Submitted URL: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html#file.html?cbbbbcccwBcYcwWFWcdcTzdmc3xRQckzFcbbbbc
Effective URL: https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal...
Submission: On March 26 via manual from CA — Scanned from CA

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 44 HTTP transactions. The main IP is 103.140.249.50, located in Viet Nam and belongs to HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN. The main domain is lineper.com.
TLS certificate: Issued by R3 on March 10th 2022. Valid for: 3 months.
This is the only time lineper.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 188.225.80.67 9123 (TIMEWEB-AS)
1 162.252.57.152 47869 (NETROUTIN...)
1 1 103.140.249.49 24088 (HTCHCMC-A...)
9 103.140.249.50 24088 (HTCHCMC-A...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
24 2600:9000:212... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
44 7
Apex Domain
Subdomains
Transfer
24 cloudfront.net
d3e1y4kxkqljcb.cloudfront.net
498 KB
9 lineper.com
lineper.com
23 KB
5 gstatic.com
fonts.gstatic.com
86 KB
4 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 425
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 588
33 KB
1 lpstrk.com
lpstrk.com — Cisco Umbrella Rank: 429324
1 KB
1 mikewillserverhosting.com
mikewillserverhosting.com
462 B
1 diagnosebus.com
ddydhshshdhdhdhdh.diagnosebus.com
260 B
44 8
Domain Requested by
24 d3e1y4kxkqljcb.cloudfront.net lineper.com
9 lineper.com mikewillserverhosting.com
lineper.com
code.jquery.com
5 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com lineper.com
1 code.jquery.com lineper.com
1 lpstrk.com 1 redirects
1 mikewillserverhosting.com storage.googleapis.com
1 ddydhshshdhdhdhdh.diagnosebus.com 1 redirects
1 storage.googleapis.com
44 9

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
mikewillserverhosting.com
Sectigo RSA Domain Validation Secure Server CA
2021-04-05 -
2022-04-23
a year crt.sh
lineper.com
R3
2022-03-10 -
2022-06-08
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
Frame ID: 134FAE4FF3A06456D055AEF97D97331F
Requests: 44 HTTP requests in this frame

Screenshot

Page Title

Reward Survey - We Want Your Opinion!

Page URL History Show full URLs

  1. https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html Page URL
  2. http://ddydhshshdhdhdhdh.diagnosebus.com/anchorfile.html?cbbbbcccwBcYcwWFWcdcTzdmc3xRQckzFcbbbbc HTTP 302
    https://mikewillserverhosting.com/17613face17d3962000/2_20002_2521944/2412_2474262_3425595_61/1 Page URL
  3. https://lpstrk.com/d04dgugnsbnr7h0ttssr&externalid=1252154420&agentid=690052&target=cp HTTP 302
    https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

7
IPs

4
Countries

644 kB
Transfer

768 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html Page URL
  2. http://ddydhshshdhdhdhdh.diagnosebus.com/anchorfile.html?cbbbbcccwBcYcwWFWcdcTzdmc3xRQckzFcbbbbc HTTP 302
    https://mikewillserverhosting.com/17613face17d3962000/2_20002_2521944/2412_2474262_3425595_61/1 Page URL
  3. https://lpstrk.com/d04dgugnsbnr7h0ttssr&externalid=1252154420&agentid=690052&target=cp HTTP 302
    https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://ddydhshshdhdhdhdh.diagnosebus.com/anchorfile.html?cbbbbcccwBcYcwWFWcdcTzdmc3xRQckzFcbbbbc HTTP 302
  • https://mikewillserverhosting.com/17613face17d3962000/2_20002_2521944/2412_2474262_3425595_61/1

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
aemmfcylvxeo.html
storage.googleapis.com/hqyoqzatqthj/
204 B
780 B
Document
General
Full URL
https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

x-guploader-uploadid
ADPycdshK6P4TnZf6ZwAQPQzeaMuaE5flv7etzdV4djF6zKWMfVgJJY2v5UTIQ7PJMEIRbPUdZxcD7JVyxrq2nj6FQ
x-goog-generation
1642342808425745
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
204
x-goog-hash
crc32c=YAr8xQ== md5=E+b+Rm1UdYuE1s3UOszGVg==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
204
server
UploadServer
date
Sat, 26 Mar 2022 05:24:49 GMT
expires
Sat, 26 Mar 2022 06:24:49 GMT
cache-control
public, max-age=3600
age
501
last-modified
Sun, 16 Jan 2022 14:20:08 GMT
etag
"13e6fe466d54758b84d6cdd43accc656"
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1
mikewillserverhosting.com/17613face17d3962000/2_20002_2521944/2412_2474262_3425595_61/
Redirect Chain
  • http://ddydhshshdhdhdhdh.diagnosebus.com/anchorfile.html?cbbbbcccwBcYcwWFWcdcTzdmc3xRQckzFcbbbbc
  • https://mikewillserverhosting.com/17613face17d3962000/2_20002_2521944/2412_2474262_3425595_61/1
149 B
462 B
Document
General
Full URL
https://mikewillserverhosting.com/17613face17d3962000/2_20002_2521944/2412_2474262_3425595_61/1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.252.57.152 , United States, ASN47869 (NETROUTING-AS, NL),
Reverse DNS
ns1.miami-servers.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html#file.html?cbbbbcccwBcYcwWFWcdcTzdmc3xRQckzFcbbbbc

Response headers

Date
Sat, 26 Mar 2022 05:33:11 GMT
Server
Apache
Content-Length
149
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sat, 26 Mar 2022 05:33:10 GMT
Server
Apache
Location
https://mikewillserverhosting.com/17613face17d3962000/2_20002_2521944/2412_2474262_3425595_61/1
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
Primary Request index_1_d.php
lineper.com/visitor_ca_br/
Redirect Chain
  • https://lpstrk.com/d04dgugnsbnr7h0ttssr&externalid=1252154420&agentid=690052&target=cp
  • https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648...
31 KB
7 KB
Document
General
Full URL
https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
Requested by
Host: mikewillserverhosting.com
URL: https://mikewillserverhosting.com/17613face17d3962000/2_20002_2521944/2412_2474262_3425595_61/1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
ec42fcea8b82dddf210962380b9253d8cc15a47c67687ef8df94be0802b5029d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://mikewillserverhosting.com/17613face17d3962000/2_20002_2521944/2412_2474262_3425595_61/1

Response headers

Server
nginx
Date
Sat, 26 Mar 2022 05:33:13 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
6520
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx/1.20.0
Date
Sat, 26 Mar 2022 05:33:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
Strict-Transport-Security
max-age=31536000
style_main_1.css
lineper.com/visitor_ca_br/css/
27 KB
6 KB
Stylesheet
General
Full URL
https://lineper.com/visitor_ca_br/css/style_main_1.css
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
4d74e25b9c753b62ff8aab1db78f857cf69c74dc9ca194634e9a50d3d8b06162

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 26 Mar 2022 05:33:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jan 2022 10:48:07 GMT
Server
nginx
ETag
W/"61d81a67-6abe"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-1.11.1.min.js
code.jquery.com/
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.11.1.min.js
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 05:33:13 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1762a"
vary
Accept-Encoding
x-hw
1648272793.dop013.dc2.t,1648272793.cds212.dc2.hn,1648272793.cds053.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33202
script_1.js
lineper.com/visitor_ca_br/js/
19 KB
5 KB
Script
General
Full URL
https://lineper.com/visitor_ca_br/js/script_1.js
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
267e345bd4c00ba54f2fb79cd4e086e45d36c29e65cded2d7f097a991c83a7dd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 26 Mar 2022 05:33:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Mar 2022 11:47:32 GMT
Server
nginx
ETag
W/"623dabd4-4b52"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
flag_ca_min.png
d3e1y4kxkqljcb.cloudfront.net/survey_ca/
2 KB
2 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_ca/flag_ca_min.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5aea763b69786de7af3bdef30ef54195b68f1734134dea3ca174592721b16b1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 07:25:54 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Thu, 04 Apr 2019 11:46:15 GMT
server
AmazonS3
age
79641
etag
"4a8feb121e977df1901fbc90579d5910"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/png
content-length
2130
x-amz-cf-id
Fj0eo2yJk4hu9TfI-STYBBIeWe6zoqwASzkniHebNGEXWzkEDy2USA==
new_gift.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/
19 KB
19 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_gift.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2b228035e05c131b62a3296d4a725151b328c39fa113c143f2db620a1296283

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 00:38:40 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Wed, 16 Sep 2020 14:04:32 GMT
server
AmazonS3
age
17675
etag
"ae4673293c74dd7e1f44bc37f427b155"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/png
content-length
19500
x-amz-cf-id
37g5t1m9yAM53t4pdv-PJG3QcL30MpJdxyC67xjgGjY09W9QAUhTOA==
giphy.gif
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/nn_survey/
15 KB
16 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/nn_survey/giphy.gif
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 05:33:15 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Mon, 26 Oct 2020 15:58:58 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C4
etag
"45f10d30ce7014885a2d438941a16d3a"
x-cache
Miss from cloudfront
x-amz-version-id
null
accept-ranges
bytes
content-type
image/gif
content-length
15537
x-amz-cf-id
-LxvZbTkyDYkzVAG1fKc7tTi02WgSxw4PIZAByls1-cn33-pu3dWlw==
tick-icon.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/nn_survey/
2 KB
2 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/nn_survey/tick-icon.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 03:38:00 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Mon, 26 Oct 2020 15:58:57 GMT
server
AmazonS3
age
6915
etag
"638c9f9cfb95a3aa955bb8beb850488b"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/png
content-length
1714
x-amz-cf-id
n2-7PzcH4Nnt2j39p_Ykxsi04zIEgpgnFru61MBQ3sRQwWrI_wat7w==
redirect_bin.js
lineper.com/
551 B
869 B
Script
General
Full URL
https://lineper.com/redirect_bin.js
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
595fc9d77aaa41cb01936f11d16d156a8c571faace86be0e10634aeaf3e924ce

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 26 Mar 2022 05:33:14 GMT
Last-Modified
Sat, 20 Nov 2021 11:31:15 GMT
Server
nginx
ETag
"6198dc83-227"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
551
Expires
Thu, 31 Dec 2037 23:55:55 GMT
snow.js
lineper.com/
1 KB
840 B
Script
General
Full URL
https://lineper.com/snow.js
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
09cb02f8abde5de2371a29d02a6895f03bb73c3c6f92aec79840ae9b097f4460

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 26 Mar 2022 05:33:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Dec 2021 16:53:23 GMT
Server
nginx
ETag
W/"61aa4b83-468"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,300;1,700&display=swap
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/style_main_1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33284fe633022dc52abfaa8f476c0642cc34d552861bdd2924b60a3edd68b882
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 26 Mar 2022 05:33:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 26 Mar 2022 05:33:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Mar 2022 05:33:14 GMT
css2
fonts.googleapis.com/
2 KB
545 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@400;700&display=swap
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/style_main_1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0eddb348ebcdcf34164bf539f7a5e5f204f99067bf1f915705078316efb80ae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 26 Mar 2022 04:39:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 26 Mar 2022 05:33:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Mar 2022 05:33:14 GMT
ca.json
lineper.com/visitor_ca_br/lang/
68 B
309 B
XHR
General
Full URL
https://lineper.com/visitor_ca_br/lang/ca.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
01d3adc7504c889384eb8506246d6ae29c39cff278938c4110b16249259a8b42

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 26 Mar 2022 05:33:14 GMT
Last-Modified
Mon, 03 May 2021 12:55:36 GMT
Server
nginx
ETag
"44-5c16c7a4eba5e"
Content-Type
application/json
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68
cp.css
lineper.com/visitor_ca_br/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://lineper.com/visitor_ca_br/css/cp.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
631fa1f02f06c874337279af54d2653b0413902f1529599a52e44f8495c0c536

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 26 Mar 2022 05:33:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Jun 2021 09:18:58 GMT
Server
nginx
ETag
W/"60c08782-89a"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
offers_3_d.json
lineper.com/visitor_ca_br/datas/
6 KB
2 KB
XHR
General
Full URL
https://lineper.com/visitor_ca_br/datas/offers_3_d.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
e8d2be62339d42b8bc32ed0cf073607fd25f9d46e26aaa006275222e55ba47d3

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 26 Mar 2022 05:33:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Mar 2022 09:15:13 GMT
Server
nginx
ETag
W/"16a1-5db0766760a90"
Vary
Accept-Encoding
Content-Type
application/json
Transfer-Encoding
chunked
Connection
keep-alive
cp.json
lineper.com/visitor_ca_br/datas/
863 B
1 KB
XHR
General
Full URL
https://lineper.com/visitor_ca_br/datas/cp.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.140.249.50 , Viet Nam, ASN24088 (HTCHCMC-AS-VN Hanoi Telecom Joint Stock Company - HCMC Branch, VN),
Reverse DNS
static-ptr.vndata.vn
Software
nginx /
Resource Hash
486aa21f4fca2a7161b611d9bacbcfa0f2ccdb3325bcc533005d80282c383f90

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lineper.com/visitor_ca_br/index_1_d.php?device_name=Desktop&browser_name=Chrome&language=en-CA&city=Montreal&clickid=7dcb9vcu3zw372c5&campaign=738&user_id=1&clickcost=0&lander=840&time=1648229592&browser_version=99.0.4844.51&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=Windows&os_version=10.0&country=Canada&country_code=CA&isp=OVH%20Hosting&ip=149.56.153.187&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&lpkey=165e48df271630ef92&target=cp&device=DESKTOP&uclick=vcu3zw37&uclickhash=vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 26 Mar 2022 05:33:14 GMT
Last-Modified
Mon, 03 May 2021 12:55:12 GMT
Server
nginx
ETag
"35f-5c16c78e4c940"
Content-Type
application/json
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
863
css2
fonts.googleapis.com/
3 KB
714 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@600&display=swap
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/cp.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abbd3d9df6edb6982ac43bbeb61514366582e777e1b501e55f3f9071ffd15f68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 26 Mar 2022 05:06:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 26 Mar 2022 05:33:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Mar 2022 05:33:14 GMT
line_background4.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/
61 KB
62 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/line_background4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9144afcf99db928e2f67372c78684c5e4d37352700f47abb00992fe60155fae7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
MhoF05G5kGnYWTDTNUZnmaMztuyzUHC3
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
etag
"375e3524d7f8353cb120bb59e9b66c05"
last-modified
Mon, 23 Aug 2021 15:43:45 GMT
server
AmazonS3
age
13117
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
date
Sat, 26 Mar 2022 01:54:38 GMT
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-length
62543
x-amz-cf-id
ucEQyGoSS8dSZai2MMd2vJrgMS_8pH48MV0dCViqQ8tt6VlO_Ixl9A==
gift_box_sf.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/news_gift_i/
19 KB
20 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/news_gift_i/gift_box_sf.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/cp.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3557026ab759efa6d636a670612a7450d168c80569389ef387247cf300b242c9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 26 Mar 2022 05:33:15 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Tue, 16 Mar 2021 13:54:21 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C4
etag
"1727e6417ad6947689c918135eb07400"
x-cache
Miss from cloudfront
x-amz-version-id
hyijZxV1L5ahOghELIrXAvWGbPWdiJL1
accept-ranges
bytes
content-type
image/png
content-length
19836
x-amz-cf-id
ZrBMf3f9KfRHy-fVOsyDHKxlD5U75mmKTafNVgFc3ybfH-CpmfMh4A==
sprite_7.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/
22 KB
22 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/sprite_7.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/style_main_1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4405fedd43c666bd3b058a377c6534ccfd13966022164dd802097f542a817b2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Mar 2022 22:28:02 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Wed, 10 Mar 2021 11:22:13 GMT
server
AmazonS3
age
25513
etag
"432728af8e57368354e8be5aad7b1899"
x-cache
Hit from cloudfront
x-amz-version-id
kIAwUSFCZ1dUcuIui8DQvc_sIJ0vKwMU
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/png
content-length
22598
x-amz-cf-id
wDmqKGMgAYFPy0EWetBUBqukDHICEOsqCH4_TZ55rgMp-X4uKUdLxw==
pay_method.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/
10 KB
10 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/pay_method.png
Requested by
Host: lineper.com
URL: https://lineper.com/visitor_ca_br/css/style_main_1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5088b435d3137f3b3fc92dc9778ed3d176630ac0fbc168ddd0f57f1ef7b50caf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 03:37:48 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jan 2021 10:14:04 GMT
server
AmazonS3
age
6926
etag
"ad6b84905db334c53845a44f8240316b"
x-cache
Hit from cloudfront
x-amz-version-id
TTOH5Dpg.IlOvCCiT4m_RM0aZ.JiFVUe
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/png
content-length
9739
x-amz-cf-id
yis05vjpeTDViTInNt9zd0UHoq2zpubUH63JMdHordQnyCLXZzyfyA==
new_sprite_6.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/
22 KB
22 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_sprite_6.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70669b4b76e994f939ff5bc3a6fbaa1b39894213f2aae85e0793c4c67615e7b7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Mar 2022 20:56:50 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Tue, 27 Jul 2021 12:33:59 GMT
server
AmazonS3
age
30985
etag
"2b7ed2cffa27fbd94f1a32f1c976355d"
x-cache
Hit from cloudfront
x-amz-version-id
2FVMFy9fmAGgo2gHxUMPsgcPH9lAs9u8
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/png
content-length
22549
x-amz-cf-id
Djxu0CDvI5CrsplK1X7WVp82YdBfGgZBLwzQO0HMb-rOtnXjaFF7iw==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,300;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lineper.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 08:30:30 GMT
x-content-type-options
nosniff
age
162164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 24 Mar 2023 08:30:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,300;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lineper.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:35:30 GMT
x-content-type-options
nosniff
age
313064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 14:35:30 GMT
7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v11/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v11/7cHqv4kjgoGqM7E3t-4s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lineper.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:03:47 GMT
x-content-type-options
nosniff
age
206967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21724
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:06:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 20:03:47 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,300;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lineper.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 08:05:17 GMT
x-content-type-options
nosniff
age
163677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17484
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 24 Mar 2023 08:05:17 GMT
nut_4_05.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/
23 KB
23 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/nut_4_05.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dcb49ea0035d4167a1a25d83b059f25ed663f99ec254ed13d3866bcc5ef01c82

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 16:30:42 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jun 2020 12:52:31 GMT
server
AmazonS3
age
46954
etag
"aff648644a3b7089c2e539492d990b83"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/png
content-length
23492
x-amz-cf-id
Wu4_FSdNw6LIInsmOOkK4nV1uiN_SwxPCK0g_g-t303aFAbip-7Gag==
zodiak_casino.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_ca/
33 KB
33 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_ca/zodiak_casino.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ff7bca16032d07c93857724bb58ee0012bf1e5d4e73ea2fb81e3479c8ab5136

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Mar 2022 16:30:42 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Mon, 29 Nov 2021 16:13:44 GMT
server
AmazonS3
age
46954
etag
"bc547014a09e88067da92868b549e9bd"
x-cache
Hit from cloudfront
x-amz-version-id
Bo60gXoT1agEgGvgGcq9cCZXQz2iQ1hT
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/jpeg
content-length
33659
x-amz-cf-id
F-EIJxaCpeREuzCNo9c7GXmrzON1LgICKnXT3HtkNzbFmzQCMTTsFw==
luxury_casino.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_ca/
41 KB
42 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_ca/luxury_casino.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
030dd557e445219074feccff964362333092d7e91b3ad1a35d5a755b07916c81

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Mar 2022 16:30:42 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Mon, 29 Nov 2021 16:13:43 GMT
server
AmazonS3
age
46954
etag
"47974e37a457285dd4902637d16d3a65"
x-cache
Hit from cloudfront
x-amz-version-id
uyc8jiHs3glwpQL8p.oTET_RCkuZWRMD
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/jpeg
content-length
42298
x-amz-cf-id
mJgRh-UeR4uB9bR_XOAyyiJr366VfvQKT_3z0hvMKlVeGO-1w5Ut0A==
casino_jackpot.png
d3e1y4kxkqljcb.cloudfront.net/survey_ca/
28 KB
28 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_ca/casino_jackpot.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b58ee29d82599c6316baaac8ad795a9dbe860e05d4b1a25653c0b912245a4e3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 16:30:42 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Wed, 11 Dec 2019 09:14:36 GMT
server
AmazonS3
age
46954
etag
"d731ba57fe560f0d38da3cabd7debf5b"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/png
content-length
28537
x-amz-cf-id
QRqmVaHfrivb2MoxhD2bn5OJ6dzjGLAC5-FWb29qO8nGmAVQ7iy70g==
classic_casino.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_ca/
35 KB
36 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_ca/classic_casino.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1d9133bdfcee5138ca1d472da1cc5e306dd6d9fe917a0109fad61f5554a5ad9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Mar 2022 15:39:18 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Mon, 29 Nov 2021 16:13:42 GMT
server
AmazonS3
age
50038
etag
"ec292dd67e33d020abc433d5fa9fb59e"
x-cache
Hit from cloudfront
x-amz-version-id
8p4WrQMHqkzYBIptpIeMqOtBSmIlbum5
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/jpeg
content-length
35959
x-amz-cf-id
HVixUOqybFHbEARC23pjT7fZ1wwLmFUizEJv74mQsJK9qhhbQyU4AA==
diet_22_05.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/
24 KB
25 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/diet_22_05.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdd6ae8c65ee12166d3a08119a699b3aebf9c3dba2d23999a9c0f1ccdef6e0be

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 00:38:42 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Fri, 22 May 2020 10:45:26 GMT
server
AmazonS3
age
17674
etag
"e89e45694ede05198f27741c355e9ab7"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/png
content-length
24742
x-amz-cf-id
93CsLIN5ntsFG40FhI6xeVsCRTSOSCcCT99QRhc9Bh0lhAaH7Hm-2A==
male_5_06.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/
28 KB
28 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/male_5_06.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ebe8abfa8e4a2a310e2b5c550bc0ccf50c9e790701da5648899a7f4dda33197

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 05:33:16 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jun 2020 11:22:23 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C4
etag
"97167a158e7c391cc88e17d668fc4176"
x-cache
Miss from cloudfront
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
content-length
28729
x-amz-cf-id
Nl9scNRRQ-drr6CvQiS6r5Sjk6iYosdY-CiGIq9JwNwKyF2tETTmOg==
male_diet_22_05.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/
23 KB
24 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/male_diet_22_05.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7350496b646520a21195b5c50001ad3b933d8703bfc9443a15e2d4906debebb8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 21:07:19 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Fri, 22 May 2020 11:06:25 GMT
server
AmazonS3
age
30357
etag
"4786dae0f6b5f66833b50c9966b8a0c6"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/png
content-length
23986
x-amz-cf-id
SX6JfnFJHbImOpYDa3k9wNJ9EdhbEtE5BU7n0_QSpVym_CsWBrX_3Q==
cbd_oil.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_quality/
23 KB
24 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_quality/cbd_oil.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da7846e35c98ef7dc7d7e2e682c3325d7423110b6c75f00cab1d78b62381facc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 26 Mar 2022 00:38:42 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Tue, 30 Nov 2021 15:34:29 GMT
server
AmazonS3
age
17674
etag
"b24928a861d1c8db5223346f7e85afcf"
x-cache
Hit from cloudfront
x-amz-version-id
5JwjJzb6JtsmAVVZ6C8z7h9spLdNrvaA
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/jpeg
content-length
23681
x-amz-cf-id
3N7aZwCytfgF88_P0sG6A2MfzNN9e9UnpAWvj2ncdJCqkH_oMY-Deg==
new_offer_ipad3.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_format/
12 KB
12 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_format/new_offer_ipad3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7bacf10cf9d33eebd28314147c1009054664aba8305904e4f23ec591eb85039c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Mar 2022 18:25:51 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 12:41:15 GMT
server
AmazonS3
age
40045
etag
"00bd52880e0d20d26e330a6510fec712"
x-cache
Hit from cloudfront
x-amz-version-id
CmT.1W4oISmsC12al9dbOiIqHect9L8k
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/jpeg
content-length
12299
x-amz-cf-id
PGSyMPjxOizAHxk_GZTNjSc5DWZz_5X291lKX6gWGNDa-A5S1d2Oug==
iphone_13_new.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_format/
4 KB
4 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_format/iphone_13_new.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b717bf432b216667c6ff62f9e0c70a42f6e75c17df8ffd9400eca3a8e3041a2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Mar 2022 13:11:47 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Tue, 14 Sep 2021 11:38:30 GMT
server
AmazonS3
age
58889
etag
"a86bd38c6bb6c450284dea80a3af6bc3"
x-cache
Hit from cloudfront
x-amz-version-id
of7Q5XNJtI0uiBpmpXiwVdlE8iLLgWqa
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/png
content-length
4191
x-amz-cf-id
MGV_sFDPkNgHGoz22ODFm8lvQJTwQtF3K7jEHhQJhctgMP0Oo6Etyw==
new_offer_fitwatch2.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_format/
8 KB
8 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_format/new_offer_fitwatch2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc853a24f6c4809a07746acad011711197edad83ab9a17b260eb3f5ed6274f29

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Mar 2022 06:47:06 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 12:41:13 GMT
server
AmazonS3
age
81970
etag
"47b6a0b3125a57ae4c2902843794bacb"
x-cache
Hit from cloudfront
x-amz-version-id
ntUMvdlnF1tzP2igYLWQV6n3qbz_iRjO
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/jpeg
content-length
7815
x-amz-cf-id
tdOjyipuL55pJcvTHvEGKmZFfVf9qv5iJPE4Lm0vzuXaGrAl1eviXQ==
new_offer_airpods2.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_format/
4 KB
4 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_format/new_offer_airpods2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ac4160626b3529380eb6bcd303dd1f51fbdf8da84134c5b241be69ff4c29107

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Mar 2022 17:20:33 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 12:41:07 GMT
server
AmazonS3
age
43963
etag
"fdcc91d58565c1c3b7288438c3a742da"
x-cache
Hit from cloudfront
x-amz-version-id
KDHodQcm8XqITCHILdmJ0z7TAbOL5A7s
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/jpeg
content-length
3708
x-amz-cf-id
wBYOYPX0XTowmEsRS9NL4kpUfaUeBCrFfks7y1_aM3CaIiqKCGi9Pg==
new_offer_dashcam2.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_format/
8 KB
9 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_format/new_offer_dashcam2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c53638d43ff8b2b428ffe43f0b012bdb396ce8b27834908ee55b7671cca01992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Mar 2022 06:47:06 GMT
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 12:41:11 GMT
server
AmazonS3
age
81970
etag
"84d47e6e9fdeb7c7ee855b803cc64b67"
x-cache
Hit from cloudfront
x-amz-version-id
0Yhn8_09fWlBsGEnRmELW5FO6v3UEjU1
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-type
image/jpeg
content-length
8615
x-amz-cf-id
NnTfO_0kdTyKwpSAnVsJlKo4DhCzNL4WvnMi5bPS2cHflCilaFiGvQ==
blender.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/
22 KB
22 KB
Image
General
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/blender.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:ca00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4654d3e52e565fb72fd7f411313744cfbb3b2f37cc08a5a96482b56bab17bcc5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://lineper.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
last-modified
Fri, 22 May 2020 11:18:18 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C4
etag
"0452e394bf02750c2a02322759ca8ffc"
x-cache
RefreshHit from cloudfront
content-type
image/png
date
Sat, 26 Mar 2022 05:33:16 GMT
accept-ranges
bytes
content-length
22401
x-amz-cf-id
c8IK21DEwEUm_ZCW8YZ6j_o1_DvbAITKieNKRvfMH7X9aIbKwd4reA==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v28/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lineper.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 22:47:09 GMT
x-content-type-options
nosniff
age
283566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16712
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:06:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 22:47:09 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery function| $_GET object| months object| days object| time object| d string| dateNow object| monthsF object| daysF object| timeF object| dF string| dateNowF string| targets string| lang function| loadingData function| drawszlider function| timer string| target boolean| IE object| jQuery111106775617552126354 string| redirect_url string| back_url_link function| snowB function| startTimer object| comments number| slidewhere number| holvanszlider function| loadingOffers function| timer1 object| mydate number| year number| day number| month number| daym string| titleOut

3 Cookies

Domain/Path Name / Value
mikewillserverhosting.com/ Name: uid19732
Value: 1252154420-20220326013311-661ad68fbf1737861b94d89283d7c15c-
lpstrk.com/ Name: uclick
Value: vcu3zw37
lpstrk.com/ Name: uclickhash
Value: vcu3zw37-vcu3zw37-ej6o-163y-2tx9-8rxo8n-pmktwj-9c43af

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
d3e1y4kxkqljcb.cloudfront.net
ddydhshshdhdhdhdh.diagnosebus.com
fonts.googleapis.com
fonts.gstatic.com
lineper.com
lpstrk.com
mikewillserverhosting.com
storage.googleapis.com
103.140.249.49
103.140.249.50
162.252.57.152
188.225.80.67
2001:4de0:ac18::1:a:2b
2600:9000:2120:ca00:b:4623:cac0:21
2607:f8b0:4006:806::2010
2607:f8b0:4006:80b::200a
2607:f8b0:4006:81e::2003
01d3adc7504c889384eb8506246d6ae29c39cff278938c4110b16249259a8b42
030dd557e445219074feccff964362333092d7e91b3ad1a35d5a755b07916c81
09cb02f8abde5de2371a29d02a6895f03bb73c3c6f92aec79840ae9b097f4460
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0eddb348ebcdcf34164bf539f7a5e5f204f99067bf1f915705078316efb80ae2
1b58ee29d82599c6316baaac8ad795a9dbe860e05d4b1a25653c0b912245a4e3
267e345bd4c00ba54f2fb79cd4e086e45d36c29e65cded2d7f097a991c83a7dd
2ff7bca16032d07c93857724bb58ee0012bf1e5d4e73ea2fb81e3479c8ab5136
33284fe633022dc52abfaa8f476c0642cc34d552861bdd2924b60a3edd68b882
3557026ab759efa6d636a670612a7450d168c80569389ef387247cf300b242c9
3ac4160626b3529380eb6bcd303dd1f51fbdf8da84134c5b241be69ff4c29107
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
4654d3e52e565fb72fd7f411313744cfbb3b2f37cc08a5a96482b56bab17bcc5
486aa21f4fca2a7161b611d9bacbcfa0f2ccdb3325bcc533005d80282c383f90
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
4d74e25b9c753b62ff8aab1db78f857cf69c74dc9ca194634e9a50d3d8b06162
5088b435d3137f3b3fc92dc9778ed3d176630ac0fbc168ddd0f57f1ef7b50caf
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579
595fc9d77aaa41cb01936f11d16d156a8c571faace86be0e10634aeaf3e924ce
631fa1f02f06c874337279af54d2653b0413902f1529599a52e44f8495c0c536
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
70669b4b76e994f939ff5bc3a6fbaa1b39894213f2aae85e0793c4c67615e7b7
7350496b646520a21195b5c50001ad3b933d8703bfc9443a15e2d4906debebb8
7b717bf432b216667c6ff62f9e0c70a42f6e75c17df8ffd9400eca3a8e3041a2
7bacf10cf9d33eebd28314147c1009054664aba8305904e4f23ec591eb85039c
9144afcf99db928e2f67372c78684c5e4d37352700f47abb00992fe60155fae7
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
9ebe8abfa8e4a2a310e2b5c550bc0ccf50c9e790701da5648899a7f4dda33197
a1d9133bdfcee5138ca1d472da1cc5e306dd6d9fe917a0109fad61f5554a5ad9
a4405fedd43c666bd3b058a377c6534ccfd13966022164dd802097f542a817b2
a5aea763b69786de7af3bdef30ef54195b68f1734134dea3ca174592721b16b1
abbd3d9df6edb6982ac43bbeb61514366582e777e1b501e55f3f9071ffd15f68
bdd6ae8c65ee12166d3a08119a699b3aebf9c3dba2d23999a9c0f1ccdef6e0be
c53638d43ff8b2b428ffe43f0b012bdb396ce8b27834908ee55b7671cca01992
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
da7846e35c98ef7dc7d7e2e682c3325d7423110b6c75f00cab1d78b62381facc
dc853a24f6c4809a07746acad011711197edad83ab9a17b260eb3f5ed6274f29
dcb49ea0035d4167a1a25d83b059f25ed663f99ec254ed13d3866bcc5ef01c82
e2b228035e05c131b62a3296d4a725151b328c39fa113c143f2db620a1296283
e8d2be62339d42b8bc32ed0cf073607fd25f9d46e26aaa006275222e55ba47d3
ec42fcea8b82dddf210962380b9253d8cc15a47c67687ef8df94be0802b5029d