urlscan.io logo urlscan.io
SecurityTrails logo

lineper.com Open in urlscan Pro
103.140.249.50  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/lowsss/kembibi.html#0ssb7hazddy.cSDlakLFoNgnCDmWfOwl?dW8SCyccmjd1cwYW5cdcTPcpc3sfjfCDDcbbb4Q
Effective URL: https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal...
Submission: On March 17 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 40 HTTP transactions. The main IP is 103.140.249.50, located in Viet Nam and belongs to HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN. The main domain is lineper.com.
TLS certificate: Issued by R3 on March 10th 2022. Valid for: 3 months.
This is the only time lineper.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 45.158.10.66 400377 (AS-DC)
1 154.16.145.83 36352 (AS-COLOCR...)
1 1 103.140.249.49 24088 (HTCHCMC-A...)
10 103.140.249.50 24088 (HTCHCMC-A...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
21 2600:9000:21e... 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
40 7
1    2607:f8b0:4006:80a::2010 (Queens, United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    45.158.10.66 (Washington, United States)

ASN400377 (AS-DC, US)
PTR: texturecast.org.uk
poweredchannel.com
1    154.16.145.83 (Denver, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 75.102.23.178
astonishedsound.com
1    103.140.249.49 (Viet Nam)

ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN)
PTR: static-ptr.vndata.vn
lpstrk.com
10    103.140.249.50 (Viet Nam)

ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN)
PTR: static-ptr.vndata.vn
lineper.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
21    2600:9000:21ec:9800:b:4623:cac0:21 (United States)

ASN16509 (AMAZON-02, US)
d3e1y4kxkqljcb.cloudfront.net
2    2607:f8b0:4006:80a::200a (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2607:f8b0:4006:816::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
21 cloudfront.net
d3e1y4kxkqljcb.cloudfront.net
466 KB
10 lineper.com
lineper.com
70 KB
4 gstatic.com
fonts.gstatic.com
70 KB
3 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 425
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 588
33 KB
1 lpstrk.com
lpstrk.com — Cisco Umbrella Rank: 429324
1 KB
1 astonishedsound.com
astonishedsound.com
492 B
1 poweredchannel.com
poweredchannel.com — Cisco Umbrella Rank: 897560
263 B
40 8
Domain Requested by
21 d3e1y4kxkqljcb.cloudfront.net lineper.com
10 lineper.com astonishedsound.com
lineper.com
code.jquery.com
4 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com lineper.com
1 code.jquery.com lineper.com
1 lpstrk.com 1 redirects
1 astonishedsound.com storage.googleapis.com
1 poweredchannel.com 1 redirects
1 storage.googleapis.com
40 9

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
astonishedsound.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-12 -
2022-07-12		 a year crt.sh
lineper.com
R3		 2022-03-10 -
2022-06-08		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
Frame ID: 7748C8BFA36677B9305576FD15964B92
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Reward Survey - We Want Your Opinion!

Page URL History Show full URLs

  1. https://storage.googleapis.com/lowsss/kembibi.html Page URL
  2. http://poweredchannel.com/anchor0ssb7hazddy.cSDlakLFoNgnCDmWfOwl?dW8SCyccmjd1cwYW5cdcTPcpc3sfjfCDDcbbb4Q HTTP 302
    https://astonishedsound.com/176153c98365b5e6800/2_369493_2528058/2434_1281822_3412610_11/735362595 Page URL
  3. https://lpstrk.com/a8ikpn24hx32xtpcvj3f&externalid=1250148803&agentid=690061&ts=id3&target=pp&a... HTTP 302
    https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

642 kB
Transfer

763 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/lowsss/kembibi.html Page URL
  2. http://poweredchannel.com/anchor0ssb7hazddy.cSDlakLFoNgnCDmWfOwl?dW8SCyccmjd1cwYW5cdcTPcpc3sfjfCDDcbbb4Q HTTP 302
    https://astonishedsound.com/176153c98365b5e6800/2_369493_2528058/2434_1281822_3412610_11/735362595 Page URL
  3. https://lpstrk.com/a8ikpn24hx32xtpcvj3f&externalid=1250148803&agentid=690061&ts=id3&target=pp&affid=2_369493_2528058 HTTP 302
    https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://poweredchannel.com/anchor0ssb7hazddy.cSDlakLFoNgnCDmWfOwl?dW8SCyccmjd1cwYW5cdcTPcpc3sfjfCDDcbbb4Q HTTP 302
  • https://astonishedsound.com/176153c98365b5e6800/2_369493_2528058/2434_1281822_3412610_11/735362595

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
kembibi.html
storage.googleapis.com/lowsss/ 		112 B
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/lowsss/kembibi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

x-guploader-uploadid
ADPycdvU1U3rXqLq0Awo_8jwXP01mUsVeIksMSJPsAcX7GQ7VR3BxsBorQerkDE3Zu74wgzC0nrCriRPt2qL2ph1gAxBrio69g
x-goog-generation
1631036252897537
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
112
x-goog-hash
crc32c=Vs6sCQ== md5=OLoj3Ftrd6uWMBpoYOCSVw==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
112
server
UploadServer
date
Thu, 17 Mar 2022 19:25:48 GMT
expires
Thu, 17 Mar 2022 20:25:48 GMT
cache-control
public, max-age=3600
age
3524
last-modified
Tue, 07 Sep 2021 17:37:32 GMT
etag
"38ba23dc5b6b77ab96301a6860e09257"
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
735362595
astonishedsound.com/176153c98365b5e6800/2_369493_2528058/2434_1281822_3412610_11/
Redirect Chain
  • http://poweredchannel.com/anchor0ssb7hazddy.cSDlakLFoNgnCDmWfOwl?dW8SCyccmjd1cwYW5cdcTPcpc3sfjfCDDcbbb4Q
  • https://astonishedsound.com/176153c98365b5e6800/2_369493_2528058/2434_1281822_3412610_11/735362595
179 B
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://astonishedsound.com/176153c98365b5e6800/2_369493_2528058/2434_1281822_3412610_11/735362595
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/lowsss/kembibi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.16.145.83 Denver, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
75.102.23.178
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://storage.googleapis.com/lowsss/kembibi.html#0ssb7hazddy.cSDlakLFoNgnCDmWfOwl?dW8SCyccmjd1cwYW5cdcTPcpc3sfjfCDDcbbb4Q

Response headers

Date
Thu, 17 Mar 2022 20:24:33 GMT
Server
Apache
Content-Length
179
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 17 Mar 2022 20:24:32 GMT
Server
Apache
Location
https://astonishedsound.com/176153c98365b5e6800/2_369493_2528058/2434_1281822_3412610_11/735362595
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
Primary Request index_3_d.php
lineper.com/visitor_ca_br/
Redirect Chain
  • https://lpstrk.com/a8ikpn24hx32xtpcvj3f&externalid=1250148803&agentid=690061&ts=id3&target=pp&affid=2_369493_2528058
  • https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=16...
30 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
Requested by
Host: astonishedsound.com
URL: https://astonishedsound.com/176153c98365b5e6800/2_369493_2528058/2434_1281822_3412610_11/735362595
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
377bc9d7805ecc60a719b672332ee3675af564b69f4c07bf0552cc13ed304bbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://astonishedsound.com/176153c98365b5e6800/2_369493_2528058/2434_1281822_3412610_11/735362595

Response headers

Server
nginx
Date
Thu, 17 Mar 2022 20:24:35 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
6412
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx/1.20.0
Date
Thu, 17 Mar 2022 20:24:34 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
Strict-Transport-Security
max-age=31536000
style_main_1.css
lineper.com/visitor_ca_br/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lineper.com/visitor_ca_br/css/style_main_1.css
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
4d74e25b9c753b62ff8aab1db78f857cf69c74dc9ca194634e9a50d3d8b06162

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:24:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jan 2022 10:48:07 GMT
Server
nginx
ETag
W/"61d81a67-6abe"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-1.11.1.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.1.min.js
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:24:35 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1762a"
vary
Accept-Encoding
x-hw
1647548675.dop034.dc2.t,1647548675.cds215.dc2.hn,1647548675.cds053.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33202
script_1.js
lineper.com/visitor_ca_br/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lineper.com/visitor_ca_br/js/script_1.js
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
c15b72a03ebbce821468b02749603c77f4283b558746e63acfd1e0be3868e07b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:24:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jan 2022 10:52:59 GMT
Server
nginx
ETag
W/"61d81b8b-4b67"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
flag_ca_min.png
d3e1y4kxkqljcb.cloudfront.net/survey_ca/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_ca/flag_ca_min.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5aea763b69786de7af3bdef30ef54195b68f1734134dea3ca174592721b16b1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 17:22:30 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Thu, 04 Apr 2019 11:46:15 GMT
server
AmazonS3
age
10927
etag
"4a8feb121e977df1901fbc90579d5910"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
2130
x-amz-cf-id
3owqtGTQg9zShHBpku45B5OsV_OEHkE8mg_s4wKH8QEOccpCuzszNA==
new_gift.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_gift.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2b228035e05c131b62a3296d4a725151b328c39fa113c143f2db620a1296283

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:19:19 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Wed, 16 Sep 2020 14:04:32 GMT
server
AmazonS3
age
3918
etag
"ae4673293c74dd7e1f44bc37f427b155"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
19500
x-amz-cf-id
Jv548MjgPFQPVr72qPqElyOoMjiuU_jkzuWW_dKfwmKSlQAcArfiXg==
giphy.gif
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/nn_survey/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/nn_survey/giphy.gif
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 06:58:20 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Mon, 26 Oct 2020 15:58:58 GMT
server
AmazonS3
age
48377
etag
"45f10d30ce7014885a2d438941a16d3a"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/gif
content-length
15537
x-amz-cf-id
tHfBfCYzgFP5yy6qlFfVqBkDcR4Ssbp01ExClidRXMDb5Pxo-1zqVg==
tick-icon.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/nn_survey/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/nn_survey/tick-icon.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 02:33:10 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Mon, 26 Oct 2020 15:58:57 GMT
server
AmazonS3
age
64286
etag
"638c9f9cfb95a3aa955bb8beb850488b"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
1714
x-amz-cf-id
MzH28RVJKeBNTNreyerDsEbskn81XxtiFi6Vt8YgkQjMwwNFSD3UEg==
redirect_bin.js
lineper.com/ 		551 B
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lineper.com/redirect_bin.js
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
595fc9d77aaa41cb01936f11d16d156a8c571faace86be0e10634aeaf3e924ce

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:24:36 GMT
Last-Modified
Sat, 20 Nov 2021 11:31:15 GMT
Server
nginx
ETag
"6198dc83-227"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
551
Expires
Thu, 31 Dec 2037 23:55:55 GMT
snow.js
lineper.com/ 		1 KB
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lineper.com/snow.js
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
09cb02f8abde5de2371a29d02a6895f03bb73c3c6f92aec79840ae9b097f4460

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:24:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Dec 2021 16:53:23 GMT
Server
nginx
ETag
W/"61aa4b83-468"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,300;1,700&display=swap
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/style_main_1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33284fe633022dc52abfaa8f476c0642cc34d552861bdd2924b60a3edd68b882
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 20:24:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 20:24:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 20:24:36 GMT
css2
fonts.googleapis.com/ 		2 KB
545 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@400;700&display=swap
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/style_main_1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0eddb348ebcdcf34164bf539f7a5e5f204f99067bf1f915705078316efb80ae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 19:30:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 20:24:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 20:24:36 GMT
ca.json
lineper.com/visitor_ca_br/lang/ 		68 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lineper.com/visitor_ca_br/lang/ca.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
01d3adc7504c889384eb8506246d6ae29c39cff278938c4110b16249259a8b42

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:24:36 GMT
Last-Modified
Mon, 03 May 2021 12:55:36 GMT
Server
nginx
ETag
"44-5c16c7a4eba5e"
Content-Type
application/json
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68
pp.css
lineper.com/visitor_ca_br/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lineper.com/visitor_ca_br/css/pp.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
27e5b89f4219b84629daf4140bb391815b2e1d8b0288023c51b7bf5c39a2e12c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:24:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Jun 2021 07:54:24 GMT
Server
nginx
ETag
W/"60c073b0-872"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
offers_5_d.json
lineper.com/visitor_ca_br/datas/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lineper.com/visitor_ca_br/datas/offers_5_d.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
a1543a312389cf3776f7b29ce2771c0f241fc8379bf847ddcfcabaf36881646d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:24:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Dec 2021 15:19:22 GMT
Server
nginx
ETag
W/"1080-5d30898ea86ee"
Vary
Accept-Encoding
Content-Type
application/json
Transfer-Encoding
chunked
Connection
keep-alive
pp.json
lineper.com/visitor_ca_br/datas/ 		642 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lineper.com/visitor_ca_br/datas/pp.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
67d73a65a822cd04c11ffaf2c40630e9cee32cb30d2039e7f1883f87294a10e5

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lineper.com/visitor_ca_br/index_3_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=398a61zejqea2f7e&campaign=1875&user_id=1&clickcost=0&lander=1413&time=1647505474&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.181&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=16d4474854ec893d74&target=pp&device=DESKTOP&uclick=1zejqea2&uclickhash=1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:24:36 GMT
Last-Modified
Mon, 03 May 2021 12:55:23 GMT
Server
nginx
ETag
"282-5c16c798781e4"
Content-Type
application/json
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
642
pp_icon.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/pp_icon.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/pp.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f2986702f063406fc78dbd5bdb40d51280419c0d0b71250db874b1e17baa856

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 19:24:22 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Fri, 28 May 2021 09:07:58 GMT
server
AmazonS3
age
3615
etag
"c236c02d27c6cbe8e325810dbdd99f80"
x-cache
Hit from cloudfront
x-amz-version-id
BIMaYO7oBahD.2I3n1uWlPKVQzJBhrxF
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
3335
x-amz-cf-id
msJYUdQDf0VeG3BysdjID6lX4dTF5TT4qOkWZpwMoHeCrnH4LagKsw==
line_background4.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/line_background4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9144afcf99db928e2f67372c78684c5e4d37352700f47abb00992fe60155fae7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 01:58:54 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Mon, 23 Aug 2021 15:43:45 GMT
server
AmazonS3
age
66343
etag
"375e3524d7f8353cb120bb59e9b66c05"
x-cache
Hit from cloudfront
x-amz-version-id
MhoF05G5kGnYWTDTNUZnmaMztuyzUHC3
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
62543
x-amz-cf-id
Ir3k287KYfln7yQ9_knu7hMWBPkczYf3-cefEDtcvhNz5dnBrmJQXQ==
gift_box_pp.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/news_gift_i/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/news_gift_i/gift_box_pp.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/pp.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39be1fe3873e14bf06eef5745acd66f33391eee65cee3631c1aebedf3e63e383

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 14:11:45 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Tue, 23 Mar 2021 13:55:07 GMT
server
AmazonS3
age
22372
etag
"9c6e62fba6c69eefdc6558433ecca5f1"
x-cache
Hit from cloudfront
x-amz-version-id
crHNS39JCmOW8bFPCLpyaZHXPWEQxEpc
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
17302
x-amz-cf-id
8OUC3FuQGhptQVlEU7MglggAC8Pgap9TL7G6_N-labTIqE24m2ankg==
sprite_7.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/sprite_7.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/style_main_1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4405fedd43c666bd3b058a377c6534ccfd13966022164dd802097f542a817b2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 17:18:57 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Wed, 10 Mar 2021 11:22:13 GMT
server
AmazonS3
age
11140
etag
"432728af8e57368354e8be5aad7b1899"
x-cache
Hit from cloudfront
x-amz-version-id
kIAwUSFCZ1dUcuIui8DQvc_sIJ0vKwMU
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
22598
x-amz-cf-id
smzVycCj-PfPh98oZFCpcWFPPGXZSYNspUyBcrbwQY5bLrzxWZ4nDw==
pay_method.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/pay_method.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/style_main_1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5088b435d3137f3b3fc92dc9778ed3d176630ac0fbc168ddd0f57f1ef7b50caf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 03:46:51 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 10:14:04 GMT
server
AmazonS3
age
59866
etag
"ad6b84905db334c53845a44f8240316b"
x-cache
Hit from cloudfront
x-amz-version-id
TTOH5Dpg.IlOvCCiT4m_RM0aZ.JiFVUe
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
9739
x-amz-cf-id
-sVZm81rvfeirkwquNu18PluWzP5_0clwuVihoR5wQPaJTNEL8ES_g==
new_sprite_6.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_sprite_6.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70669b4b76e994f939ff5bc3a6fbaa1b39894213f2aae85e0793c4c67615e7b7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 14:11:45 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Tue, 27 Jul 2021 12:33:59 GMT
server
AmazonS3
age
22372
etag
"2b7ed2cffa27fbd94f1a32f1c976355d"
x-cache
Hit from cloudfront
x-amz-version-id
2FVMFy9fmAGgo2gHxUMPsgcPH9lAs9u8
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
22549
x-amz-cf-id
MmoEVVC8SBYbUGzXJptFbkeTIDFsDk40d7gigznhCb25UXETjvygow==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,300;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lineper.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 08:30:30 GMT
x-content-type-options
nosniff
age
42846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 17 Mar 2023 08:30:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,300;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lineper.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 14:35:30 GMT
x-content-type-options
nosniff
age
193746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 14:35:30 GMT
7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v11/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v11/7cHqv4kjgoGqM7E3t-4s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lineper.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:03:47 GMT
x-content-type-options
nosniff
age
87649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21724
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:06:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 20:03:47 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,300;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lineper.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 08:05:14 GMT
x-content-type-options
nosniff
age
44362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17484
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 17 Mar 2023 08:05:14 GMT
nut_4_05.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/nut_4_05.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dcb49ea0035d4167a1a25d83b059f25ed663f99ec254ed13d3866bcc5ef01c82

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 17:31:12 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jun 2020 12:52:31 GMT
server
AmazonS3
age
10406
etag
"aff648644a3b7089c2e539492d990b83"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
23492
x-amz-cf-id
fjRkKosNV1hIXiYKeJUDyL9RaDVp1t1iIfrGsuztIvALZgP9o7_y_Q==
zodiak_casino.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_ca/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_ca/zodiak_casino.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ff7bca16032d07c93857724bb58ee0012bf1e5d4e73ea2fb81e3479c8ab5136

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 19:03:40 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Mon, 29 Nov 2021 16:13:44 GMT
server
AmazonS3
age
4858
etag
"bc547014a09e88067da92868b549e9bd"
x-cache
Hit from cloudfront
x-amz-version-id
Bo60gXoT1agEgGvgGcq9cCZXQz2iQ1hT
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
33659
x-amz-cf-id
6Bwu1DTvozhK5BxcBDYZErSrEwHVXQSHAdBAeySSu68waHRt0VNI7w==
luxury_casino.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_ca/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_ca/luxury_casino.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
030dd557e445219074feccff964362333092d7e91b3ad1a35d5a755b07916c81

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 14:47:21 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Mon, 29 Nov 2021 16:13:43 GMT
server
AmazonS3
age
20237
etag
"47974e37a457285dd4902637d16d3a65"
x-cache
Hit from cloudfront
x-amz-version-id
uyc8jiHs3glwpQL8p.oTET_RCkuZWRMD
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
42298
x-amz-cf-id
Ean7ZE1A7WQDa-w8pC7klCZMRnZEVjTB9RZujjmEF4pc40tcLISyCA==
casino_jackpot.png
d3e1y4kxkqljcb.cloudfront.net/survey_ca/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_ca/casino_jackpot.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b58ee29d82599c6316baaac8ad795a9dbe860e05d4b1a25653c0b912245a4e3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 19:19:21 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Wed, 11 Dec 2019 09:14:36 GMT
server
AmazonS3
age
3917
etag
"d731ba57fe560f0d38da3cabd7debf5b"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
28537
x-amz-cf-id
owPoWhVAACe9Ve0axc1CfRbL-7J7TlRCTtTaPG57ehL_kRlB_KRNYg==
classic_casino.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_ca/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_ca/classic_casino.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1d9133bdfcee5138ca1d472da1cc5e306dd6d9fe917a0109fad61f5554a5ad9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 14:11:44 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Mon, 29 Nov 2021 16:13:42 GMT
server
AmazonS3
age
22374
etag
"ec292dd67e33d020abc433d5fa9fb59e"
x-cache
Hit from cloudfront
x-amz-version-id
8p4WrQMHqkzYBIptpIeMqOtBSmIlbum5
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
35959
x-amz-cf-id
KXVGCc5Fw2Q4UCHl-y2p5HHOL1AwzPsfeErZWXeRPeOPsCWHvObMmg==
diet_22_05.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/diet_22_05.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdd6ae8c65ee12166d3a08119a699b3aebf9c3dba2d23999a9c0f1ccdef6e0be

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 17:38:09 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Fri, 22 May 2020 10:45:26 GMT
server
AmazonS3
age
9989
etag
"e89e45694ede05198f27741c355e9ab7"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
24742
x-amz-cf-id
LVf6J31snWcoW-5SiTyjraIyQSfEPfwhOOtl5gPBV6Y8FJyiKN3pXw==
male_5_06.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/male_5_06.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ebe8abfa8e4a2a310e2b5c550bc0ccf50c9e790701da5648899a7f4dda33197

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 14:47:22 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jun 2020 11:22:23 GMT
server
AmazonS3
age
20236
etag
"97167a158e7c391cc88e17d668fc4176"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
28729
x-amz-cf-id
LVCJxUxTLcyf_Cuv46HTGHlZRvVSGHxxs5XSWYXLWLCIeMd3mzOLAw==
male_diet_22_05.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/male_diet_22_05.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7350496b646520a21195b5c50001ad3b933d8703bfc9443a15e2d4906debebb8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 14:47:22 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Fri, 22 May 2020 11:06:25 GMT
server
AmazonS3
age
20236
etag
"4786dae0f6b5f66833b50c9966b8a0c6"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
23986
x-amz-cf-id
C3Bh2K0TACy-3fJexcyYyOJybd90deFHjpDn_H4_TXXM5U3inOyfMA==
cbd_oil.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_quality/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_quality/cbd_oil.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da7846e35c98ef7dc7d7e2e682c3325d7423110b6c75f00cab1d78b62381facc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 14:47:22 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Tue, 30 Nov 2021 15:34:29 GMT
server
AmazonS3
age
20236
etag
"b24928a861d1c8db5223346f7e85afcf"
x-cache
Hit from cloudfront
x-amz-version-id
5JwjJzb6JtsmAVVZ6C8z7h9spLdNrvaA
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
23681
x-amz-cf-id
C2g5ZGtUj8hp7Z-W7qmYEOjkm-RKUTTRtXDD0vohKpFEx9S0e18JFg==
iphone_13_new.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_format/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_format/iphone_13_new.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b717bf432b216667c6ff62f9e0c70a42f6e75c17df8ffd9400eca3a8e3041a2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 20:24:38 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Tue, 14 Sep 2021 11:38:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK51-C1
etag
"a86bd38c6bb6c450284dea80a3af6bc3"
x-cache
Miss from cloudfront
x-amz-version-id
of7Q5XNJtI0uiBpmpXiwVdlE8iLLgWqa
accept-ranges
bytes
content-type
image/png
content-length
4191
x-amz-cf-id
Aex9i4VFOnLyB0jGVNP71oPO9gjMO97m0J0RZqLzMeZBcVgbUgbj6Q==
blender.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/blender.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4654d3e52e565fb72fd7f411313744cfbb3b2f37cc08a5a96482b56bab17bcc5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:45:46 GMT
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
last-modified
Fri, 22 May 2020 11:18:18 GMT
server
AmazonS3
age
23932
etag
"0452e394bf02750c2a02322759ca8ffc"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-type
image/png
content-length
22401
x-amz-cf-id
OhHBGoKdgNUX4a2usdGMi_Q9X49Onw7r4Y5vVeoyMs7aZgw3DUkNkQ==
Tahoma-BoldFauxItalic.woff2
lineper.com/visitor_ca_br/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lineper.com/visitor_ca_br/fonts/Tahoma-BoldFauxItalic.woff2
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/pp.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
eedebaed064e906b922b6b61cb8dc60c2460e0fd46dc2309c691e7d138596135

Request headers

Referer
https://lineper.com/visitor_ca_br/css/pp.css
Origin
https://lineper.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 20:24:37 GMT
Last-Modified
Mon, 03 May 2021 12:55:42 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
ETag
"be30-5c16c7aabbf17"
Content-Length
48688

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery function| $_GET object| months object| days object| time object| d string| dateNow object| monthsF object| daysF object| timeF object| dF string| dateNowF string| targets string| lang function| loadingData function| drawszlider function| timer string| target boolean| IE object| jQuery111106543040246797158 string| redirect_url string| back_url_link function| snowB function| startTimer object| comments number| slidewhere number| holvanszlider function| loadingOffers function| timer1 object| mydate number| year number| day number| month number| daym string| titleOut

3 Cookies

Domain/Path Name / Value
astonishedsound.com/ Name: uid25489
Value: 1250148803-20220317162433-e352a6c2a0413a8ca5271bd452e18d5b-
lpstrk.com/ Name: uclick
Value: 1zejqea2
lpstrk.com/ Name: uclickhash
Value: 1zejqea2-1zejqea2-fnx9-163y-2tx9-pmktdz-usk2i4-a3087e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

astonishedsound.com
code.jquery.com
d3e1y4kxkqljcb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
lineper.com
lpstrk.com
poweredchannel.com
storage.googleapis.com
103.140.249.49
103.140.249.50
154.16.145.83
2001:4de0:ac18::1:a:2a
2600:9000:21ec:9800:b:4623:cac0:21
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80a::2010
2607:f8b0:4006:816::2003
45.158.10.66
01d3adc7504c889384eb8506246d6ae29c39cff278938c4110b16249259a8b42
030dd557e445219074feccff964362333092d7e91b3ad1a35d5a755b07916c81
09cb02f8abde5de2371a29d02a6895f03bb73c3c6f92aec79840ae9b097f4460
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0eddb348ebcdcf34164bf539f7a5e5f204f99067bf1f915705078316efb80ae2
1b58ee29d82599c6316baaac8ad795a9dbe860e05d4b1a25653c0b912245a4e3
27e5b89f4219b84629daf4140bb391815b2e1d8b0288023c51b7bf5c39a2e12c
2ff7bca16032d07c93857724bb58ee0012bf1e5d4e73ea2fb81e3479c8ab5136
33284fe633022dc52abfaa8f476c0642cc34d552861bdd2924b60a3edd68b882
377bc9d7805ecc60a719b672332ee3675af564b69f4c07bf0552cc13ed304bbd
39be1fe3873e14bf06eef5745acd66f33391eee65cee3631c1aebedf3e63e383
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
4654d3e52e565fb72fd7f411313744cfbb3b2f37cc08a5a96482b56bab17bcc5
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
4d74e25b9c753b62ff8aab1db78f857cf69c74dc9ca194634e9a50d3d8b06162
5088b435d3137f3b3fc92dc9778ed3d176630ac0fbc168ddd0f57f1ef7b50caf
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
595fc9d77aaa41cb01936f11d16d156a8c571faace86be0e10634aeaf3e924ce
5f2986702f063406fc78dbd5bdb40d51280419c0d0b71250db874b1e17baa856
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
67d73a65a822cd04c11ffaf2c40630e9cee32cb30d2039e7f1883f87294a10e5
70669b4b76e994f939ff5bc3a6fbaa1b39894213f2aae85e0793c4c67615e7b7
7350496b646520a21195b5c50001ad3b933d8703bfc9443a15e2d4906debebb8
7b717bf432b216667c6ff62f9e0c70a42f6e75c17df8ffd9400eca3a8e3041a2
9144afcf99db928e2f67372c78684c5e4d37352700f47abb00992fe60155fae7
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
9ebe8abfa8e4a2a310e2b5c550bc0ccf50c9e790701da5648899a7f4dda33197
a1543a312389cf3776f7b29ce2771c0f241fc8379bf847ddcfcabaf36881646d
a1d9133bdfcee5138ca1d472da1cc5e306dd6d9fe917a0109fad61f5554a5ad9
a4405fedd43c666bd3b058a377c6534ccfd13966022164dd802097f542a817b2
a5aea763b69786de7af3bdef30ef54195b68f1734134dea3ca174592721b16b1
bdd6ae8c65ee12166d3a08119a699b3aebf9c3dba2d23999a9c0f1ccdef6e0be
c15b72a03ebbce821468b02749603c77f4283b558746e63acfd1e0be3868e07b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
da7846e35c98ef7dc7d7e2e682c3325d7423110b6c75f00cab1d78b62381facc
dcb49ea0035d4167a1a25d83b059f25ed663f99ec254ed13d3866bcc5ef01c82
e2b228035e05c131b62a3296d4a725151b328c39fa113c143f2db620a1296283
eedebaed064e906b922b6b61cb8dc60c2460e0fd46dc2309c691e7d138596135