
6469f6ecc39a78e7ebd5775ee1905e25c928e67c85ad125fc68df927a37a3a40
69240d3c0ff9ee074fa1f4cf4e1c6b87ffcde5c90e22f89e64a515c1a5ccff00
6b8b243f034b63ee14c4d65920862815ef5b07602ed53c64695ef3f707957852
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7cc7a495b2c4b27c82e967a68b0563061b22afb623934e972990158f4a59156f
8056b32aa5d9b7ea3d095a06966356eff4c4468e8063a95694462dcd42266661
807597e403e40742807380208525769bef2b80af6cde2387ee5fb36bb4f5341a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
868e3b88bfc9881f27b14b502283484971997dc4e1ed5c72fdee11b1d1bbd76a
a43c9c0d7b9a59be58d5876ffe3c18a0dc73ab4d66d3732faeec3c0db7d5dcd6
a86aca61a1740974420c1bd063a0b5ec135a50eb999e35b13e322ac268549495
a90c882245d42372deaa23aeafa2d0de047fd1a1a9015fd9dc6437d184a2b5c8
af7ea5ccab7ac349fc29d8dda9bd9d4eddbae02ec5bad470579f7eb289efef7c
b5f57640e3ae03d2eb4c4e6f14b4bb3ea27a98593cc0b501426e8b59ec6397d0
d1e84d9fcc76d16198e1a0437d161a3b34c606cac4e088d7e3d7e68061ed2618
d224f2c6d67bba4f65cd612c95498a021b4786f7cf54f8967c8f170990cd7d73
d2e81cd7c3c0ffdbe5f299f8edcc47fd34a5a8bb90cecca44f0bf852ab2c33d3
d72a1a93ec3a77c2d74e3c9964c8bde7853de5aa231bbd3356f7d66fc6663d88
e22b15455e72cabadc20936879764d4eb47039f0412b8d98fb1395eacadf8960
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb28ecdc27935530be01fe2d0dd331f79c600c687222081d9024cb4ecf38791d
ee30d6cae9368a10a5a7eed6b88da760460edb7d91f8b5a2ffa5743e1f795485
ee6c751fd4b9160877aa068ba6b5d7336036387548f15ef62eb3b29e009b8223
ee90c8f90af6526c2e798ba378fdd35dd8e9cca061858348fbe27543d5ac38d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffe3376cf057af2c3b44f00fad554faf50330c27ba30fbb900223fde8343fecb

www.legeropinion.com Open in urlscan Pro 40.69.96.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

57 %IPv6

14 Domains

21 Subdomains

19 IPs

7 Countries

1239 kBTransfer

4283 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.legeropinion.com Open in urlscan Pro
40.69.96.22 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

57 %
IPv6

14
Domains

21
Subdomains

19
IPs

7
Countries

1239 kB
Transfer

4283 kB
Size

6
Cookies

54 HTTP transactions
0 data transactions