view.email.wheeloffortune.com Open in urlscan Pro
68.232.203.71 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266...
Submission Tags: phishing malicious Search All
Submission: On November 16 via api (November 16th 2020, 6:19:53 pm UTC) from US

Summary HTTP 21 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 68.232.203.71, located in United States and belongs to EXACT-7, US. The main domain is view.email.wheeloffortune.com.

This is the only time view.email.wheeloffortune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	68.232.203.71 68.232.203.71	22606 (EXACT-7) (EXACT-7)
3	151.139.237.11 151.139.237.11	33438 (HIGHWINDS2) (HIGHWINDS2)
4	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
1	68.232.203.70 68.232.203.70	22606 (EXACT-7) (EXACT-7)
9	2.16.186.120 2.16.186.120	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	204.236.217.48 204.236.217.48	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.214.111 143.204.214.111	16509 (AMAZON-02) (AMAZON-02)
1	13.226.156.121 13.226.156.121	16509 (AMAZON-02) (AMAZON-02)
21	8

1 68.232.203.71 (United States)

ASN22606 (EXACT-7, US)
PTR: view.s6.exacttarget.com

view.email.wheeloffortune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.237.11 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.203.70 (United States)

ASN22606 (EXACT-7, US)
PTR: click.s6.exacttarget.com

click.email.wheeloffortune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.16.186.120 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-120.deploy.static.akamaitechnologies.com

image.email.wheeloffortune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.236.217.48 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-204-236-217-48.compute-1.amazonaws.com

em.realtime.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.111 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-111.fra53.r.cloudfront.net

d1m0jo40vwlwe4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.121 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-121.dus51.r.cloudfront.net

d2vxgxvhgubbj8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	wheeloffortune.com view.email.wheeloffortune.com click.email.wheeloffortune.com image.email.wheeloffortune.com	964 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	rawgit.com cdn.rawgit.com	76 KB
2	cloudfront.net d1m0jo40vwlwe4.cloudfront.net d2vxgxvhgubbj8.cloudfront.net	153 KB
2	realtime.email 2 redirects em.realtime.email	1 KB
21	5

	Domain	Requested by
9	image.email.wheeloffortune.com	view.email.wheeloffortune.com
4	fonts.googleapis.com	view.email.wheeloffortune.com
3	cdn.rawgit.com	view.email.wheeloffortune.com cdn.rawgit.com
2	em.realtime.email	2 redirects view.email.wheeloffortune.com
1	d2vxgxvhgubbj8.cloudfront.net	view.email.wheeloffortune.com
1	d1m0jo40vwlwe4.cloudfront.net	view.email.wheeloffortune.com
1	click.email.wheeloffortune.com	view.email.wheeloffortune.com
1	view.email.wheeloffortune.com
21	8

This site contains links to these domains. Also see Links.

Domain
click.email.wheeloffortune.com

Subject Issuer	Validity	Valid
rawgit.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-01-12`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Frame ID: EC6E185D33069824840E2EF2EBEC9C6C
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

21
Requests

43 %
HTTPS

13 %
IPv6

5
Domains

8
Subdomains

8
IPs

3
Countries

1196 kB
Transfer

1209 kB
Size

0
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f220dafdac583d516aa255e48f9645a574cb26b66dcb14e77caeb1e88c45271a4344126293424b8c17d37559fad4aa57851019d95b799e9f5

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f9adcf2b61169308b08f7b5fafd0508b02e3ee5119428f6cf7781968294e0fe29c49ce7244c78980fed2a6463dbf58e850ff2d3f5d80619b0
Title: Activate Your SPIN ID

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7fcd47b125ec607905084ee760382ac7a29960a91b701b9bacfaa618675ce8f0015beebfabe5a0566d8aae31171e204498e339a3fe5ac65e17
Title: Log In Now

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f584f53cd3a1c77d9cb948107e5c7098aaa5abd4221053f6bf37006fdbeabd99c9557119f6e533526f5bfee1171791a7a20944191fb7a1c60

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f4d23ce3afac0ca957f493ab08b6d40786a0093ab42bbdff44827ddc98a3f562d8396f140778f1ac58fcf04997a87f712e4301517af5766aa

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f3007b045cc7bcae35b1cf0ee02e1212726087911e445b2068358cffe368db05badfdbced1c574c6b183a640309f571a4

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f83b483471a016da634ebf6d2f53429ab521027b6f20ad086934f367cbf790ed8c1864b21aa9be4b932a7898b595d3149

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7fe2cbbd1979eacb8ebe2deb3178f62c40741b8f3fc6fba65760b432fc6819c0f2353d7651ea2fe37db6481234f420fc08

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7fae4474252aa360cfedda068010be6b6d022588bd8cbd3f8862a855a64b055a9c62591676162b6a2407921110be525dd5

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f551c3eb9c2b40938c412a343240a0b7e863f5a8c8b4d55b85dd90fe7cc50062ecc3eab57df47e49f8f0908937e2edacb

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f4b1be60f162ca42f50b72c92ddb933eea450f4adcda705b01a79fee64a6b25f5a151e3f985106efd1e0f66af0933107f

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7fe35daa2f0115bf998d376d15c74310e60b4581308b19281cfec57fe0b950f6cce66f05ae9c35a0e0f394544a298d70088f6c54092e4810ff
Title: FORGOT PASSWORD?

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f552ad130a7bf1fef3aaa12eb295aeb7f023c0bea01ef35b15c657fc112fe73531c58ae5bbf08a0093af0f3d7285b5db5b797b1bac6cd3bb2
Title: BE A CONTESTANT

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f467a8b3244e3a01035710773ce97e763f19c96eb31f1c9c3ee193018e82c2c6e25e7a89dfb7d7435e9081b67d5fe82aba3065e48fafd54ab
Title: TOSS-UP CHALLENGE

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f800c2b1b97ae94445eee1f881a1795cab2f50105b9a4baa342280da7c5946f12579c75d34521a2e0ce4d7a607bbd55e826476fbef28cc6a3
Title: WHEEL WATCHERS CLUB

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f7009a65cdc2ad4a3e68868396a21bf2e2875a4b0c673556d2c8a12378bb57135939856e6a6491abe0ad55b9ed363084e2a4f7870c6958b51
Title: Official Rules

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=835d0ade0f25da7f8235b003dee069274bdb641d60be91206f0dca8554194914efc0fc2047999f5b321c890485d595fb8217da99ae9647149a6af39d3817a612
Title: Official Rules

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=c2f84584577f35eb6e34b33c2e5e8c1a9c5447c11b2a8d88c10e1756637604825c6c56af9c1250ca8748c928e717ab700a140e865c13ea96
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://click.email.wheeloffortune.com/?qs=c2f84584577f35ebaa8648e804d9107d4e7e307c0a958453a443c52cf672b3777c27b2ab284b2541d6d6a0a72b21b16400ac917b90b2f4be6691c1174916256e
Title: Unsubscribe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://em.realtime.email/service/rte?kind=countdown&id=1648472489&esp_uid=a7365265egguYVOMOMc&dim1=1/5/2010%2012:00:00%20AM&dim2=PG5254165&dim3=Phil&dim4=|||||| HTTP 302
https://d1m0jo40vwlwe4.cloudfront.net/7883/1648472489_1941333624_dfcd3a7f_481200.gif

Request Chain 17

https://em.realtime.email/service/rte?kind=duration&account_id=7883&campaign_id=1917461833&esp_uid=a7365265egguYVOMOMc HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=0 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=1 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=2 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=3 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=4 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=5 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=6 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=7 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=8 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=9 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=10 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=11 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=12 HTTP 302
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=13

Request Chain 18

https://em.realtime.email/service/rte?kind=livedata&id=1462232432&esp_uid=a7365265egguYVOMOMc&dim1=1/5/2010%2012:00:00%20AM&dim2=PG5254165&dim3=Phil&dim4=|||||| HTTP 302
https://d2vxgxvhgubbj8.cloudfront.net/images/liveclicker/transparentspacer.gif

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
view.email.wheeloffortune.com/ 66 KB
67 KB 655ms
376ms Document
text/html 68.232.203.71
EXACT-7

General

Check archive.org

Show headers Download Go to

Full URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Server: 68.232.203.71 , United States, ASN22606 (EXACT-7, US),
Reverse DNS: view.s6.exacttarget.com
Software: /
Resource Hash: dcffe868d9422f1eceeed721d3122664ecaa50595bdcfb1a0fb32f4a39ba32a7

Request headers

Host: view.email.wheeloffortune.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Mon, 16 Nov 2020 18:19:18 GMT
Connection: close
Content-Length: 67968

GET
H2 200 Gilroy.css
cdn.rawgit.com/mfd/09b70eb47474836f25a21660282ce0fd/raw/e06a670afcb2b861ed2ac4a1ef752d062ef6b46b/ 6 KB
1 KB 50ms
15ms Stylesheet
text/css 151.139.237.11
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/mfd/09b70eb47474836f25a21660282ce0fd/raw/e06a670afcb2b861ed2ac4a1ef752d062ef6b46b/Gilroy.css

Requested by

Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

2eb06fe723ea787fe8ef4e10087efb6b4cfab5020ee890409ce5005c208669dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4ebcfff19e84bf6e-AMS
x-cache: HIT
status: 200
vary: Accept-Encoding
rawgit-cache-status: MISS
content-type: text/css;charset=utf-8
server: NetDNA-cache/2.2
etag: W/"daf363ae35552acf1f14856f578e46be52c12616"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
sunset: Tue, 01 Oct 2019 00:00:00 GMT
access-control-allow-origin: *
cache-control: max-age=315569000, immutable
x-robots-tag: none
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."

GET
H2 200 css
fonts.googleapis.com/ 767 B
475 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcbf6af74906eaaff4fcdcba6634e89342bd322c9cb79767bd0df3aeef124333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Nov 2020 17:41:30 GMT
server: ESF
date: Mon, 16 Nov 2020 18:19:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Nov 2020 18:19:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
567 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

550aefc454b2a6bd34a31c5e83de5266c41510f702dbdf9f87ab3b25649a4741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Nov 2020 16:33:44 GMT
server: ESF
date: Mon, 16 Nov 2020 18:19:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Nov 2020 18:19:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
646 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Nov 2020 17:31:06 GMT
server: ESF
date: Mon, 16 Nov 2020 18:19:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Nov 2020 18:19:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
873 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b898ea701d06ef6e5fd70adac2cd45088726b669a635d852829b2414f1a12d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Nov 2020 17:28:10 GMT
server: ESF
date: Mon, 16 Nov 2020 18:19:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Nov 2020 18:19:18 GMT

GET
H/1.1 200
OK open.aspx
click.email.wheeloffortune.com/ 43 B
199 B 396ms
253ms Image
image/gif 68.232.203.70
EXACT-7

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://click.email.wheeloffortune.com/open.aspx?ffcb10-fec9107575660775-fe56107677630d7c7211-fe89127475670d757d-ff941679-fe5f10727c6605787612-ff2c15717c6c&d=60130
Requested by: Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Server: 68.232.203.70 , United States, ASN22606 (EXACT-7, US),
Reverse DNS: click.s6.exacttarget.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:19:18 GMT
X-Cnection: close
Cache-Control: no-cache; max-age=0
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK acb519f0-2554-4609-ab9a-78d5d6330fcc.jpg
image.email.wheeloffortune.com/lib/fe89127475670d757d/m/3/ 119 KB
119 KB 248ms
182ms Image
image/jpeg 2.16.186.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.email.wheeloffortune.com/lib/fe89127475670d757d/m/3/acb519f0-2554-4609-ab9a-78d5d6330fcc.jpg
Requested by: Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Server: 2.16.186.120 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-120.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 69f7ef7d43d0055fe363201397e34cff9cd7619088fbe76384a61abba7e78d20

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:19:18 GMT
Last-Modified: Sat, 31 Oct 2020 07:06:49 GMT
Server: AkamaiNetStorage
ETag: "03485d5c6755030b088fbeab56d145a2:1604128009.647637"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 121509

GET
H/1.1 200
OK f3f473f7-c0be-456c-aafb-4c8bbb2ae670.png
image.email.wheeloffortune.com/lib/fe89127475670d757d/m/3/ 536 KB
537 KB 576ms
513ms Image
image/png 2.16.186.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.email.wheeloffortune.com/lib/fe89127475670d757d/m/3/f3f473f7-c0be-456c-aafb-4c8bbb2ae670.png
Requested by: Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Server: 2.16.186.120 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-120.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 970f88ce13e4cadf09e38315877027ece07929039b93b46baf3918a26113e05b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:19:18 GMT
Last-Modified: Tue, 03 Nov 2020 07:08:00 GMT
Server: AkamaiNetStorage
ETag: "81846886623925e18a7b67fc47d6c579:1604387280.762843"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 549331

GET
H2 200 Gilroy-Bold.woff
cdn.rawgit.com/mfd/09b70eb47474836f25a21660282ce0fd/raw/e06a670afcb2b861ed2ac4a1ef752d062ef6b46b/ 37 KB
38 KB 103ms
30ms Font
font/woff 151.139.237.11
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/mfd/09b70eb47474836f25a21660282ce0fd/raw/e06a670afcb2b861ed2ac4a1ef752d062ef6b46b/Gilroy-Bold.woff

Requested by

Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/mfd/09b70eb47474836f25a21660282ce0fd/raw/e06a670afcb2b861ed2ac4a1ef752d062ef6b46b/Gilroy.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

97ff627efe96ef598a8bc4eeb98f24b498ca3731799bb364901b8ba586d09d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Origin: http://view.email.wheeloffortune.com
Referer: https://cdn.rawgit.com/mfd/09b70eb47474836f25a21660282ce0fd/raw/e06a670afcb2b861ed2ac4a1ef752d062ef6b46b/Gilroy.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:19:18 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 50f6d0346b55c867-AMS
x-cache: HIT
status: 200
vary: Accept-Encoding
rawgit-cache-status: HIT
content-type: font/woff
server: NetDNA-cache/2.2
etag: W/"5c2f87ef209886e4465172f33e17f2d5133bf0a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
sunset: Tue, 01 Oct 2019 00:00:00 GMT
access-control-allow-origin: *
cache-control: max-age=315569000, immutable
x-robots-tag: none
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."

GET
H/1.1

200
OK

1648472489_1941333624_dfcd3a7f_481200.gif
d1m0jo40vwlwe4.cloudfront.net/7883/
Redirect Chain

https://em.realtime.email/service/rte?kind=countdown&id=1648472489&esp_uid=a7365265egguYVOMOMc&dim1=1/5/2010%2012:00:00%20AM&dim2=PG5254165&dim3=Phil&dim4=||||||
https://d1m0jo40vwlwe4.cloudfront.net/7883/1648472489_1941333624_dfcd3a7f_481200.gif

152 KB
153 KB

479ms
421ms

Image
image/gif

143.204.214.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1m0jo40vwlwe4.cloudfront.net/7883/1648472489_1941333624_dfcd3a7f_481200.gif
Requested by: Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-111.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04e3acfa651f6c1b1d632f1ac1ec5b2fe8594b3a1cf9a538755e194ccb44d944

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:19:20 GMT
Via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Wed, 02 Dec 2020 00:00:00 GMT", rule-id="Autodelete > 15 days - xc"
Last-Modified: Mon, 16 Nov 2020 18:16:13 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "2ed917b26af358016a465dab1415ac0c"
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155898
X-Amz-Cf-Id: LbKFkZkefqFYMCWbSM9RpeUN6PtMzEKbpgMD4tGq_haqGiD54bEbWw==

Redirect headers

status: 302
pragma: no-cache
date: Mon, 16 Nov 2020 18:19:18 GMT
cache-control: no-cache
x-content-type-options: nosniff
location: https://d1m0jo40vwlwe4.cloudfront.net/7883/1648472489_1941333624_dfcd3a7f_481200.gif

GET
H/1.1 200
OK f61c5e96-d460-4149-b7f0-e9dde412fbc9.png
image.email.wheeloffortune.com/lib/fe89127475670d757d/m/3/ 229 KB
230 KB 1376ms
1347ms Image
image/png 2.16.186.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.email.wheeloffortune.com/lib/fe89127475670d757d/m/3/f61c5e96-d460-4149-b7f0-e9dde412fbc9.png
Requested by: Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Server: 2.16.186.120 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-120.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 839637ec0e6aa2910c7dcc47bb661832202d52d5d0440dc38a5cafe2e3e93ca3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:19:19 GMT
Last-Modified: Sat, 31 Oct 2020 07:06:34 GMT
Server: AkamaiNetStorage
ETag: "d735f9ea628fc3b013e327b885df380d:1604127994.282079"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 234942

GET
H/1.1 200
OK 56aebc8f-2777-4aae-8a4f-be49a94954d0.png
image.email.wheeloffortune.com/lib/fe89127475670d757d/m/1/ 1 KB
1 KB 180ms
152ms Image
image/png 2.16.186.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.email.wheeloffortune.com/lib/fe89127475670d757d/m/1/56aebc8f-2777-4aae-8a4f-be49a94954d0.png?b=1521568438000
Requested by: Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Server: 2.16.186.120 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-120.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: af9ccfcce19b3cf105a9cd5f966fd17478612f539b9baec848480a8e8aca41bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:19:18 GMT
Last-Modified: Fri, 07 Feb 2020 16:28:46 GMT
Server: AkamaiNetStorage
ETag: "613aa60b200c44d69fc8892797cab527:1581092926.861591"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1220

GET
H/1.1 200
OK 45c07590-a63b-4b7a-89c3-017295d3d5a9.png
image.email.wheeloffortune.com/lib/fe89127475670d757d/m/1/ 2 KB
2 KB 783ms
754ms Image
image/png 2.16.186.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.email.wheeloffortune.com/lib/fe89127475670d757d/m/1/45c07590-a63b-4b7a-89c3-017295d3d5a9.png?b=1521568438000
Requested by: Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Server: 2.16.186.120 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-120.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2a8d6e2a5759a657aa62274f884a59eb35b6c013ff7475153b2e9d4130d18275

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:19:19 GMT
Last-Modified: Tue, 20 Mar 2018 18:54:09 GMT
Server: AkamaiNetStorage
ETag: "83d2ba02f87a8de97f8e515535a76df7:1521572049.605775"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1813

GET
H/1.1 200
OK 9b634184-dce8-4ecd-a9c8-736b8276e887.png
image.email.wheeloffortune.com/lib/fe89127475670d757d/m/1/ 2 KB
3 KB 378ms
349ms Image
image/png 2.16.186.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.email.wheeloffortune.com/lib/fe89127475670d757d/m/1/9b634184-dce8-4ecd-a9c8-736b8276e887.png?b=1521568438000
Requested by: Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Server: 2.16.186.120 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-120.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e073d139b8ad528de6127fad4754d0f4001c5b257e431b1d8a6c4d1ede070caa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:19:18 GMT
Last-Modified: Fri, 07 Feb 2020 16:28:42 GMT
Server: AkamaiNetStorage
ETag: "6075fe274becb0495288cf97b0e2cadb:1581092922.081797"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2315

GET
H/1.1 200
OK 207d8f47-a74d-4269-9a9c-39e1a57469d0.png
image.email.wheeloffortune.com/lib/fe89127475670d757d/m/1/ 2 KB
2 KB 277ms
128ms Image
image/png 2.16.186.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.email.wheeloffortune.com/lib/fe89127475670d757d/m/1/207d8f47-a74d-4269-9a9c-39e1a57469d0.png?b=1521568439000
Requested by: Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Server: 2.16.186.120 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-120.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cbb6df00f2c33f432931a531285878497a41a47ac65c180df4bf7e747b54c78e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:19:18 GMT
Last-Modified: Fri, 07 Feb 2020 16:28:44 GMT
Server: AkamaiNetStorage
ETag: "ffac16774adf142ae8561e832bf04cde:1581092924.716588"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2139

GET
H/1.1 200
OK 75632fcb-c649-4158-8e29-6a78ff89b959.png
image.email.wheeloffortune.com/lib/fe89127475670d757d/m/1/ 2 KB
2 KB 404ms
126ms Image
image/png 2.16.186.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.email.wheeloffortune.com/lib/fe89127475670d757d/m/1/75632fcb-c649-4158-8e29-6a78ff89b959.png?b=1521568438000
Requested by: Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Server: 2.16.186.120 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-120.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f0d5c1edba73593b9db06c366ab7774c86b91f272fe182ae6019acb49b75a855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:19:18 GMT
Last-Modified: Tue, 20 Mar 2018 18:54:08 GMT
Server: AkamaiNetStorage
ETag: "8e0b2691b3654b73634be159007cafa9:1521572048.861126"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1895

GET
H/1.1 200
OK 4ab1f393-2d15-41ce-b87f-04e3e18f0647.png
image.email.wheeloffortune.com/lib/fe89127475670d757d/m/1/ 1 KB
1 KB 539ms
367ms Image
image/png 2.16.186.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.email.wheeloffortune.com/lib/fe89127475670d757d/m/1/4ab1f393-2d15-41ce-b87f-04e3e18f0647.png?b=1521568438000
Requested by: Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Server: 2.16.186.120 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-120.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 61dd412b4cd3c0a9467bb758e0c830c3310bc8c69e64a367d85628c07380514e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:19:19 GMT
Last-Modified: Tue, 20 Mar 2018 18:54:03 GMT
Server: AkamaiNetStorage
ETag: "40045a2c12407aa1ef2e8709f1de2684:1521572043.760055"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1181

GET

rte
em.realtime.email/service/
Redirect Chain

https://em.realtime.email/service/rte?kind=duration&account_id=7883&campaign_id=1917461833&esp_uid=a7365265egguYVOMOMc
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=0
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=1
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=2
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=3
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=4
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=5
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=6
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=7
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=8
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=9
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=10
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=11
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=12
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=13

0
0

GET
H/1.1

200
OK

transparentspacer.gif
d2vxgxvhgubbj8.cloudfront.net/images/liveclicker/
Redirect Chain

https://em.realtime.email/service/rte?kind=livedata&id=1462232432&esp_uid=a7365265egguYVOMOMc&dim1=1/5/2010%2012:00:00%20AM&dim2=PG5254165&dim3=Phil&dim4=||||||
https://d2vxgxvhgubbj8.cloudfront.net/images/liveclicker/transparentspacer.gif

43 B
605 B

92ms
22ms

Image
image/gif

13.226.156.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2vxgxvhgubbj8.cloudfront.net/images/liveclicker/transparentspacer.gif
Requested by: Host: view.email.wheeloffortune.com
URL: http://view.email.wheeloffortune.com/?qs=53cbc963d90575af4fdcd6a3e24ef8ce21f6118d1978a03935acc2fa766549c5490daa0e69a302d6b4bc61feb266f2e50afeefa3cb5bae00877d54e4694f7d09519f23456c8ec80dc57c4d0b5ac1592f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f94874e013ce9db25c3440b77e670608e748d671ce12df4f354b4779b9cc3cdd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
Via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
ETag: "3b2123c29004dfece34c524816307f50"
Age: 76864
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
Last-Modified: Mon, 22 Dec 2008 17:03:59 GMT
Server: AmazonS3
Date: Sun, 15 Nov 2020 20:58:25 GMT
Content-Type: image/gif
x-amz-meta-s3fox-filesize: 43
x-amz-meta-s3fox-modifiedtime: 1229965222581
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: w7MRazjPXIjAyBgULnc6AuG-xhE4qpKvcBwxBwd6kFAN8ZmRsgBMpQ==

Redirect headers

status: 302
pragma: no-cache
date: Mon, 16 Nov 2020 18:19:18 GMT
cache-control: no-cache
x-content-type-options: nosniff
location: https://d2vxgxvhgubbj8.cloudfront.net/images/liveclicker/transparentspacer.gif

GET
H2 200 Gilroy-Regular.woff
cdn.rawgit.com/mfd/09b70eb47474836f25a21660282ce0fd/raw/e06a670afcb2b861ed2ac4a1ef752d062ef6b46b/ 36 KB
37 KB 53ms
53ms Font
font/woff 151.139.237.11
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/mfd/09b70eb47474836f25a21660282ce0fd/raw/e06a670afcb2b861ed2ac4a1ef752d062ef6b46b/Gilroy-Regular.woff

Requested by

Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/mfd/09b70eb47474836f25a21660282ce0fd/raw/e06a670afcb2b861ed2ac4a1ef752d062ef6b46b/Gilroy.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

4feabe8db7d618b7e4d1480845ffc37928f52a82ea4b4449f5c6a4c09bcca7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Origin: http://view.email.wheeloffortune.com
Referer: https://cdn.rawgit.com/mfd/09b70eb47474836f25a21660282ce0fd/raw/e06a670afcb2b861ed2ac4a1ef752d062ef6b46b/Gilroy.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:19:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 50f66c606e62bf91-AMS
x-cache: HIT
status: 200
vary: Accept-Encoding
rawgit-cache-status: MISS
content-type: font/woff
server: NetDNA-cache/2.2
etag: W/"89f164f39272c1eaf55416cb09f15171637761fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
sunset: Tue, 01 Oct 2019 00:00:00 GMT
access-control-allow-origin: *
cache-control: max-age=315569000, immutable
x-robots-tag: none
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: em.realtime.email
URL: https://em.realtime.email/service/rte?kind=duration&id=0&user_id=a7365265egguYVOMOMc&account_id=7883&campaign_id=1917461833&delays=1&i=13

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rawgit.com
click.email.wheeloffortune.com
d1m0jo40vwlwe4.cloudfront.net
d2vxgxvhgubbj8.cloudfront.net
em.realtime.email
fonts.googleapis.com
image.email.wheeloffortune.com
view.email.wheeloffortune.com
em.realtime.email
13.226.156.121
143.204.214.111
151.139.237.11
2.16.186.120
204.236.217.48
2a00:1450:4001:817::200a
68.232.203.70
68.232.203.71
04e3acfa651f6c1b1d632f1ac1ec5b2fe8594b3a1cf9a538755e194ccb44d944
2a8d6e2a5759a657aa62274f884a59eb35b6c013ff7475153b2e9d4130d18275
2eb06fe723ea787fe8ef4e10087efb6b4cfab5020ee890409ce5005c208669dd
44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9
4feabe8db7d618b7e4d1480845ffc37928f52a82ea4b4449f5c6a4c09bcca7af
550aefc454b2a6bd34a31c5e83de5266c41510f702dbdf9f87ab3b25649a4741
61dd412b4cd3c0a9467bb758e0c830c3310bc8c69e64a367d85628c07380514e
69f7ef7d43d0055fe363201397e34cff9cd7619088fbe76384a61abba7e78d20
839637ec0e6aa2910c7dcc47bb661832202d52d5d0440dc38a5cafe2e3e93ca3
8b898ea701d06ef6e5fd70adac2cd45088726b669a635d852829b2414f1a12d3
970f88ce13e4cadf09e38315877027ece07929039b93b46baf3918a26113e05b
97ff627efe96ef598a8bc4eeb98f24b498ca3731799bb364901b8ba586d09d86
af9ccfcce19b3cf105a9cd5f966fd17478612f539b9baec848480a8e8aca41bb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cbb6df00f2c33f432931a531285878497a41a47ac65c180df4bf7e747b54c78e
dcffe868d9422f1eceeed721d3122664ecaa50595bdcfb1a0fb32f4a39ba32a7
e073d139b8ad528de6127fad4754d0f4001c5b257e431b1d8a6c4d1ede070caa
f0d5c1edba73593b9db06c366ab7774c86b91f272fe182ae6019acb49b75a855
f94874e013ce9db25c3440b77e670608e748d671ce12df4f354b4779b9cc3cdd
fcbf6af74906eaaff4fcdcba6634e89342bd322c9cb79767bd0df3aeef124333

view.email.wheeloffortune.com Open in urlscan Pro 68.232.203.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

21 Requests

43 %HTTPS

13 %IPv6

5 Domains

8 Subdomains

8 IPs

3 Countries

1196 kBTransfer

1209 kBSize

0 Cookies

19 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

view.email.wheeloffortune.com Open in urlscan Pro
68.232.203.71 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

43 %
HTTPS

13 %
IPv6

5
Domains

8
Subdomains

8
IPs

3
Countries

1196 kB
Transfer

1209 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions