survey.freedommobile.ca Open in urlscan Pro
34.160.106.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.e.freedommobile.ca/?qs=fc3c4a87a344f47d6c1f7ec6e9619f408717835d786315b8c2e6cbc4c4b36f0c6f9156d21c002b5c4c903e968934...
Effective URL:
https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil...
Submission: On October 18 via manual (October 18th 2023, 7:14:06 pm UTC) from CH — Scanned from CA

Summary HTTP 19 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 34.160.106.156, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is survey.freedommobile.ca.
TLS certificate: Issued by GTS CA 1D4 on August 25th 2023. Valid for: 3 months.

This is the only time survey.freedommobile.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.17.32.131 128.17.32.131	14340 (SALESFORCE) (SALESFORCE)
2 15	34.160.106.156 34.160.106.156	15169 (GOOGLE) (GOOGLE)
2	104.22.72.81 104.22.72.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.122.95 172.253.122.95	15169 (GOOGLE) (GOOGLE)
3	142.251.16.94 142.251.16.94	15169 (GOOGLE) (GOOGLE)
19	5

1 128.17.32.131 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: rx131.mta.exacttarget.com

click.e.freedommobile.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.160.106.156 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 156.106.160.34.bc.googleusercontent.com

survey.freedommobile.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.72.81 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	freedommobile.ca 3 redirects click.e.freedommobile.ca survey.freedommobile.ca	716 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	jotfor.ms cdn.jotfor.ms — Cisco Umbrella Rank: 23058	66 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
19	4

	Domain	Requested by
15	survey.freedommobile.ca	2 redirects survey.freedommobile.ca
3	fonts.gstatic.com	fonts.googleapis.com
2	cdn.jotfor.ms	survey.freedommobile.ca cdn.jotfor.ms
1	fonts.googleapis.com	survey.freedommobile.ca
1	click.e.freedommobile.ca	1 redirects
19	5

This site contains links to these domains. Also see Links.

Domain
www.freedommobile.ca
frdm.mobi

Subject Issuer	Validity	Valid
survey.freedommobile.ca GTS CA 1D4	`2023-08-25` - `2023-11-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-10` - `2024-02-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
Frame ID: F87BA787D9279B81B05799A8C30FFBB7
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Customer Researchquotequotequote

Page URL History Show full URLs

https://click.e.freedommobile.ca/?qs=fc3c4a87a344f47d6c1f7ec6e9619f408717835d786315b8c2e6cbc4c4b36f0c6f9156d2... HTTP 302
https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfe... Page URL

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Page Statistics

19
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

829 kB
Transfer

2411 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.freedommobile.ca/en-CA/contact-us-menu/live-message
Title: https://www.freedommobile.ca/en-CA/contact-us-menu/live-message

Search URL Search Domain Scan URL

URL: https://frdm.mobi/WhatsApp
Title: https://frdm.mobi/WhatsApp

Search URL Search Domain Scan URL

URL: https://frdm.mobi/AppleBusinessChat
Title: https://frdm.mobi/AppleBusinessChat

Search URL Search Domain Scan URL

URL: https://www.freedommobile.ca/en-CA/contact-us/?lp_offsite=%7B%22type%22%3A0%2C%22campaignId%22%3A1741593430%2C%22engagementId%22%3A1741593730%2C%22contextId%22%3A%222ceee370-f75e-4e62-aba0-d0a23cb70dde%22%2C%22accountId%22%3A%2236364210%22%2C%22webView%22%3Afalse%7D
Title: Web Messaging

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.e.freedommobile.ca/?qs=fc3c4a87a344f47d6c1f7ec6e9619f408717835d786315b8c2e6cbc4c4b36f0c6f9156d21c002b5c4c903e968934ce6ebf3215f6a06b1d4d HTTP 302
https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://survey.freedommobile.ca/uploads/ssoldatenkov/form_files/Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png HTTP 302
https://survey.freedommobile.ca/ent-d769/ssoldatenkov/form_files/Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png?md5=J9tscUCt5-2MFhtG1rMmtA&expires=1697656450

Request Chain 19

https://survey.freedommobile.ca/uploads/ssoldatenkov/form_files/Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png HTTP 302
https://survey.freedommobile.ca/ent-d769/ssoldatenkov/form_files/Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png?md5=JlDDAEJV2RKkHDqDdDR92w&expires=1697656451

19 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 200124215294039 Show response
survey.freedommobile.ca/
Redirect Chain

https://click.e.freedommobile.ca/?qs=fc3c4a87a344f47d6c1f7ec6e9619f408717835d786315b8c2e6cbc4c4b36f0c6f9156d21c002b5c4c903e968934ce6ebf3215f6a06b1d4d
https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad

292 KB
31 KB

129ms
75ms

Document
text/html

34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.106.160.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6fad029fbaff4253cd8b761ae008b981dfd87a8e9c177c544f2889cb362d39f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-encoding: gzip
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.jotfor.ms; report-uri /opt/csp-violation-report.php
content-type: text/html; charset=UTF-8
date: Wed, 18 Oct 2023 19:14:00 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
global-router: true
jf-trace-id: 60f18daa89434ba4
last-modified: Wed, 18 Oct 2023 19:14:00 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
via: 1.1 google
x-form-cache: MISS-APP

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 319
Content-Type: text/html; charset=utf-8
Date: Wed, 18 Oct 2023 19:13:59 GMT
Location: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad

GET
H2 200 default.css
survey.freedommobile.ca/stylebuilder/ 301 KB
57 KB 82ms
80ms Stylesheet
text/css 34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.freedommobile.ca/stylebuilder/default.css?d6ae424

Requested by

Host: survey.freedommobile.ca
URL: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.106.160.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

9d3c9a45888f6eb7afc5048e4f594646cc6e5b21c8475e56a33858901f5b7e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:00 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
via: 1.1 google
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.jotfor.ms; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
jf-trace-id: 43d2dc9b07c3a70f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Wed, 18 Oct 2023 19:14:00 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 style.css
survey.freedommobile.ca/stylebuilder/200124215294039/ 42 KB
10 KB 737ms
736ms Stylesheet
text/css 34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.freedommobile.ca/stylebuilder/200124215294039/style.css?themeID=5e1c905aef182501f64643f1&smartEmbed=1&v=5798e0617960c168d1a5bf75e30189e2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.106.160.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

dabdffe174e787008bd89ffbbf74ea37d32dc1aee581a76c2c50ec656cc8b51a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:01 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
via: 1.1 google
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.jotfor.ms; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
jf-trace-id: 6fc30a5ccde7b685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Wed, 18 Oct 2023 19:14:00 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 prototype.forms.js Show response
survey.freedommobile.ca/static/ 126 KB
33 KB 49ms
48ms Script
application/x-javascript 34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.freedommobile.ca/static/prototype.forms.js?3.3.46613
Requested by: Host: survey.freedommobile.ca
URL: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.106.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:00 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sun, 15 Oct 2023 16:42:16 GMT
server: nginx
etag: W/"652c1668-1f932"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jotform.forms.js Show response
survey.freedommobile.ca/static/ 589 KB
154 KB 46ms
45ms Script
application/x-javascript 34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.freedommobile.ca/static/jotform.forms.js?3.3.46613
Requested by: Host: survey.freedommobile.ca
URL: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.106.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 161e0093fbc47221ad72ab2a8750c5e865742fae66abfadb2cd311f26f53603c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:00 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 18 Oct 2023 17:34:30 GMT
server: nginx
etag: W/"65301726-93299"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 toMarkdown.js Show response
survey.freedommobile.ca//js/pen/ 20 KB
5 KB 79ms
78ms Script
application/x-javascript 34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.freedommobile.ca//js/pen/toMarkdown.js?v=3.3.46613
Requested by: Host: survey.freedommobile.ca
URL: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.106.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9e6aa08058b27fe560927d9c163b8db22a16a15e6bdce16acb1892505fc1d129

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:00 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: nginx
etag: W/"644a9d8a-5017"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 showdown.js Show response
survey.freedommobile.ca//js/pen/ 97 KB
33 KB 33ms
32ms Script
application/x-javascript 34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.freedommobile.ca//js/pen/showdown.js?v=3.3.46613
Requested by: Host: survey.freedommobile.ca
URL: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.106.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ae5f7a0df9dfedf5a1bfe02eabcfc2023678555719f191a9234adda7bed57000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:00 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: nginx
etag: W/"644a9d8a-182ec"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 validategateways.js Show response
survey.freedommobile.ca/js/payments/ 710 B
869 B 28ms
28ms Script
application/x-javascript 34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.freedommobile.ca/js/payments/validategateways.js?v=3.3.46613
Requested by: Host: survey.freedommobile.ca
URL: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.106.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: aba48469286a91d672f75c23affd49b26cbc09a696eece7af576abb279214585

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:00 GMT
via: 1.1 google
last-modified: Tue, 25 Jul 2023 11:18:42 GMT
server: nginx
etag: "64bfaf92-2c6"
content-type: application/x-javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 710
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3

200

Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png
survey.freedommobile.ca/ent-d769/ssoldatenkov/form_files/
Redirect Chain

https://survey.freedommobile.ca/uploads/ssoldatenkov/form_files/Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png
https://survey.freedommobile.ca/ent-d769/ssoldatenkov/form_files/Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png?md5=J9tscUCt5-2MFhtG1rMmtA&expires=1697656450

115 KB
115 KB

29ms
28ms

Image
image/png

34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://survey.freedommobile.ca/ent-d769/ssoldatenkov/form_files/Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png?md5=J9tscUCt5-2MFhtG1rMmtA&expires=1697656450
Requested by: Host: survey.freedommobile.ca
URL: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
Protocol: H3
Server: 34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.106.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2daa6991fc5336dcf2e6bb5f583acefb08680e77b812a29437419ad42bfc6242

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:00 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: OPTIONS, GET
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

date: Wed, 18 Oct 2023 19:14:00 GMT
strict-transport-security: max-age=31536000;
via: 1.1 google
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.jotfor.ms; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
jf-trace-id: fa50a0dfe060433c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Wed, 18 Oct 2023 19:14:00 GMT
server: nginx
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://survey.freedommobile.ca/ent-d769/ssoldatenkov/form_files/Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png?md5=J9tscUCt5-2MFhtG1rMmtA&expires=1697656450
cache-control: no-cache
x-form-cache: MISS-APP
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 for-cardform-js.js Show response
survey.freedommobile.ca/s/umd/738499a9183/ 585 KB
161 KB 55ms
55ms Script
text/javascript 34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.freedommobile.ca/s/umd/738499a9183/for-cardform-js.js?4.5
Requested by: Host: survey.freedommobile.ca
URL: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.106.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b242cc45d7475cc492e6369bc0498b710720e028dc6f9cd356c5a180ef56bbb0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:00 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 18 Oct 2023 17:49:19 GMT
server: nginx
x-store: gcs
etag: W/"b678d8d9e00589ff6c5a3f2f0fc4eaf4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=315360000, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ownerView.php Show response
survey.freedommobile.ca/ 0
45 B 35ms
35ms Script
text/html 34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.freedommobile.ca/ownerView.php?id=200124215294039

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.106.160.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:00 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
via: 1.1 google
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.jotfor.ms; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
jf-trace-id: 8e9abe50954d6a94
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Wed, 18 Oct 2023 19:14:00 GMT
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
cdn.jotfor.ms/fonts/ 3 KB
538 B 105ms
42ms Stylesheet
text/css 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Requested by: Host: survey.freedommobile.ca
URL: https://survey.freedommobile.ca/stylebuilder/default.css?d6ae424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c375043f418d3bd18eccfa0388d8ceddd30d471d7df5aac81e8232a4fa39ce15

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:00 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 18 Oct 2023 19:10:21 GMT
server: cloudflare
age: 219
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 81831a12f8870f70-EWR
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 118ms
45ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Requested by

Host: survey.freedommobile.ca
URL: https://survey.freedommobile.ca/stylebuilder/200124215294039/style.css?themeID=5e1c905aef182501f64643f1&smartEmbed=1&v=5798e0617960c168d1a5bf75e30189e2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

0c8aa75f73c7b43afbf61eb85ad74f5cb17f0cdee97c77fa6800ca40949cd81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Oct 2023 19:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 18:38:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Oct 2023 19:14:01 GMT

GET
DATA 200
OK truncated
/ 288 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2b356c88e725e6c7a91b07746509a69a313bc1ba5dfeed9b4b6da6172cd1e50

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 698 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81363bf5e80b032d76dedae26638666c661b12ea0d3571158b510d2d46ff959e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 305 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 870cf8347bb045c8cf29a13b94c9034886de84ba1286b8635ea9ab217f93b78c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 109ms
36ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://survey.freedommobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:55:32 GMT
x-content-type-options: nosniff
age: 451109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 13:55:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 124ms
57ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://survey.freedommobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 13:43:53 GMT
x-content-type-options: nosniff
age: 451808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 13:43:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 117ms
50ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://survey.freedommobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 05:02:11 GMT
x-content-type-options: nosniff
age: 483110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 05:02:11 GMT

GET
H2 200 Roboto-Medium.woff2
cdn.jotfor.ms/fonts/Roboto/fonts/ 65 KB
66 KB 136ms
78ms Font
text/html 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/Roboto/fonts/Roboto-Medium.woff2
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8047d9d95b509cbfed6fb40b429d64aaed51c9e8622b2e6cc089efda58fc868

Request headers

Referer: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Origin: https://survey.freedommobile.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:01 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 09 Sep 2023 12:45:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 81831a182f6dc43e-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png
survey.freedommobile.ca/ent-d769/ssoldatenkov/form_files/
Redirect Chain

https://survey.freedommobile.ca/uploads/ssoldatenkov/form_files/Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png
https://survey.freedommobile.ca/ent-d769/ssoldatenkov/form_files/Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png?md5=JlDDAEJV2RKkHDqDdDR92w&expires=1697656451

115 KB
115 KB

31ms
30ms

Image
image/png

34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://survey.freedommobile.ca/ent-d769/ssoldatenkov/form_files/Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png?md5=JlDDAEJV2RKkHDqDdDR92w&expires=1697656451
Requested by: Host: survey.freedommobile.ca
URL: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
Protocol: H3
Server: 34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.106.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2daa6991fc5336dcf2e6bb5f583acefb08680e77b812a29437419ad42bfc6242

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 19:14:01 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: OPTIONS, GET
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

date: Wed, 18 Oct 2023 19:14:01 GMT
strict-transport-security: max-age=31536000;
via: 1.1 google
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.jotfor.ms; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
jf-trace-id: 45a2e533d71d13de
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Wed, 18 Oct 2023 19:14:01 GMT
server: nginx
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://survey.freedommobile.ca/ent-d769/ssoldatenkov/form_files/Freedom-Logo-Mobile.5e1c8ebf7e2493.90256830.png?md5=JlDDAEJV2RKkHDqDdDR92w&expires=1697656451
cache-control: no-cache
x-form-cache: MISS-APP
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 268 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01dcc5d2246879b5371752a62d19646e125949ba31395d8640448b27ca374479

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 /
survey.freedommobile.ca/events/form/200124215294039/ 0
15 B 34ms
33ms Image
text/html 34.160.106.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://survey.freedommobile.ca/events/form/200124215294039/?ref=&res=1600x1200&eventID=1697656441872_200124215294039_WSxfcH4&loc=https%253A%252F%252Fsurvey.freedommobile.ca%252F200124215294039%253F%253Fh_ser_id%253D71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da%2526h_bil_ac_n%253De661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
Requested by: Host: survey.freedommobile.ca
URL: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.106.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.106.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://survey.freedommobile.ca/200124215294039??h_ser_id=71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da&h_bil_ac_n=e661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 19:14:01 GMT
via: 1.1 google
server: nginx
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.survey.freedommobile.ca/	1970-01-20 15:44:21	Name: ENTERPRISE_SESSION Value: 5bb3d0b9-06f9-d2a8-2f1a-23fad3cb
.survey.freedommobile.ca/	1970-01-20 16:18:58	Name: guest Value: guest_4403103761fa2d42
.survey.freedommobile.ca/	1970-01-20 16:18:58	Name: userReferer Value: https%3A%2F%2Fsurvey.freedommobile.ca%2F200124215294039%3F%3Fh_ser_id%3D71de3a33d93ff444bd962d5e8ebdf0ac1c18e741cac49ffcfefcbce0738a45da%26h_bil_ac_n%3De661aba5b4bee980ad57424f622d3952cd3554fdc563a644c123a643838f81ad

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://survey.freedommobile.ca/static/jotform.forms.js?3.3.46613(Line 114) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://survey.freedommobile.ca/s/umd/738499a9183/for-cardform-js.js?4.5(Line 1) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://survey.freedommobile.ca/s/umd/738499a9183/for-cardform-js.js?4.5(Line 1) Message: Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://survey.freedommobile.ca/s/umd/738499a9183/for-cardform-js.js?4.5(Line 1) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://survey.freedommobile.ca/s/umd/738499a9183/for-cardform-js.js?4.5(Line 1) Message: Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://survey.freedommobile.ca/s/umd/738499a9183/for-cardform-js.js?4.5(Line 1) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://survey.freedommobile.ca/s/umd/738499a9183/for-cardform-js.js?4.5(Line 1) Message: Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jotfor.ms
click.e.freedommobile.ca
fonts.googleapis.com
fonts.gstatic.com
survey.freedommobile.ca
104.22.72.81
128.17.32.131
142.251.16.94
172.253.122.95
34.160.106.156
01dcc5d2246879b5371752a62d19646e125949ba31395d8640448b27ca374479
0c8aa75f73c7b43afbf61eb85ad74f5cb17f0cdee97c77fa6800ca40949cd81a
161e0093fbc47221ad72ab2a8750c5e865742fae66abfadb2cd311f26f53603c
2daa6991fc5336dcf2e6bb5f583acefb08680e77b812a29437419ad42bfc6242
6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176
6fad029fbaff4253cd8b761ae008b981dfd87a8e9c177c544f2889cb362d39f5
81363bf5e80b032d76dedae26638666c661b12ea0d3571158b510d2d46ff959e
870cf8347bb045c8cf29a13b94c9034886de84ba1286b8635ea9ab217f93b78c
9d3c9a45888f6eb7afc5048e4f594646cc6e5b21c8475e56a33858901f5b7e63
9e6aa08058b27fe560927d9c163b8db22a16a15e6bdce16acb1892505fc1d129
aba48469286a91d672f75c23affd49b26cbc09a696eece7af576abb279214585
ae5f7a0df9dfedf5a1bfe02eabcfc2023678555719f191a9234adda7bed57000
b242cc45d7475cc492e6369bc0498b710720e028dc6f9cd356c5a180ef56bbb0
b2b356c88e725e6c7a91b07746509a69a313bc1ba5dfeed9b4b6da6172cd1e50
b8047d9d95b509cbfed6fb40b429d64aaed51c9e8622b2e6cc089efda58fc868
c375043f418d3bd18eccfa0388d8ceddd30d471d7df5aac81e8232a4fa39ce15
dabdffe174e787008bd89ffbbf74ea37d32dc1aee581a76c2c50ec656cc8b51a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

survey.freedommobile.ca Open in urlscan Pro 34.160.106.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

829 kBTransfer

2411 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

3 Cookies

7 Console Messages

Security Headers

Indicators

survey.freedommobile.ca Open in urlscan Pro
34.160.106.156 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

829 kB
Transfer

2411 kB
Size

3
Cookies

19 HTTP transactions
4 data transactions