nucleus.mksurveys.cloud Open in urlscan Pro
2001:41d0:301::28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nucleus.mksurveys.cloud/
Effective URL:
https://nucleus.mksurveys.cloud/login
Submission: On October 30 via manual (October 30th 2023, 6:54:55 am UTC) from GB — Scanned from FR

Summary HTTP 71 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 24 domains to perform 71 HTTP transactions. The main IP is 2001:41d0:301::28, located in Paris, France and belongs to OVH, FR. The main domain is nucleus.mksurveys.cloud.
TLS certificate: Issued by R3 on October 26th 2023. Valid for: 3 months.

This is the only time nucleus.mksurveys.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 18	2001:41d0:301... 2001:41d0:301::28	16276 (OVH) (OVH)
2	3.5.226.127 3.5.226.127	16509 (AMAZON-02) (AMAZON-02)
1	108.138.26.82 108.138.26.82	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2a05:d014:57:... 2a05:d014:57:a302:cad8:1b32:ee1e:cd89	16509 (AMAZON-02) (AMAZON-02)
3	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
1	99.81.165.243 99.81.165.243	16509 (AMAZON-02) (AMAZON-02)
1	54.239.54.197 54.239.54.197	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:be59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4cba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:579a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e7a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f7a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:c07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
71	32

18 2001:41d0:301::28 (Paris, France) 2 redirects

ASN16276 (OVH, FR)

nucleus.mksurveys.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.226.127 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-west-3.amazonaws.com

atis-images.s3.eu-west-3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-82.fra56.r.cloudfront.net

client.rum.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d014:57:a302:cad8:1b32:ee1e:cd89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

cognito-identity.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.165.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-165-243.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.54.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: sts.eu-central-1.amazonaws.com

sts.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:be59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4cba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:579a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f7a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	mksurveys.cloud 2 redirects nucleus.mksurveys.cloud	1 MB
8	amazonaws.com atis-images.s3.eu-west-3.amazonaws.com client.rum.us-east-1.amazonaws.com — Cisco Umbrella Rank: 11178 cognito-identity.eu-central-1.amazonaws.com — Cisco Umbrella Rank: 57253 sts.eu-central-1.amazonaws.com — Cisco Umbrella Rank: 200861	139 KB
7	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	26 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003	5 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	106 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	316 KB
3	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4613 track.hubspot.com — Cisco Umbrella Rank: 2298	2 KB
3	google.fr www.google.fr — Cisco Umbrella Rank: 17843	669 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	2 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	822 B
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4607 forms.hscollectedforms.net — Cisco Umbrella Rank: 4689	26 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2687 content.hotjar.io — Cisco Umbrella Rank: 6398	420 B
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4294	1016 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3361	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2155	20 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4559	22 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3050	4 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2150	21 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2386	1 KB
1	gstatic.com fonts.gstatic.com	39 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	980 B
71	24

	Domain	Requested by
18	nucleus.mksurveys.cloud	2 redirects nucleus.mksurveys.cloud
7	snap.licdn.com	www.googletagmanager.com snap.licdn.com js.hsadspixel.net
4	cognito-identity.eu-central-1.amazonaws.com	client.rum.us-east-1.amazonaws.com
4	www.googletagmanager.com	nucleus.mksurveys.cloud www.googletagmanager.com js.hsadspixel.net
3	px.ads.linkedin.com	3 redirects
3	www.google.fr
3	script.hotjar.com	static.hotjar.com script.hotjar.com nucleus.mksurveys.cloud
2	api.hubspot.com	client.rum.us-east-1.amazonaws.com
2	www.google.com
2	stats.g.doubleclick.net	www.googletagmanager.com client.rum.us-east-1.amazonaws.com
2	connect.facebook.net	nucleus.mksurveys.cloud connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com client.rum.us-east-1.amazonaws.com
2	atis-images.s3.eu-west-3.amazonaws.com	nucleus.mksurveys.cloud
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	forms.hsforms.com
1	track.hubspot.com
1	api.hubapi.com	client.rum.us-east-1.amazonaws.com
1	forms.hscollectedforms.net	client.rum.us-east-1.amazonaws.com
1	www.facebook.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	sts.eu-central-1.amazonaws.com	client.rum.us-east-1.amazonaws.com
1	content.hotjar.io	client.rum.us-east-1.amazonaws.com
1	vc.hotjar.io	client.rum.us-east-1.amazonaws.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	nucleus.mksurveys.cloud
1	static.hotjar.com	nucleus.mksurveys.cloud
1	client.rum.us-east-1.amazonaws.com	nucleus.mksurveys.cloud
71	35

This site contains links to these domains. Also see Links.

Domain
www.mksurveys.com

Subject Issuer	Validity	Valid
www.cloud.recoba3d.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.s3.eu-west-3.amazonaws.com Amazon RSA 2048 M01	`2023-09-25` - `2024-05-28`	8 months	crt.sh
client.rum.us-east-1.amazonaws.com Amazon RSA 2048 M01	`2023-09-14` - `2024-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
cognito-identity.eu-central-1.amazonaws.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
sts.eu-central-1.amazonaws.com Amazon RSA 2048 M01	`2023-03-14` - `2024-03-13`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-08` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://nucleus.mksurveys.cloud/login
Frame ID: FB74899079B420A02175F624A5B6A28D
Requests: 74 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Se connecter - Nucleus

Page URL History Show full URLs

http://nucleus.mksurveys.cloud/ HTTP 302
http://nucleus.mksurveys.cloud/login HTTP 301
https://nucleus.mksurveys.cloud/login Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

97 %
HTTPS

75 %
IPv6

24
Domains

35
Subdomains

32
IPs

5
Countries

2231 kB
Transfer

7651 kB
Size

24
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mksurveys.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nucleus.mksurveys.cloud/ HTTP 302
http://nucleus.mksurveys.cloud/login HTTP 301
https://nucleus.mksurveys.cloud/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2881929&time=1698648890310&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2881929&time=1698648890310&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2881929%26time%3D1698648890310%26url%3Dhttps%253A%252F%252Fnucleus.mksurveys.cloud%252Flogin%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2881929&time=1698648890310&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2881929&time=1698648890310&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ36DHOrW2UiAAAAYt_XR6TbgH6Q97p9sXMVSBFVxq7gllJO_ORh5dawFNzSuv8O_NFaHc

71 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
nucleus.mksurveys.cloud/
Redirect Chain

http://nucleus.mksurveys.cloud/
http://nucleus.mksurveys.cloud/login
https://nucleus.mksurveys.cloud/login

44 KB
14 KB

407ms
373ms

Document
text/html

2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: bd6b1327ff751e8c6495e565bdea284b239d2389a61209e7a8d55038ed87d4ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: max-age=0, must-revalidate, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 30 Oct 2023 06:54:49 GMT
expires: Mon, 30 Oct 2023 06:54:49 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=UTF-8
date: Mon, 30 Oct 2023 06:54:48 GMT
location: https://nucleus.mksurveys.cloud/login
server: Apache
transfer-encoding: chunked
x-iplb-instance: 32678
x-iplb-request-id: 200141D00008D1540000000000000008:E658_200141D0030100000000000000000028:0050_653F5338_12876:15D59

GET
H2 200 googletagmanager.js Show response
nucleus.mksurveys.cloud/js/ 345 B
511 B 19ms
18ms Script
application/javascript 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/js/googletagmanager.js
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 386bdce46897dddaa1c68017475c0a085021d433c3a9fd59f257774d9bd166cd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 288
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 login.css
nucleus.mksurveys.cloud/css/ 249 B
379 B 22ms
20ms Stylesheet
text/css 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/css/login.css?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 2264a7b86b17b33bc20aebff612856a0d4eddf48f0f1f12d64ab43a8aaf1ad4f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 166
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 global.css
nucleus.mksurveys.cloud/css/ 176 KB
25 KB 24ms
23ms Stylesheet
text/css 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/css/global.css?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 295c02961c3ee97c5febd9e00d9b70878ec6092af055230b832746925bae3032

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 25204
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 main.css
nucleus.mksurveys.cloud/css/ 12 KB
3 KB 21ms
19ms Stylesheet
text/css 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/css/main.css?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 0deb838639a8dfa11f2c7e7ec0d0f951da67ef333935738493a375777a872223

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 2774
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 corporate.css
nucleus.mksurveys.cloud/css/ 421 KB
74 KB 36ms
34ms Stylesheet
text/css 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/css/corporate.css?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 71ec585aa7ca5eaf6a61e05d1fc0a882815900cdc0003207d16d4411430488e5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 intlTelInput.css
nucleus.mksurveys.cloud/css/ 25 KB
3 KB 20ms
19ms Stylesheet
text/css 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/css/intlTelInput.css?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 0bfa29220986d3d1d5a95d9471ddafb2fefafa5ce151dd85dd7d346f52eb1e2f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 3155
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 notyf.min.css
nucleus.mksurveys.cloud/notyf/ 5 KB
1 KB 19ms
18ms Stylesheet
text/css 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/notyf/notyf.min.css?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 23092f64d442ff74b6e8ed605b08c120d9ab3d9e3362f3d7e33ffdf0e2961e44

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:15 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 1214
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H/1.1 200
OK fileCompanyBackground.webp
atis-images.s3.eu-west-3.amazonaws.com/companies/01879418mk-surveys/ 89 KB
90 KB 200ms
125ms Image
image/webp 3.5.226.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atis-images.s3.eu-west-3.amazonaws.com/companies/01879418mk-surveys/fileCompanyBackground.webp?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAXZ67CYTTLZQDTSXX%2F20231030%2Feu-west-3%2Fs3%2Faws4_request&X-Amz-Date=20231030T065449Z&X-Amz-SignedHeaders=host&X-Amz-Expires=60&X-Amz-Signature=9efc3add2e7a282222637571ea6ff485bcbc103f95051c2502587c5f4ac7a3e6
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.226.127 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-west-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 694059dd9b3446d334f41282a85303dafde82977cd41251f7c3dfe9a7ee94c9e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 06:54:50 GMT
Last-Modified: Thu, 13 Jul 2023 07:52:17 GMT
Server: AmazonS3
x-amz-request-id: KXKNZ3MCB6547QV9
ETag: "e06495cb34e0f34d4a9e18c00dbbef23"
x-amz-server-side-encryption: AES256
Content-Type: image/webp
Accept-Ranges: bytes
Content-Length: 91376
x-amz-id-2: avajlgGhVQ+0wI9tgJf5z7bvMXZoCuOFYTjOlLSGH+upUNWzddlpyoB8PW30tHFFwkOH3hPRPD/20/B5G7Vmgg==

GET
H/1.1 200
OK fileCompanyLogo.png
atis-images.s3.eu-west-3.amazonaws.com/companies/01879418mk-surveys/ 17 KB
17 KB 171ms
96ms Image
image/png 3.5.226.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atis-images.s3.eu-west-3.amazonaws.com/companies/01879418mk-surveys/fileCompanyLogo.png?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAXZ67CYTTLZQDTSXX%2F20231030%2Feu-west-3%2Fs3%2Faws4_request&X-Amz-Date=20231030T065449Z&X-Amz-SignedHeaders=host&X-Amz-Expires=60&X-Amz-Signature=1e2a50d4300766493f05e5f9e06d927f5e82cc954124465c735e350089dc400e
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.226.127 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-west-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: 21c3de6c7526aecf241aef04ac003e69f72b24595d8aca7346dd82fa0c0bf7a9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 06:54:50 GMT
Last-Modified: Thu, 13 Jul 2023 07:52:18 GMT
Server: AmazonS3
x-amz-request-id: KXKY01HPF9DP0WDW
ETag: "a6d77957c8df1c31db6d638b78fc956a"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 17412
x-amz-id-2: rKddMomlPOv/YYaPYGOwIbhI2WaFV4D2BKAFFz1ekdnuEU+NAgx86xgHJsb03THXBZeCeIS10jl9cfjoow0GAQ==

GET
H2 200 cwr.js Show response
client.rum.us-east-1.amazonaws.com/1.2.1/ 113 KB
29 KB 94ms
25ms Script
text/javascript 108.138.26.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-82.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5911d117ea2edb1fd45ae8b808faf1f4797ad47cea6903af6fcf6939d652c6b7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: .4K5CfpXnO4JYWpB.0XU4z1pqhcxZqEe
content-encoding: br
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
date: Fri, 27 Oct 2023 12:40:31 GMT
last-modified: Thu, 17 Mar 2022 20:19:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 238459
etag: W/"22408e37866ef0d296d8a35f95078b0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=604800
x-amz-cf-id: wd8Io2qPczhwurbOay3B6RHCjSQ-66hcRm_OrMivApyClEprmURfFA==

GET
H2 200 jquery-3.1.1.min.js Show response
nucleus.mksurveys.cloud/viewer_functions/libs/jquery/ 85 KB
30 KB 29ms
26ms Script
application/javascript 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/viewer_functions/libs/jquery/jquery-3.1.1.min.js?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:16 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 30080
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 langSwitch.js Show response
nucleus.mksurveys.cloud/js/ 214 B
402 B 26ms
24ms Script
application/javascript 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/js/langSwitch.js?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 118ce76c660e34928d6cd5e185f6844bf35b317c205db21d01e91fdfbd71f91f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 179
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 swal.js Show response
nucleus.mksurveys.cloud/js/ 40 KB
12 KB 28ms
26ms Script
application/javascript 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/js/swal.js?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 11867
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 data.min.js Show response
nucleus.mksurveys.cloud/js/telInput/ 9 KB
5 KB 27ms
25ms Script
application/javascript 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/js/telInput/data.min.js?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: af78313ee5a490742c1ace0985719fa7f0baf4458432690c8ec0f8620db01e2d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 4804
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 intlTelInput.min.js Show response
nucleus.mksurveys.cloud/js/telInput/ 29 KB
11 KB 27ms
24ms Script
application/javascript 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/js/telInput/intlTelInput.min.js?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: a794fbdb608c14a07c9997bfe3ba81fbc95c85d8cb83a79550db337db2865f9b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 10808
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 utils.js Show response
nucleus.mksurveys.cloud/js/telInput/ 241 KB
55 KB 40ms
38ms Script
application/javascript 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/js/telInput/utils.js?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: bdcdee66eb73eaff67c185ce622c4f82d65cdc893b785259b0207e3e60c8ca9d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 56143
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 app.js Show response
nucleus.mksurveys.cloud/js/ 4 MB
1 MB 30ms
29ms Script
application/javascript 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/js/app.js?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: d6b313996d034c3dfb26aecd70ff6951c3e3fea2cac0a1f157e6e0840ae9322d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 04:57:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
expires: Mon, 30 Oct 2023 07:09:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 241 KB
84 KB 105ms
44ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNKHWJ3

Requested by

Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/js/googletagmanager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea379a380c5ab4875d05afdfa7a654b266b549014e3a4e8fb2ee15a1d9035b14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85290
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Oct 2023 06:54:49 GMT

GET
H2 200 hotjar-2770154.js Show response
static.hotjar.com/c/ 11 KB
5 KB 118ms
52ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2770154.js?sv=6

Requested by

Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

d1940129a613b727f68b3a34762386d6829a894fce2a347eac09afcdd84b770a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 06:54:49 GMT
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/ae776fe9bb25bd5cdaef5937cbec8ebf
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: p2oYlBDtOBtj8rhGRn6PDnHHQ8TXb8W06zMw69jb32UjepT8fwmE2A==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a9f2b53c224167df56389f65859c2ab4ddf17226160ae270577af86b50d2f06

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22ffc6f5721371de14264292b86ead048f6a4b73c61349b404f259a710a4557c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa55bdb7f58a2f52d64a917802a48b0326e891b0521c4239cb2ff011ce9918e8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 179 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e70879489c039c76a7a4b7612b60fe0032015c16933ea49c7537bfc10c0bba8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b5b06bc0fbd4bd7d6ec66c5d2f8c33cfb31e0788cd14b21ed5d8d8ff9f6d710

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 568 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5dea3932d749023c0753ec0639381db334c0a64d681099cf98f88de987b98c8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ 3 KB
980 B 91ms
34ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,600

Requested by

Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/css/corporate.css?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

062652e6b3f1272401d0914e23620d2af63e5fff116c3c1d7dc89c84e70f65e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Oct 2023 06:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 06:54:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Oct 2023 06:54:49 GMT

OPTIONS
H2 200 /
cognito-identity.eu-central-1.amazonaws.com/ 0
0 115ms
29ms Preflight 2a05:d014:57:a302:cad8:1b32:ee1e:cd89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-central-1.amazonaws.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d014:57:a302:cad8:1b32:ee1e:cd89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-target
Access-Control-Request-Method: POST
Origin: https://nucleus.mksurveys.cloud
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Mon, 30 Oct 2023 06:54:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: fbd60d38-9a69-43eb-8a4f-bbfc8357a2c9

POST
H2 200 / Show response
cognito-identity.eu-central-1.amazonaws.com/ 66 B
319 B 39ms
38ms Fetch
application/x-amz-json-1.1 2a05:d014:57:a302:cad8:1b32:ee1e:cd89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-central-1.amazonaws.com/

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d014:57:a302:cad8:1b32:ee1e:cd89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9f4ec1ff65b2920d84296e1d0ab7c52608e066972f4a28c014ea2b798e0dd5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nucleus.mksurveys.cloud/
x-amz-target: AWSCognitoIdentityService.GetId
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Mon, 30 Oct 2023 06:54:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: 10c4ce25-79a5-4e3e-8550-c728deac6d0c
content-length: 66
content-type: application/x-amz-json-1.1

GET
H2 200 modules.132f983e088e46bc619e.js Show response
script.hotjar.com/ 226 KB
55 KB 80ms
25ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.132f983e088e46bc619e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2770154.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

bbeb842bd87163ca006c8603eac9bb9458ea3f05238c9fac398ae75b8c96eea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 232002
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56235
last-modified: Fri, 27 Oct 2023 14:28:06 GMT
etag: "24211094ec33cac8a2dbf78e3d341c4f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: qWfwJuaj7HsnOX-eWdCL-bhCL8yxOpvwC3PtqrVe76dDC_IeEjIINg==

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 89ms
26ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nucleus.mksurveys.cloud
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:24:14 GMT
x-content-type-options: nosniff
age: 304235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:24:14 GMT

GET
H2 200 fa-solid-900.woff2
nucleus.mksurveys.cloud/fonts/ 78 KB
79 KB 26ms
25ms Font
application/octet-stream 2001:41d0:301::28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nucleus.mksurveys.cloud/fonts/fa-solid-900.woff2
Requested by: Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/css/corporate.css?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301::28 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://nucleus.mksurveys.cloud/css/corporate.css?vcacheupdate=0YWWQKB1JRDFP9G4ZX8GKWDQ48
Origin: https://nucleus.mksurveys.cloud
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:49 GMT
last-modified: Wed, 25 Oct 2023 04:57:26 GMT
server: Apache
accept-ranges: bytes
content-length: 80148

POST
H2 200 / Show response
cognito-identity.eu-central-1.amazonaws.com/ 1019 B
1 KB 36ms
36ms Fetch
application/x-amz-json-1.1 2a05:d014:57:a302:cad8:1b32:ee1e:cd89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-central-1.amazonaws.com/

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d014:57:a302:cad8:1b32:ee1e:cd89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0d3d42ae3b5c18bc11efe4ce91003df7f3b62bc941b123695baef078778e90f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nucleus.mksurveys.cloud/
x-amz-target: AWSCognitoIdentityService.GetOpenIdToken
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Mon, 30 Oct 2023 06:54:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: fe33ce8e-a4ab-493a-91b9-7d86c3008c6a
content-length: 1019
content-type: application/x-amz-json-1.1

OPTIONS
H2 200 /
cognito-identity.eu-central-1.amazonaws.com/ 0
0 29ms
28ms Preflight 2a05:d014:57:a302:cad8:1b32:ee1e:cd89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-central-1.amazonaws.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d014:57:a302:cad8:1b32:ee1e:cd89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-target
Access-Control-Request-Method: POST
Origin: https://nucleus.mksurveys.cloud
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Mon, 30 Oct 2023 06:54:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: ee4e0c0e-e79f-4a9b-8b84-153427083e33

GET
H2 204 2770154 Show response
vc.hotjar.io/sessions/ 0
259 B 171ms
54ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2770154?s=0.25&r=0.036768865731085176
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: Y_4FBIfUTn7L5y174G5dwC06tJUBlYSZlS0EO8f9AxR9BxpR4DXj5g==

GET
H2 200 preact-incoming-feedback.7892e08be8490d843447.js Show response
script.hotjar.com/ 200 KB
43 KB 25ms
25ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/preact-incoming-feedback.7892e08be8490d843447.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.132f983e088e46bc619e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

f987505ff37caf2fa7295f1e999983720bb36087bbd06307b55f177ad3f0eda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 13:47:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 320862
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43800
last-modified: Thu, 26 Oct 2023 13:46:36 GMT
etag: "be24e8912678873c3d3436d17a9ac718"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: QUl83YcqrjVxZoV2ILZgfxWAy0ZsGRGWv0dmlOy13mSFDTJ0GagxQg==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 148ms
58ms XHR
application/json 99.81.165.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 99.81.165.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-165-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8dbd9d7e0a640e2fba3f2b5bc73afba893273a94c2eda5a8ff1d1a576ca2b6fd

Request headers

Referer: https://nucleus.mksurveys.cloud/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 30 Oct 2023 06:54:50 GMT
content-length: 56
vary: Origin
content-type: application/json

POST
H/1.1 200
OK / Show response
sts.eu-central-1.amazonaws.com/ 2 KB
2 KB 127ms
41ms Fetch
text/xml 54.239.54.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sts.eu-central-1.amazonaws.com/
Requested by: Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.54.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: sts.eu-central-1.amazonaws.com
Software: /
Resource Hash: 9c52f4df4f3ee2b3dcb6295bd6a45060091692194ef5ec287dbeb99fc8a8e662

Request headers

Referer: https://nucleus.mksurveys.cloud/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Mon, 30 Oct 2023 06:54:49 GMT
x-amzn-RequestId: a0189b89-91d6-41fe-b65e-8545391be3f9
Content-Length: 2087
Content-Type: text/xml

GET
H2 200 font-hotjar_5.65042d.woff2
script.hotjar.com/ 2 KB
3 KB 67ms
23ms Font
font/woff2 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/font-hotjar_5.65042d.woff2

Requested by

Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nucleus.mksurveys.cloud/
Origin: https://nucleus.mksurveys.cloud
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 23:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 5036730
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 01 Sep 2023 09:38:54 GMT
etag: "c9fb9163f8b7be37023ebe649688bebf"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-robots-tag: none
x-amz-cf-id: d7ujxFoOOG495wU46gAJ61ilMlWqhqUo36yDYORNY2X51n8lLjDvAw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KH69SJL9FE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNKHWJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6096f1f741587e1ba799fd40aea371d550c657944abb23d08d8bf314236e2fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90073
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 06:54:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 83ms
25ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNKHWJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 05:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3908
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 30 Oct 2023 07:49:42 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 100ms
23ms Script
application/javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNKHWJ3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

51f361716f7032e7456f1032326fdc3881a9462a0e8539ee3b02ad3f8316e0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 07:29:34 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=71028
accept-ranges: bytes
content-length: 3855

GET
H2 200 9158782.js Show response
js.hs-scripts.com/ 2 KB
1 KB 193ms
152ms Script
application/javascript 2606:4700::6810:be59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/9158782.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNKHWJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:be59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47fb328397bba609d226be8997fdf99877b108b6ff7ddcd1874e1288553b60c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: db30950f-f0f6-4999-8557-952d02b1e56c
x-envoy-upstream-service-time: 30
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: db30950f-f0f6-4999-8557-952d02b1e56c
last-modified: Mon, 30 Oct 2023 06:22:37 GMT
server: cloudflare
x-trace: 2B9DF7D990BEEEF4067BA071CF2C53C1F7F57AB0E6000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://nucleus.mksurveys.cloud
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-rmgdk
cf-ray: 81e1bfcbbbc00272-CDG
expires: Mon, 30 Oct 2023 06:55:50 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 69ms
23ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: nucleus.mksurveys.cloud
URL: https://nucleus.mksurveys.cloud/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da88b5aaa98c29a87e083a9edc66b83263a994d39634d80696eaf0532485c142

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 30 Oct 2023 06:54:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54253
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: S/P/XM4k2Li+AhrgegX4csy3InraYaXYgUFhG+5ZarstE2KPXzcf18Fp/KHWW9ybWHEcYTr9nAMxql4GIWy80Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 65ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KH69SJL9FE&gtm=45je3ap0v9131541153z8831901413&_p=552591089&_gaz=1&gcd=11l1l1l1l1&cid=1614963686.1698648890&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698648890&sct=1&seg=0&dl=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&dt=Se%20connecter%20-%20Nucleus&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KH69SJL9FE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 06:54:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nucleus.mksurveys.cloud
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 81ms
34ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KH69SJL9FE&cid=1614963686.1698648890&gtm=45je3ap0v9131541153z8831901413&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KH69SJL9FE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 06:54:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nucleus.mksurveys.cloud
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
408 B 93ms
36ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KH69SJL9FE&cid=1614963686.1698648890&gtm=45je3ap0v9131541153z8831901413&aip=1&z=690918099

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 06:54:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 23ms
22ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=41270
accept-ranges: bytes
content-length: 3272

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 22ms
22ms Script
application/javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNKHWJ3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

51f361716f7032e7456f1032326fdc3881a9462a0e8539ee3b02ad3f8316e0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 07:29:34 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=71028
accept-ranges: bytes
content-length: 3855

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 32ms
31ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=552591089&t=pageview&_s=1&dl=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&ul=en-us&de=UTF-8&dt=Se%20connecter%20-%20Nucleus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAAI~&jid=2096307352&gjid=838213409&cid=1614963686.1698648890&tid=UA-56303849-6&_gid=1605746344.1698648890&_r=1&_slc=1&gtm=45He3ap0n81PNKHWJ3v831901413&gcd=11l1l1l1l1&z=101347565

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nucleus.mksurveys.cloud/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 06:54:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nucleus.mksurveys.cloud
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 648340069673983 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 95ms
94ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/648340069673983?v=2.9.136&r=stable&domain=nucleus.mksurveys.cloud

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18f4a20d4526a9260823421cbc85dffc636b383df1fb960e5b28a02cd95a6daa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 30 Oct 2023 06:54:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 1Hg1cZPvlJXO9F35AzgwGQVUjgNYTvl4xJn9b0UmyNRfzFGozbl45NxILMuncdTle7WF2GWM39LYsSHPjFv7qg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 22ms
22ms Script
application/javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNKHWJ3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

51f361716f7032e7456f1032326fdc3881a9462a0e8539ee3b02ad3f8316e0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 07:29:34 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=71028
accept-ranges: bytes
content-length: 3855

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 27ms
26ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-56303849-6&cid=1614963686.1698648890&jid=2096307352&gjid=838213409&_gid=1605746344.1698648890&_u=YCDACAAABAAAACAAI~&z=1137255453

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nucleus.mksurveys.cloud/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Oct 2023 06:54:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nucleus.mksurveys.cloud
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 22ms
22ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=41270
accept-ranges: bytes
content-length: 3272

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2881929&time=1698648890310&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2881929&time=1698648890310&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&tm=gtmv2&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2881929%26time%3D1698648890310%26url%3Dhttps%253A%252F%252Fnucleus.mksurveys.clou...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2881929&time=1698648890310&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&tm=gtmv2&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2881929&time=1698648890310&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ36DHOrW2UiAAAAYt_XR6...

0
266 B

250ms
188ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2881929&time=1698648890310&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ36DHOrW2UiAAAAYt_XR6TbgH6Q97p9sXMVSBFVxq7gllJO_ORh5dawFNzSuv8O_NFaHc
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:51 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 1890C04C480240ED80F5160418ED95ED Ref B: PAR02EDGE0712 Ref C: 2023-10-30T06:54:51Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYI6YPDKTz9ahep7WJr5Q==

Redirect headers

date: Mon, 30 Oct 2023 06:54:50 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4C2BD23D8B374EF88B8D8571022E0A11 Ref B: PAR02EDGE0822 Ref C: 2023-10-30T06:54:50Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2881929&time=1698648890310&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ36DHOrW2UiAAAAYt_XR6TbgH6Q97p9sXMVSBFVxq7gllJO_ORh5dawFNzSuv8O_NFaHc
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYI6YO/Jv6ckK4f/zsx2A==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 93ms
36ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56303849-6&cid=1614963686.1698648890&jid=2096307352&_u=YCDACAAABAAAACAAI~&z=1474075467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 06:54:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
107 B 35ms
35ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56303849-6&cid=1614963686.1698648890&jid=2096307352&_u=YCDACAAABAAAACAAI~&z=1474075467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 06:54:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9158782.js Show response
js.hs-analytics.net/analytics/1698648600000/ 66 KB
21 KB 185ms
137ms Script
text/javascript 2606:4700::6810:4cba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1698648600000/9158782.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9158782.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d22a75c42ddb8e62b7b6f3c6a44ae1e114102d4e354a9e9cf6efcc5b2ad91152

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 3ZT6GW2CE0283QB1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 41733c89-f5af-485d-91d3-6947541903a9
x-envoy-upstream-service-time: 16
x-amz-id-2: uBDBqMj+aunwfcV8LBHbPI8a50707fgareG7JNXkVKeIAv5UL6bfOUkxc7LORJnPClhMNq9t+FY=
x-evy-trace-listener: listener_https
x-request-id: 41733c89-f5af-485d-91d3-6947541903a9
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 12 Oct 2023 15:21:51 GMT
server: cloudflare
etag: W/"31a13cfbeaa12d5a4213d6b61aa4f4b9"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-fc6l5
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 81e1bfccfafb2a2f-CDG
expires: Mon, 30 Oct 2023 06:59:50 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 158ms
111ms Script
application/javascript 2606:4700::6811:579a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9158782.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nucleus.mksurveys.cloud/
Origin: https://nucleus.mksurveys.cloud
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
x-amz-version-id: XYPPFvciWFKtpS2hNgrEqmNT6fxOdL.H
via: 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 06a7a7cf-1501-447c-a3c3-660db80b1b6d
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.433/bundles/project.js&cfRay=81e1bfccff8b04aa-CDG
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 06a7a7cf-1501-447c-a3c3-660db80b1b6d
last-modified: Mon, 23 Oct 2023 13:11:34 UTC
server: cloudflare
etag: W/"7864f8fd485be672e98358eb894b6fd7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-95l7k
cf-ray: 81e1bfccff8b04aa-CDG
x-amz-cf-id: GFGNUef_LmnL9Q2ZRTHJCQVDVh9KEay1T2uwfMNX3lfBSnS9V4GdEw==
x-hs-target-asset: collected-forms-embed-js/static-1.433/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 87ms
33ms Script
application/javascript 2606:4700::6811:e7a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9158782.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e7a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
x-amz-version-id: MNLx4JOx3WSJAJIp0HalotEMdYQEQdMj
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 21
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.494/bundles/pixels-release.js&cfRay=81e1bf477b972155-CDG
x-cache: Hit from cloudfront
x-hubspot-correlation-id: e265181b-e54d-40d6-94dc-8908218f9977
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e265181b-e54d-40d6-94dc-8908218f9977
last-modified: Fri, 27 Oct 2023 13:56:49 UTC
server: cloudflare
etag: W/"14edbc97b72939e54b0993394190ecf8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-hjsqm
cf-ray: 81e1bfcd0f6a046f-CDG
x-amz-cf-id: jvtwyHJAJ7N5PqpCRcRjDl0s97BygaguTi0OVCOJE7glK_L7JmD3gg==
x-hs-target-asset: adsscriptloaderstatic/static-1.494/bundles/pixels-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 76 KB
22 KB 72ms
31ms Script
application/javascript 2606:4700::6811:f7a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9158782.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f7a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59061bfea8cb25760655edd632b4db1640971e0d8adcbb85d58281bcd8dcef80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
x-amz-version-id: P3UjmYWDsxU3DI_5Le9ND89cu0lcgqcQ
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 549
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14591/bundles/project.js&cfRay=81e1b2633a85029a-CDG
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 0f1e6950-654e-4380-a9b5-c195303b000e
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0f1e6950-654e-4380-a9b5-c195303b000e
last-modified: Wed, 25 Oct 2023 13:43:50 UTC
server: cloudflare
etag: W/"16556ccd059e43aa7684273516dbce3a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-bnhh6
cf-ray: 81e1bfccfa75d642-CDG
x-amz-cf-id: XxqB1a0s7uvOdyuGHKgJmmWMcyqMtCTNg86oZ2jAZ5xz1HGIdCasog==
x-hs-target-asset: conversations-embed/static-1.14591/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/9158782/ 65 KB
20 KB 174ms
133ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/9158782/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9158782.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f5174192fe5fbf3ea9107e55f30ee33830cb94ab9519a5755d5b45af2befc1b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
x-amz-version-id: ErJccGJxew8ulI0OvOZ6JW32Q7ppdVpS
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: B1C5CRRPEXHPPFGS
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1a31482a-9d3f-417a-8909-adb9de431b1a
x-envoy-upstream-service-time: 53
x-amz-id-2: pXrF86z56LdJO4Ws2ifYQVe0Xdya6NCW/x29Wygn26D3y53/robxEbsut0n3nUJQD76EyzCvydk=
x-evy-trace-listener: listener_https
x-request-id: 1a31482a-9d3f-417a-8909-adb9de431b1a
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 18 Oct 2023 17:35:40 GMT
server: cloudflare
etag: W/"51cfc878f2c468483d12053f3ab2905e"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://webapp.atis.cloud
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-fc6l5
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 81e1bfccf92201f5-CDG
expires: Mon, 30 Oct 2023 06:59:50 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 68ms
22ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=648340069673983&ev=PageView&dl=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&rl=&if=false&ts=1698648890398&sw=1600&sh=1200&v=2.9.136&r=stable&ec=0&o=4126&fbp=fb.1.1698648890397.1472185231&ler=empty&it=1698648890281&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Oct 2023 06:54:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ 0
0 181ms
124ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=9158782&conversations-embed=static-1.14591&mobile=false&messagesUtk=52cc064fa1a14dd0b40531c21d317ea9&traceId=52cc064fa1a14dd0b40531c21d317ea9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://nucleus.mksurveys.cloud
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://nucleus.mksurveys.cloud
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 81e1bfcd99fd0265-CDG
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 30 Oct 2023 06:54:50 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZh1nYOO9k%2F9NvEMc%2FZ6K7BwazKzBxj%2FlNeQPHWvFkaOZKGGDLihMOW%2FZWgO2PLnno1Fn1GKIkxk%2B2ftrO9OaSQ3WGQXf8GqQGXzTuC8ocwtbugtm%2Fl%2BJz0vqxlcpOBsOf8bGUBEaD5gYcsmfw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-wmpbb
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: f560a615-4ac4-415e-ae69-24a75d109f32
x-request-id: f560a615-4ac4-415e-ae69-24a75d109f32
x-trace: 2BDB69C701561C3C281A518F3035DF75C29FDD0D0D000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 271 B
923 B 138ms
137ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c829466a53493835a2837795882c632607bef1cdf69f071750c9302f360e4f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nucleus.mksurveys.cloud/
accept-language: fr-FR,fr;q=0.9
X-HubSpot-Messages-Uri: https://nucleus.mksurveys.cloud/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 34bcbdd9-245b-4066-999a-b7e259ca6eca
x-envoy-upstream-service-time: 14
content-length: 217
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 34bcbdd9-245b-4066-999a-b7e259ca6eca
server: cloudflare
x-trace: 2B1FFCD55046CF09387010454539A09798DD0C45F6000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://nucleus.mksurveys.cloud
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-wts5f
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzoMAoNttzvIPrFxEgZjbEj50gsKHlSQPZwuWz23SA2olMTKo7yfUVzEaBYxpxrncTLSkfDeyoGOAmB2Jb%2FCSYgwzZK4yK%2FaZs2tH4%2FOSw1KRZAdmt4pElrtT6KGLuFEFJt%2BHJqE8T75nA0hiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 81e1bfce6aa60265-CDG
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
440 B 137ms
122ms XHR
application/json 2606:4700::6811:579a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=9158782&utk=

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b18211192e1bf2ddb67b9e9f717a466f7f85f24f338b202c84b6d196b35583c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://nucleus.mksurveys.cloud/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a8c561c8-3c07-4db5-b4ad-a9d27897bace
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a8c561c8-3c07-4db5-b4ad-a9d27897bace
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://nucleus.mksurveys.cloud
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-hgw6b
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 81e1bfcde87f04aa-CDG

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 180 B
1 KB 194ms
144ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=9158782

Requested by

Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.2.1/cwr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

776fd12ec24e70973f28b481e07cfc31fc10498467e6ac13d6fc4929ddf27597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 19a70f8b-beae-48a7-8b1b-3306db6b21cc
content-encoding: br
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 19a70f8b-beae-48a7-8b1b-3306db6b21cc
server: cloudflare
x-trace: 2B7E186EC3DFCF563C9B9098F08B20511050EEB327000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://nucleus.mksurveys.cloud
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-vzn6l
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GCne0sr%2For%2FGxcDiDRxfoaXYm0LwUYsi2wlrDW9J1kII79SGaDNbc619PZDPS9WWhWyVC6ROP%2Bjf1Hdt24jFqVlTo0659HgazyfVEQOkzypfFl63D98A%2BdXKk3kykiaw5nUWTy7rXz2eFNr"}],"group":"cf-nel","max_age":604800}
cf-ray: 81e1bfce2b9d99f7-CDG
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 169ms
122ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=699552306&v=1.1&a=9158782&pu=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&t=Se+connecter+-+Nucleus&cts=1698648890539&vi=219eba368f0ec1ca11313424acfe7db1&nc=true&u=224338116.219eba368f0ec1ca11313424acfe7db1.1698648890536.1698648890536.1698648890536.1&b=224338116.1.1698648890536&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f8280182-10ce-44a4-b456-35dacc8a240e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f8280182-10ce-44a4-b456-35dacc8a240e
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npaV61fBtKqA0Rvqi%2Brx%2B%2F%2B5IBzQenxJbN%2F40cbGudnuqGL7RzxFHZ0SUdOoSZgaC4ViW4QmA4vIvSzmostjRdSafN0GurisUZ6JbnuBfUjVufU4o9Dz5MQsL6FzdeyD5jklThebbXuxqNaJdaCW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-674b9fb979-nmm4s
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 81e1bfce3a3199ba-CDG
x-robots-tag: none

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1016 B 387ms
348ms Image
image/gif 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 06:54:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 2ab1a521-644b-42d1-a025-24c7db6c524d
x-envoy-upstream-service-time: 11
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2ab1a521-644b-42d1-a025-24c7db6c524d
Server: cloudflare
X-Trace: 2BE7191BD41610591D75F2679FD8F4159B527C8DF3000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-48whc
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 81e1bfceffdb22af-CDG

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-673673099

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1192557509b35709c127d929f53b7c6cd0d34b5613cb19866ccb547f988bda49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73627
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Oct 2023 06:54:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
72 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-673673099&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNKHWJ3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4b474876807a495930a13ec804eca90efd4a8951148ef2068416dacd5043ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73770
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Oct 2023 06:54:50 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 23ms
22ms Script
application/javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

51f361716f7032e7456f1032326fdc3881a9462a0e8539ee3b02ad3f8316e0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 07:29:34 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=71028
accept-ranges: bytes
content-length: 3855

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 28ms
27ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=41270
accept-ranges: bytes
content-length: 3272

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/673673099/ 3 KB
2 KB 98ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/673673099/?random=1698648890844&cv=11&fst=1698648890844&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9114982850&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Se%20connecter%20-%20Nucleus&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=965573331.1698648891&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-673673099

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ff0ec233b04cffedd31abb316ba3e22642c08f7b671b1fae7e11fd1db6bfb35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 06:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/673673099/ 42 B
154 B 38ms
37ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/673673099/?random=1698648890844&cv=11&fst=1698645600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9114982850&u_w=1600&u_h=1200&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&frm=0&tiba=Se%20connecter%20-%20Nucleus&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1287498749&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 06:54:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/673673099/ 42 B
154 B 36ms
35ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/673673099/?random=1698648890844&cv=11&fst=1698645600000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9114982850&u_w=1600&u_h=1200&url=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&frm=0&tiba=Se%20connecter%20-%20Nucleus&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1287498749&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://nucleus.mksurveys.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 06:54:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
region1.analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KH69SJL9FE&gtm=45je3ap0v9131541153&_p=552591089&gcd=11l1l1l1l1&cid=1614963686.1698648890&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1698648890&sct=1&seg=0&dl=https%3A%2F%2Fnucleus.mksurveys.cloud%2Flogin&dt=Se%20connecter%20-%20Nucleus&en=scroll&epn.percent_scrolled=90&_et=7

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nucleus.mksurveys.cloud/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7c4e09cf05f9c2ef7510213d82977633
.nucleus.mksurveys.cloud/	1970-01-20 16:34:00	Name: cwr_u Value:
.mksurveys.cloud/	1970-01-20 15:50:50	Name: _hjFirstSeen Value: 1
.mksurveys.cloud/	1970-01-20 15:50:49	Name: _hjIncludedInSessionSample_2770154 Value: 1
.mksurveys.cloud/	1970-01-20 15:50:50	Name: _hjSession_2770154 Value: eyJpZCI6IjA2NDA1MGQ0LWFiYmItNDg3MC04Mzk3LTM0ODFiOWE4ZmEzMiIsImNyZWF0ZWQiOjE2OTg2NDg4ODk5NDAsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjp0cnVlfQ==
.mksurveys.cloud/	1970-01-21 00:36:24	Name: _hjSessionUser_2770154 Value: eyJpZCI6Ijk5OGYwN2E2LWExMDYtNTFiMS1iOTYzLWYxMGExZWNmMTFiZiIsImNyZWF0ZWQiOjE2OTg2NDg4ODk5MzksImV4aXN0aW5nIjp0cnVlfQ==
.mksurveys.cloud/	1970-01-20 15:50:50	Name: _hjAbsoluteSessionInProgress Value: 1
.mksurveys.cloud/	1970-01-21 01:26:48	Name: _ga Value: GA1.1.1614963686.1698648890
.mksurveys.cloud/	1970-01-21 01:26:48	Name: _ga_KH69SJL9FE Value: GS1.1.1698648890.1.0.1698648890.60.0.0
.mksurveys.cloud/	1970-01-20 18:00:24	Name: _fbp Value: fb.1.1698648890397.1472185231
nucleus.mksurveys.cloud/	1970-01-20 20:10:00	Name: __hstc Value: 224338116.219eba368f0ec1ca11313424acfe7db1.1698648890536.1698648890536.1698648890536.1
nucleus.mksurveys.cloud/	1970-01-20 20:10:00	Name: hubspotutk Value: 219eba368f0ec1ca11313424acfe7db1
nucleus.mksurveys.cloud/	1969-12-31 23:59:59	Name: __hssrc Value: 1
nucleus.mksurveys.cloud/	1970-01-20 15:50:50	Name: __hssc Value: 224338116.1.1698648890536
.linkedin.com/	1970-01-20 18:00:24	Name: li_sugr Value: 49891cd8-ed8b-497e-8f9a-632c3f1e3faa
.linkedin.com/	1970-01-21 00:36:24	Name: bcookie Value: "v=2&a01606fc-c9ce-468f-852a-c1873f31c857"
.linkedin.com/	1970-01-20 15:52:15	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2625:u=1:x=1:i=1698648890:t=1698735290:v=2:sig=AQEuDeTzZL8fviKPycl5zT2wjRVylEhp"
.hubspot.com/	1970-01-20 15:50:50	Name: __cf_bm Value: 5DQTZ1C_7QHX3u72eVo9X.SksiwYvXjwzee3bVsd7zk-1698648890-0-AVm5FEn2b8Tg7w5jonUK79z/J8WxBbcUTvR0DfC3SJcdFC3yWHU+DnjbkFJMkGeRNVuw/r2SxmKjqvhWBg7oZu0=
.linkedin.com/	1970-01-20 16:34:00	Name: UserMatchHistory Value: AQK0horycehO4QAAAYt_XR0IfskfhhNTLu11Aj-XvbYvuJJ2XG4m54IJlSr730OOl2gzMvpA9DwyoA
.linkedin.com/	1970-01-20 16:34:00	Name: AnalyticsSyncHistory Value: AQJOe7UhhNBMhgAAAYt_XR0IUGwNAVmKSBqPbAr-uOu5tXLlTxBSa3Qgs_P4jR-iMLfCEX2UNtxn0LI_EGeiqQ
.mksurveys.cloud/	1970-01-20 18:00:24	Name: _gcl_au Value: 1.1.965573331.1698648891
.www.linkedin.com/	1970-01-21 00:36:24	Name: bscookie Value: "v=1&2023103006545005c3ee86-c9a6-4dec-8613-dc8e515ea31cAQHs-jzA1EKjumakiFqeIXFXoEAhfB3X"
.linkedin.com/	1970-01-20 20:10:00	Name: li_gc Value: MTswOzE2OTg2NDg4OTA7MjswMjHRRI2XVklb0SwZygvx1YFGvzIc5fS/IZwCMlfZj70vSA==
.doubleclick.net/	1970-01-20 15:50:49	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
atis-images.s3.eu-west-3.amazonaws.com
client.rum.us-east-1.amazonaws.com
cognito-identity.eu-central-1.amazonaws.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.usemessages.com
nucleus.mksurveys.cloud
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
sts.eu-central-1.amazonaws.com
track.hubspot.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.linkedin.com
region1.analytics.google.com
108.138.26.82
13.107.42.14
13.32.27.21
18.66.112.110
18.66.97.37
2001:41d0:301::28
2001:4860:4802:32::36
2606:4700:4400::6812:22e5
2606:4700::6810:4cba
2606:4700::6810:be59
2606:4700::6811:579a
2606:4700::6811:cacc
2606:4700::6811:e7a3
2606:4700::6811:f7a8
2606:4700::6812:c07d
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9c
2a02:26f0:480:f::213:7ec6
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d014:57:a302:cad8:1b32:ee1e:cd89
3.5.226.127
54.239.54.197
99.81.165.243
062652e6b3f1272401d0914e23620d2af63e5fff116c3c1d7dc89c84e70f65e3
0a9f2b53c224167df56389f65859c2ab4ddf17226160ae270577af86b50d2f06
0b5b06bc0fbd4bd7d6ec66c5d2f8c33cfb31e0788cd14b21ed5d8d8ff9f6d710
0bfa29220986d3d1d5a95d9471ddafb2fefafa5ce151dd85dd7d346f52eb1e2f
0d3d42ae3b5c18bc11efe4ce91003df7f3b62bc941b123695baef078778e90f1
0deb838639a8dfa11f2c7e7ec0d0f951da67ef333935738493a375777a872223
118ce76c660e34928d6cd5e185f6844bf35b317c205db21d01e91fdfbd71f91f
1192557509b35709c127d929f53b7c6cd0d34b5613cb19866ccb547f988bda49
18f4a20d4526a9260823421cbc85dffc636b383df1fb960e5b28a02cd95a6daa
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492
2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4
21c3de6c7526aecf241aef04ac003e69f72b24595d8aca7346dd82fa0c0bf7a9
2264a7b86b17b33bc20aebff612856a0d4eddf48f0f1f12d64ab43a8aaf1ad4f
22ffc6f5721371de14264292b86ead048f6a4b73c61349b404f259a710a4557c
23092f64d442ff74b6e8ed605b08c120d9ab3d9e3362f3d7e33ffdf0e2961e44
295c02961c3ee97c5febd9e00d9b70878ec6092af055230b832746925bae3032
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2ff0ec233b04cffedd31abb316ba3e22642c08f7b671b1fae7e11fd1db6bfb35
386bdce46897dddaa1c68017475c0a085021d433c3a9fd59f257774d9bd166cd
47fb328397bba609d226be8997fdf99877b108b6ff7ddcd1874e1288553b60c0
51f361716f7032e7456f1032326fdc3881a9462a0e8539ee3b02ad3f8316e0c5
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
59061bfea8cb25760655edd632b4db1640971e0d8adcbb85d58281bcd8dcef80
5911d117ea2edb1fd45ae8b808faf1f4797ad47cea6903af6fcf6939d652c6b7
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
6096f1f741587e1ba799fd40aea371d550c657944abb23d08d8bf314236e2fc2
694059dd9b3446d334f41282a85303dafde82977cd41251f7c3dfe9a7ee94c9e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b18211192e1bf2ddb67b9e9f717a466f7f85f24f338b202c84b6d196b35583c
71ec585aa7ca5eaf6a61e05d1fc0a882815900cdc0003207d16d4411430488e5
776fd12ec24e70973f28b481e07cfc31fc10498467e6ac13d6fc4929ddf27597
7f5174192fe5fbf3ea9107e55f30ee33830cb94ab9519a5755d5b45af2befc1b
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8dbd9d7e0a640e2fba3f2b5bc73afba893273a94c2eda5a8ff1d1a576ca2b6fd
8e70879489c039c76a7a4b7612b60fe0032015c16933ea49c7537bfc10c0bba8
9c52f4df4f3ee2b3dcb6295bd6a45060091692194ef5ec287dbeb99fc8a8e662
9f4ec1ff65b2920d84296e1d0ab7c52608e066972f4a28c014ea2b798e0dd5c4
a794fbdb608c14a07c9997bfe3ba81fbc95c85d8cb83a79550db337db2865f9b
aa55bdb7f58a2f52d64a917802a48b0326e891b0521c4239cb2ff011ce9918e8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af78313ee5a490742c1ace0985719fa7f0baf4458432690c8ec0f8620db01e2d
b5dea3932d749023c0753ec0639381db334c0a64d681099cf98f88de987b98c8
bbeb842bd87163ca006c8603eac9bb9458ea3f05238c9fac398ae75b8c96eea3
bd6b1327ff751e8c6495e565bdea284b239d2389a61209e7a8d55038ed87d4ce
bdcdee66eb73eaff67c185ce622c4f82d65cdc893b785259b0207e3e60c8ca9d
c829466a53493835a2837795882c632607bef1cdf69f071750c9302f360e4f52
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d1940129a613b727f68b3a34762386d6829a894fce2a347eac09afcdd84b770a
d22a75c42ddb8e62b7b6f3c6a44ae1e114102d4e354a9e9cf6efcc5b2ad91152
d4b474876807a495930a13ec804eca90efd4a8951148ef2068416dacd5043ec1
d6b313996d034c3dfb26aecd70ff6951c3e3fea2cac0a1f157e6e0840ae9322d
da88b5aaa98c29a87e083a9edc66b83263a994d39634d80696eaf0532485c142
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea379a380c5ab4875d05afdfa7a654b266b549014e3a4e8fb2ee15a1d9035b14
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f987505ff37caf2fa7295f1e999983720bb36087bbd06307b55f177ad3f0eda0
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da

nucleus.mksurveys.cloud Open in urlscan Pro 2001:41d0:301::28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

97 %HTTPS

75 %IPv6

24 Domains

35 Subdomains

32 IPs

5 Countries

2231 kBTransfer

7651 kBSize

24 Cookies

1 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nucleus.mksurveys.cloud Open in urlscan Pro
2001:41d0:301::28 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

97 %
HTTPS

75 %
IPv6

24
Domains

35
Subdomains

32
IPs

5
Countries

2231 kB
Transfer

7651 kB
Size

24
Cookies

71 HTTP transactions
6 data transactions