kns.dailyorderforyou.com Open in urlscan Pro
2606:4700:3030::6815:3140 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rosvom-trk.ki4j.in/ga/click/2-84204812-6949-21084-41602-48421-ec65c3aa06-987271d442
Effective URL:
https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40sask...
Submission: On February 13 via manual (February 13th 2023, 6:50:42 pm UTC) from CA — Scanned from CA

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 8 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3030::6815:3140, located in United States and belongs to CLOUDFLARENET, US. The main domain is kns.dailyorderforyou.com.
TLS certificate: Issued by GTS CA 1P5 on February 1st 2023. Valid for: 3 months.

This is the only time kns.dailyorderforyou.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::ac43:9738	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3030::6815:3140	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	97.107.133.178 97.107.133.178	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
4	2606:4700::68... 2606:4700::6812:13b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:46e9	() ()
1	2001:4860:480... 2001:4860:4802:32::15	() ()
18	9

1 2606:4700:3030::ac43:9738 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rosvom-trk.ki4j.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:3140 (United States)

ASN13335 (CLOUDFLARENET, US)

kns.dailyorderforyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 97.107.133.178 (Cedar Knolls, United States)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: 97-107-133-178.ip.linodeusercontent.com

roadssign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:13b7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.by.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:46e9 (None, )

ASN- ()

get.geojs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (None, )

ASN- ()

measurements-api.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	wonderpush.com cdn.by.wonderpush.com — Cisco Umbrella Rank: 42401 measurements-api.wonderpush.com	115 KB
5	roadssign.com roadssign.com	185 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 114	4 KB
2	dailyorderforyou.com kns.dailyorderforyou.com	6 KB
1	geojs.io get.geojs.io	877 B
1	gstatic.com fonts.gstatic.com	44 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 343	6 KB
1	ki4j.in 1 redirects rosvom-trk.ki4j.in	771 B
18	8

	Domain	Requested by
5	roadssign.com	kns.dailyorderforyou.com roadssign.com
4	cdn.by.wonderpush.com	kns.dailyorderforyou.com cdn.by.wonderpush.com
3	fonts.googleapis.com	kns.dailyorderforyou.com roadssign.com
2	kns.dailyorderforyou.com	kns.dailyorderforyou.com
1	measurements-api.wonderpush.com	cdn.by.wonderpush.com
1	get.geojs.io	cdn.by.wonderpush.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdnjs.cloudflare.com	kns.dailyorderforyou.com
1	rosvom-trk.ki4j.in	1 redirects
18	9

This site contains no links.

Subject Issuer	Validity	Valid
*.dailyorderforyou.com GTS CA 1P5	`2023-02-01` - `2023-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
roadssign.com R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
*.by.wonderpush.com GTS CA 1P5	`2023-02-06` - `2023-05-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
measurements-api.wonderpush.com GTS CA 1D4	`2023-02-09` - `2023-05-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4=
Frame ID: 4EE1007B2A5E023070AAB296D60B254B
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Payout Verification

Page URL History Show full URLs

https://rosvom-trk.ki4j.in/ga/click/2-84204812-6949-21084-41602-48421-ec65c3aa06-987271d442 HTTP 302
https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/a... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

9
IPs

1
Countries

360 kB
Transfer

822 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rosvom-trk.ki4j.in/ga/click/2-84204812-6949-21084-41602-48421-ec65c3aa06-987271d442 HTTP 302
https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Xvfv_Ga Show response
kns.dailyorderforyou.com/
Redirect Chain

https://rosvom-trk.ki4j.in/ga/click/2-84204812-6949-21084-41602-48421-ec65c3aa06-987271d442
https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4=

19 KB
5 KB

914ms
836ms

Document
text/html

2606:4700:3030::6815:3140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.30
Resource Hash: 11ac1a4b74a0e1029345edf5f9c5dac39f5e5cddd359e07a5fbeb5b716cf2d89

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 798fc027cf068cd7-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Feb 2023 18:50:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qa73AnTUR%2BPHI1Crq5u6L6Iq0hmeHnXqLdbKh0L4HoRWJJHNlED1wE4slL9kc72nSpwqYI1m0G%2FvBDVz4hNe2ahnNK5wSZQAYpANi%2BOKDLga%2FBwEpRdKiaTxAvebI5Dwaqs4cpXEv8JW1AYZWFQuP1rrXLvYiVY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.30

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 798fc023d8ae17f1-EWR
content-type: text/html; charset=utf-8
date: Mon, 13 Feb 2023 18:50:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8aQzunaNBC%2BSkgNfwlepjBsL0ZuNy4AR1LjVk7r7PmY1j3ToSDJn0zP1vUZ9JeLrgm6sMI5cI7iwOsDXjijYAF6UfuTsmfvhUxz4aHN9SRsxZMKDAAdxsZjPSQJZMI2YUSeKB1MFTDSOCsFceGTXRQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
status: 302 Found
x-powered-by: Phusion Passenger 6.0.4
x-rack-cache: miss
x-request-id: 715407c9f21fdde3d3806d8a1d25a370
x-runtime: 0.044728
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 css
fonts.googleapis.com/ 46 KB
2 KB 90ms
37ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i

Requested by

Host: kns.dailyorderforyou.com
URL: https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f92041fa03058df9cb6c302ca394bc32dc312ba679e5a6673ef346856eb19d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Feb 2023 18:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 17:34:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Feb 2023 18:50:37 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 27 KB
6 KB 67ms
26ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: kns.dailyorderforyou.com
URL: https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1267765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4972
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-6b4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmQD%2FQeXULJPq6%2BgAIkVJdYFxTr%2F6MWRFAQzDDQtju2Hc8V0F78EtqQitkdfXvy%2Fa19cAryb6FYgHH2jbOLw5yYutEzCV1gbkI0Y0eGQ5luCIQ3CpGFeBeTKXV2rWPhokL8UsmWpv4vwL1cL2PVTNozT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 798fc02d4e147133-YUL
expires: Sat, 03 Feb 2024 18:50:37 GMT

GET
H/1.1 200
OK bootstrap.min.css
roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/css/ 119 KB
119 KB 653ms
158ms Stylesheet
text/css 97.107.133.178
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/css/bootstrap.min.css
Requested by: Host: kns.dailyorderforyou.com
URL: https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash: 1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:50:37 GMT
Last-Modified: Tue, 19 Jul 2022 06:15:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
ETag: "1da71-5e42268926980"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 121457

GET
H/1.1 200
OK custom.css
roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/css/ 49 KB
49 KB 653ms
159ms Stylesheet
text/css 97.107.133.178
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/css/custom.css
Requested by: Host: kns.dailyorderforyou.com
URL: https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash: 7f52ac12899ccf117098e6fabc438dae4f6430725f26ccc02a4566f8bbd3b4e4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:50:37 GMT
Last-Modified: Thu, 29 Dec 2022 14:36:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
ETag: "c2e2-5f0f869bb6e00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 49890

GET
H2 200 wonderpush-loader.min.js Show response
cdn.by.wonderpush.com/sdk/1.1/ 1 KB
1 KB 473ms
22ms Script
application/javascript 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by: Host: kns.dailyorderforyou.com
URL: https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77739da5d7f08eb8f3c4570bb628aa068acd7f2942abf1a1a1c3aee68ebc9041

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:50:38 GMT
content-encoding: gzip
via: 1.1 626cbaf3b4af9c017ec7e762518761d6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: YTO50-C3
age: 8735
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 696
last-modified: Tue, 17 Jan 2023 16:23:59 GMT
server: cloudflare
etag: "3eb4ebbd84300308a46c51d9cd003dd6ed6e"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=86400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 798fc03539287145-YUL
x-amz-cf-id: EILJhW_rWntVxZ1YWxHiOEO-WDvDWr5AYhlO0ylI_t2spzVMSlOY-A==

GET
H2 200 lander_lp
kns.dailyorderforyou.com/ 0
312 B 153ms
152ms Image
text/html 2606:4700:3030::6815:3140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kns.dailyorderforyou.com/lander_lp?lp=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell@saskhealthauthority.ca
Requested by: Host: kns.dailyorderforyou.com
URL: https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:50:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.30
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fsDb1bwYm%2FOA26UWeMmMpByE%2F66x8McNumArW9D0mmUyHZ2n6rq8Eg2t5kA2wHxn9FWwhrS8V%2FZWfADyrtmzg5rzDMpZYPWcsIg%2F6XupkvtadivhG41f1sVGVgGjp2yWzxDSdpRDdYeua6BnHj0rMboVqhExTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 798fc0326f948cd7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 404
Not Found jquery.min.js
roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/js/ 0
0 89ms
89ms Script
text/html 97.107.133.178
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/js/jquery.min.js
Requested by: Host: kns.dailyorderforyou.com
URL: https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H/1.1 404
Not Found bootstrap.min.js
roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/js/ 0
0 88ms
88ms Script
text/html 97.107.133.178
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/js/bootstrap.min.js
Requested by: Host: kns.dailyorderforyou.com
URL: https://kns.dailyorderforyou.com/Xvfv_Ga?cB7_LE=Z3xzmGthpZVllq5zwGh1emBxqMGwjGtrfZiTZX1zkWZmaKZgY35wkWthh4Y/amanda.purcell%40saskhealthauthority.ca&s3=&s4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
694 B 38ms
37ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,200;0,300;0,400;1,100;1,200;1,300&display=swap

Requested by

Host: roadssign.com
URL: https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6674c4f7bbb497b1d1380712065cc3589b251cf5605daea1908ab2bebcc6a0ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Feb 2023 18:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:50:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Feb 2023 18:50:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 46ms
46ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: roadssign.com
URL: https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Feb 2023 18:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 16:54:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Feb 2023 18:50:37 GMT

GET
H/1.1 200
OK pay-back.png
roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/img/ 17 KB
17 KB 762ms
159ms Image
image/png 97.107.133.178
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/img/pay-back.png
Requested by: Host: roadssign.com
URL: https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/css/custom.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash: 5ea2eb8e01895d74e7309857b739a9cc50e2b18c11d10e315f9321cfab84ceb5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/css/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 18:50:38 GMT
Last-Modified: Thu, 29 Dec 2022 06:34:57 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
ETag: "4282-5f0f1aefaa640"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17026

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 78ms
25ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kns.dailyorderforyou.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 11:04:35 GMT
x-content-type-options: nosniff
age: 287162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 11:04:35 GMT

GET
H2 200 wonderpush.min.js Show response
cdn.by.wonderpush.com/sdk/1.1.33.13/ 464 KB
111 KB 25ms
24ms Script
application/javascript 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1.33.13/wonderpush.min.js
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59e0ea7d539401a1f3cd924bf43e2b04e351e53735cdcb6385d2bb67071cf287

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:50:41 GMT
content-encoding: gzip
via: 1.1 16a12520cb84572aced3b0a8e5f80bae.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD51-C1
age: 2341579
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112900
last-modified: Tue, 17 Jan 2023 16:23:55 GMT
server: cloudflare
etag: "7b62e04729e63f6a7dd93360781b1d60ed6e"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 798fc0469cbc7145-YUL
x-amz-cf-id: Tt8SzTeXMjb0my1_k5SV9O1a6BC-EbHJUky7UgjZnqdUerB0Yd3PoA==

GET
H3 200 41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0 Show response
cdn.by.wonderpush.com/config/webkeys/ 2 KB
1 KB 449ms
418ms Fetch
application/json 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/config/webkeys/41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0?_=1676314241148
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.33.13/wonderpush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5b5ca6ebba05351abf77e25cf1c5d3879656ce20117c9f9bd74512bb6dd0bc

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:50:41 GMT
content-encoding: gzip
via: 1.1 7fd26103acbe47cf03b34bbd9a65d1e2.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: YTO50-C3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 772
last-modified: Fri, 10 Feb 2023 09:17:13 GMT
server: cloudflare
etag: "9409cb4f2fd561ff5586c24526571a18ed6e"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 798fc0476937ca6f-YUL
x-amz-cf-id: 40sXH1qwDCM-ZycDZAdy3OhLf_3zsrSOBEdxybedIpsazmSEslOz-A==

GET
H3 200 geojs.js Show response
cdn.by.wonderpush.com/plugins/geojs/1.0.2/ 2 KB
1 KB 23ms
23ms Script
application/javascript 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.33.13/wonderpush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:50:41 GMT
content-encoding: gzip
via: 1.1 17c056a089c69d54a02a9a3ca804fdd6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD66-C2
age: 6446528
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1055
last-modified: Mon, 22 Jun 2020 15:30:23 GMT
server: cloudflare
etag: "eade35070a4a96bcbeb77c55c1856e96ed6e"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,stale-while-revalidate=2592000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 798fc04a2ec87144-YUL
x-amz-cf-id: BRe5bB213AlVEZD7G2STTuqaPZjzQPipryBo8rdI8HDjuB_rO56HPg==

GET
H2 200 geo.json Show response
get.geojs.io/v1/ip/ 330 B
877 B 381ms
53ms XHR
application/json 2606:4700:20::ac43:46e9

General

Check archive.org

Show headers Download Go to

Full URL

https://get.geojs.io/v1/ip/geo.json

Requested by

Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:46e9 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

8164422d74183fdffc5e1fd91fdd0348db7237e6c2bf527058ffff36124a3f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 18:50:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: bbd284315e31382a765f8ff196b6e258-NYC
x-geojs-location: NYC
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMI0SOsAH5ScpGK2EQ3OzOcQcIf%2BIR5I%2Fb8H3jG%2FVQNopP%2FsQcc2Ui9i4cwB4ZRrPZj9%2Fj292g6uSx8Rq9M8wDbwIL%2FH%2F5tYNj%2BWPiM2dF6b1wnW9MobaGfzCAHaBXz4nhIWztWOJvZb2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
cf-ray: 798fc04c98d117f1-EWR

POST
H2 202 events Show response
measurements-api.wonderpush.com/v1/ 94 B
277 B 459ms
138ms XHR
application/json 2001:4860:4802:32::15

General

Check archive.org

Show headers Download Go to

Full URL: https://measurements-api.wonderpush.com/v1/events
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.33.13/wonderpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 -, , ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: f2650ea1f855eba673d9a90f9af5a8fa3f169c4f819c78c80d38e21800d6fe27

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://kns.dailyorderforyou.com
x-cloud-trace-context: 83c8339462d2468b748e7cf038e32cd8
date: Mon, 13 Feb 2023 18:50:42 GMT
access-control-allow-credentials: true
server: Google Frontend
content-length: 94
content-type: application/json

GET
DATA 200
OK truncated
/ 981 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f59f3632ecd53a95c0f360bd613bdd269b4aff3afa0fcb04ceaaf7c99d53fd96

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/js/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/https://roadssign.com/eml/CA-Casino-Payout-verification-DEC22-eml-avi/js/bootstrap.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.by.wonderpush.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
kns.dailyorderforyou.com
measurements-api.wonderpush.com
roadssign.com
rosvom-trk.ki4j.in
2001:4860:4802:32::15
2606:4700:20::ac43:46e9
2606:4700:3030::6815:3140
2606:4700:3030::ac43:9738
2606:4700::6811:180e
2606:4700::6812:13b7
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c1b::5e
97.107.133.178
11ac1a4b74a0e1029345edf5f9c5dac39f5e5cddd359e07a5fbeb5b716cf2d89
1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a
3f92041fa03058df9cb6c302ca394bc32dc312ba679e5a6673ef346856eb19d3
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
59e0ea7d539401a1f3cd924bf43e2b04e351e53735cdcb6385d2bb67071cf287
5b5b5ca6ebba05351abf77e25cf1c5d3879656ce20117c9f9bd74512bb6dd0bc
5ea2eb8e01895d74e7309857b739a9cc50e2b18c11d10e315f9321cfab84ceb5
6674c4f7bbb497b1d1380712065cc3589b251cf5605daea1908ab2bebcc6a0ae
77739da5d7f08eb8f3c4570bb628aa068acd7f2942abf1a1a1c3aee68ebc9041
7f52ac12899ccf117098e6fabc438dae4f6430725f26ccc02a4566f8bbd3b4e4
8164422d74183fdffc5e1fd91fdd0348db7237e6c2bf527058ffff36124a3f72
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2650ea1f855eba673d9a90f9af5a8fa3f169c4f819c78c80d38e21800d6fe27
f59f3632ecd53a95c0f360bd613bdd269b4aff3afa0fcb04ceaaf7c99d53fd96

kns.dailyorderforyou.com Open in urlscan Pro 2606:4700:3030::6815:3140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

89 %IPv6

8 Domains

9 Subdomains

9 IPs

1 Countries

360 kBTransfer

822 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

kns.dailyorderforyou.com Open in urlscan Pro
2606:4700:3030::6815:3140 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

9
IPs

1
Countries

360 kB
Transfer

822 kB
Size

0
Cookies

18 HTTP transactions
1 data transactions