www.wheeloffortune.com Open in urlscan Pro
2a02:26f0:6c00:28e::1524 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recov...
Submission Tags: phishing malicious Search All
Submission: On November 16 via api (November 16th 2020, 6:12:41 pm UTC) from US

Summary HTTP 73 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 18 domains to perform 73 HTTP transactions. The main IP is 2a02:26f0:6c00:28e::1524, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is www.wheeloffortune.com.
TLS certificate: Issued by DigiCert Global CA G2 on August 20th 2020. Valid for: 10 months.

This is the only time www.wheeloffortune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2a02:26f0:6c0... 2a02:26f0:6c00:28e::1524	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:214... 2600:9000:214f:5400:1:fb61:2b80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.215.227.228 3.215.227.228	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:ebcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:218... 2600:9000:2182:800:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
5	104.108.145.18 104.108.145.18	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
6	23.38.61.143 23.38.61.143	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	35.171.13.153 35.171.13.153	14618 (AMAZON-AES) (AMAZON-AES)
4	99.86.2.104 99.86.2.104	16509 (AMAZON-02) (AMAZON-02)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.243.147 162.247.243.147	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:445... 2600:1f18:4457:4600:fb08:16af:7d76:deae	14618 (AMAZON-AES) (AMAZON-AES)
73	22

26 2a02:26f0:6c00:28e::1524 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

www.wheeloffortune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x00f.map2.ssl.hwcdn.net

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:5400:1:fb61:2b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.levelaccess.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.227.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-227-228.compute-1.amazonaws.com

6403988.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ebcc (United States)

ASN13335 (CLOUDFLARENET, US)

www.jqueryscript.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:800:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.108.145.18 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-18.deploy.static.akamaitechnologies.com

cdns.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.38.61.143 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-38-61-143.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.171.13.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-13-153.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.2.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-104.fra6.r.cloudfront.net

api.wheeloffortune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4457:4600:fb08:16af:7d76:deae (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.levelaccess.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	wheeloffortune.com www.wheeloffortune.com api.wheeloffortune.com	1 MB
10	evidon.com c.evidon.com l.evidon.com	35 KB
5	gigya.com cdns.us1.gigya.com	225 KB
5	facebook.com www.facebook.com	480 B
4	facebook.net connect.facebook.net	153 KB
3	google.com www.google.com	667 B
2	nr-data.net bam-cell.nr-data.net	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	levelaccess.net cdn.levelaccess.net api.levelaccess.net	58 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	35 KB
1	gstatic.com www.gstatic.com	130 KB
1	newrelic.com js-agent.newrelic.com	11 KB
1	doubleclick.net stats.g.doubleclick.net	90 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	jwplayer.com cdn.jwplayer.com	40 KB
1	jqueryscript.net www.jqueryscript.net	3 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	igodigital.com 6403988.collect.igodigital.com	2 KB
73	18

	Domain	Requested by
26	www.wheeloffortune.com	www.wheeloffortune.com cdn.levelaccess.net
6	c.evidon.com	www.wheeloffortune.com c.evidon.com
5	cdns.us1.gigya.com	www.wheeloffortune.com cdns.us1.gigya.com
5	www.facebook.com	www.wheeloffortune.com connect.facebook.net
4	api.wheeloffortune.com	www.wheeloffortune.com cdns.us1.gigya.com
4	l.evidon.com	www.wheeloffortune.com
4	connect.facebook.net	www.wheeloffortune.com connect.facebook.net
3	www.google.com	cdns.us1.gigya.com www.gstatic.com
2	bam-cell.nr-data.net	js-agent.newrelic.com www.wheeloffortune.com
2	www.google-analytics.com	www.googletagmanager.com www.wheeloffortune.com
2	stackpath.bootstrapcdn.com	www.wheeloffortune.com
1	api.levelaccess.net	www.wheeloffortune.com
1	www.gstatic.com	www.google.com
1	js-agent.newrelic.com	www.wheeloffortune.com
1	stats.g.doubleclick.net	www.wheeloffortune.com
1	www.googletagmanager.com	www.wheeloffortune.com
1	cdn.jwplayer.com	www.wheeloffortune.com
1	www.jqueryscript.net	www.wheeloffortune.com
1	cdnjs.cloudflare.com	www.wheeloffortune.com
1	6403988.collect.igodigital.com	www.wheeloffortune.com
1	cdn.levelaccess.net	www.wheeloffortune.com
73	21

This site contains links to these domains. Also see Links.

Domain
secure.sonypictures.com
sonypictures.com
tickets.wheeloffortune.com
shopwheeloffortune.com
www.card.com
facebook.com
twitter.com
instagram.com
www.youtube.com
giphy.com
www.pinterest.com
www.sonypictures.com
privacyportal-cdn.onetrust.com

Subject Issuer	Validity	Valid
www.wheeloffortune.com DigiCert Global CA G2	`2020-08-20` - `2021-07-02`	10 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
cdn.levelaccess.net Amazon	`2020-03-19` - `2021-04-19`	a year	crt.sh
*.collect.igodigital.com DigiCert SHA2 Secure Server CA	`2020-02-14` - `2021-02-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
jwplayer.com Amazon	`2020-02-29` - `2021-03-29`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
cdns.gigya.com DigiCert SHA2 Secure Server CA	`2020-01-27` - `2021-03-27`	a year	crt.sh
*.evidon.com DigiCert Secure Site ECC CA-1	`2020-04-29` - `2021-07-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
api.wheeloffortune.com Amazon	`2020-07-16` - `2021-08-16`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-23` - `2021-05-07`	6 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
api.levelaccess.net Amazon	`2020-03-19` - `2021-04-19`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Frame ID: F056B79137BD4E0F4BB23C82FE188A88
Requests: 68 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fwheeloffortune&layout=button_count&show_faces=false&width=200&action=like&colorscheme=light&height=21
Frame ID: 17FEB61F93E1D27184C5583FF77582C4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/like.php?app_id=1053371504818118&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe5f416619dca4%26domain%3Dwww.wheeloffortune.com%26origin%3Dhttps%253A%252F%252Fwww.wheeloffortune.com%252Ff16b39441619028%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fwww.wheeloffortune.com%2Flogin%3Futm_source%3Dwof%26utm_medium%3Demail%26utm_campaign%3DS38_WK09_Winback_10NOV2020%26utm_audience%3DRecovery%26utm_category%3DWin%26utm_subcategory%3DSecretSanta%26utm_linkposition%3DST1%26utm_linkobject%3DBTN&locale=en_GB&sdk=joey
Frame ID: D7DCECBB4D53864AB1622745A1151D40
Requests: 1 HTTP requests in this frame

Frame: https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&version=latest&build=11471
Frame ID: DC7FBE52BD98AF3FA0B0CF15279A6966
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6sKsZAAAAALITQwL48oe9Nj5ndlTHfL-FEMGA&co=aHR0cHM6Ly93d3cud2hlZWxvZmZvcnR1bmUuY29tOjQ0Mw..&hl=en&type=image&v=rCr6uVkhcBxHr-Uhry4bcSYc&theme=light&size=normal&cb=y0a3s1hm05ue
Frame ID: 44A4C6D3C0A821DF3B16D0BBAACC1707
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&k=6Ld6sKsZAAAAALITQwL48oe9Nj5ndlTHfL-FEMGA&cb=tgmrodh4qaff
Frame ID: E26B9F49B2A9114179E3671A3BEB7C59
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

73
Requests

100 %
HTTPS

64 %
IPv6

18
Domains

21
Subdomains

22
IPs

6
Countries

2230 kB
Transfer

5398 kB
Size

5
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.sonypictures.com/wof/forgot-password.html

Search URL Search Domain Scan URL

URL: http://sonypictures.com/
Title:

Search URL Search Domain Scan URL

URL: https://tickets.wheeloffortune.com/
Title: Get Tickets

Search URL Search Domain Scan URL

URL: https://shopwheeloffortune.com/
Title: Shop Wheel

Search URL Search Domain Scan URL

URL: https://www.card.com/wheel-fortune?option=25815&chn=lic&afid=480&b=bancorp&nw=visa&pid=4062
Title: Wheel Card

Search URL Search Domain Scan URL

URL: https://facebook.com/wheeloffortune
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/wheeloffortune
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/wheeloffortune
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/wheeloffortune
Title:

Search URL Search Domain Scan URL

URL: https://giphy.com/wheeloffortune
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wheeloffortune/
Title:

Search URL Search Domain Scan URL

URL: https://www.sonypictures.com/corp/tos.html
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.sonypictures.com/corp/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.sonypictures.com/corp/privacy.html#privacy-rights
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/d19e506f-1a64-463d-94e4-914dd635817d/b9eb997c-9ede-451b-8fd4-29891782a928.html
Title: Do not sell my personal information

Search URL Search Domain Scan URL

URL: https://www.sonypictures.com/
Title: Visit SonyPictures.com

Search URL Search Domain Scan URL

URL: http://www.sonypictures.com/movies/
Title: Movies

Search URL Search Domain Scan URL

URL: http://www.sonypictures.com/tv/
Title: Television

Search URL Search Domain Scan URL

URL: https://www.sonypictures.com/games
Title: Games & Apps

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
www.wheeloffortune.com/ 95 KB
19 KB 43ms
29ms Document
text/html 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

c42ec8150369717e18254be7f3101a45b903056ddc90756a91e4bc33a2022510

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=1000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.wheeloffortune.com
:scheme: https
:path: /login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
accept-ranges: bytes
content-encoding: gzip
content-language: en
content-security-policy: report-uri /report-csp-violation
content-type: text/html; charset=UTF-8
etag: "1605546540"
last-modified: Mon, 16 Nov 2020 17:09:00 GMT
link: <https://www.wheeloffortune.com/login>; rel="canonical" <https://www.wheeloffortune.com/login>; rel="revision"
server: nginx
strict-transport-security: max-age=1000
x-age: 2487
x-ah-environment: prod
x-cache-hits: 6
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-generator: Drupal 8 (https://www.drupal.org)
x-request-id: v-6b8f9d06-282e-11eb-be18-a3e78155488b
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
content-length: 18812
expires: Mon, 16 Nov 2020 18:51:20 GMT
date: Mon, 16 Nov 2020 18:12:21 GMT
vary: Accept-Encoding
cache-control: max-age=0, no-cache, private, must-revalidate

GET
H2 200 google_tag.script.js Show response
www.wheeloffortune.com/sites/default/files/google_tag//google_tag/site_data/ 348 B
547 B 35ms
29ms Script
application/javascript 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/sites/default/files/google_tag//google_tag/site_data/google_tag.script.js?qjvsbv

Requested by

Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

0f1530935351a1c05bf0091a47543edca68e2e10b982802ef7028502663154b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 08:44:00 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-ah-environment: prod
cache-control: max-age=1175521
x-age: 0
accept-ranges: bytes
content-length: 280
x-request-id: v-1d947f7c-27e8-11eb-94cb-2b2f5083e256
expires: Mon, 30 Nov 2020 08:44:22 GMT

GET
H2 200 css_4tRm0mj6JlH1L5bWRgW1nUSvpr0xF-hBgtq4kFmIf6M.css
www.wheeloffortune.com/sites/default/files/css/ 31 KB
6 KB 12ms
7ms Stylesheet
text/css 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/sites/default/files/css/css_4tRm0mj6JlH1L5bWRgW1nUSvpr0xF-hBgtq4kFmIf6M.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

e2d466d268fa2651f52f96d64605b59d44afa6bd3117e84182dab89059887fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 76059
x-ah-environment: prod
content-length: 6167
x-request-id: v-378c6b7e-23ba-11eb-a267-574e1933b0f7
last-modified: Mon, 02 Nov 2020 23:16:39 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Wed, 25 Nov 2020 22:13:32 GMT
cache-control: max-age=792071
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 css_mZSQr6b0TAOo2aPYXFCFVBuJ-p7hVYQQOdymgqeIQxs.css
www.wheeloffortune.com/sites/default/files/css/ 22 KB
6 KB 14ms
10ms Stylesheet
text/css 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/sites/default/files/css/css_mZSQr6b0TAOo2aPYXFCFVBuJ-p7hVYQQOdymgqeIQxs.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

999490afa6f44c03a8d9a3d85c5085541b89fa9ee155841039dca682a788431b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 249
x-ah-environment: prod
content-length: 5399
x-request-id: v-b895ac36-24e0-11eb-bed9-9349cfa1136d
last-modified: Mon, 02 Nov 2020 23:16:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Thu, 26 Nov 2020 12:20:04 GMT
cache-control: max-age=842863
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/ 138 KB
21 KB 396ms
32ms Stylesheet
text/css 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:10 GMT
status: 200
etag: "1544639650"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 21089

GET
H2 200 css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css
www.wheeloffortune.com/sites/default/files/css/ 294 KB
44 KB 16ms
13ms Stylesheet
text/css 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

f512a2b2a64f7a8802f1075fcbd35473c2ca3ef8656eec80839723e8ffa9a5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 139030
x-ah-environment: prod
content-length: 45079
x-request-id: v-bc3614b4-269f-11eb-8c71-ebfdc06118a2
last-modified: Fri, 13 Nov 2020 20:26:59 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Mon, 30 Nov 2020 08:13:10 GMT
cache-control: max-age=1173649
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b8da097c4c477730ead29c775b6ba4713dc7cf4c3fc3fa1768d46757b6b7df97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.wheeloffortune.com
Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0qXMC/NFMnJjThdIrzEJGg==
status: 200
cross-origin-resource-policy: cross-origin
expires: Mon, 16 Nov 2020 18:17:45 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
etag: "1a741a705f8e2f789e14a9e830b2a120"
x-fb-debug: LRw3BlW61r3NEpXsCe8JpRa04o1Rw+keoTQ2RBg39HdbNnc3wdgqFdBtZUwKV+Lo6zz+mesa5pQWYe5382We9g==
x-fb-trip-id: 2050670934
x-fb-content-md5: 690a7656275567c52cbebd3235a4ba85
date: Mon, 16 Nov 2020 18:12:21 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK access.js Show response
cdn.levelaccess.net/accessjs/YW1wMTEwOTM/ 451 KB
58 KB 36ms
9ms Script
application/javascript 2600:9000:214f:5400:1:fb61:2b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.levelaccess.net/accessjs/YW1wMTEwOTM/access.js
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5400:1:fb61:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35e7682af3a1fce1feda4fffa0e206262fad45c1c1eb211a860e433ea310a2ba

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: fSLtdf7QRb1T0hq4x8OCk6SlQKuiww6g
Content-Encoding: gzip
ETag: "ed54fcf674c8a4e52acce68f71449d35"
Age: 390
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 58305
Last-Modified: Tue, 10 Nov 2020 03:45:06 GMT
Server: AmazonS3
Date: Mon, 16 Nov 2020 18:05:52 GMT
Content-Type: application/javascript
Via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
Cache-Control: max-age=900
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: lYhWyKLikhzm_r34IbzbliffersE6QkVbcRVWidSyFA6lACu8h_6iw==

GET
H2 200 collect.js Show response
6403988.collect.igodigital.com/ 9 KB
2 KB 357ms
116ms Script
application/javascript 3.215.227.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://6403988.collect.igodigital.com/collect.js
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.227.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-227-228.compute-1.amazonaws.com
Software: /
Resource Hash: 4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: gzip
last-modified: Sun, 15 Nov 2020 05:41:43 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 seckit.document_write.js Show response
www.wheeloffortune.com/modules/contrib/seckit/js/ 221 B
439 B 31ms
29ms Script
application/javascript 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/modules/contrib/seckit/js/seckit.document_write.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

59188bcaa3b5dccf38b0c478df9905898409051a07bc5c4e19b5df5f0d13a1b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 18:27:51 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-ah-environment: prod
cache-control: max-age=843953
x-age: 0
accept-ranges: bytes
content-length: 171
x-request-id: v-fe580464-24e3-11eb-988f-7ba740704013
expires: Thu, 26 Nov 2020 12:38:14 GMT

GET
H2 200 seckit.no_body.css
www.wheeloffortune.com/modules/contrib/seckit/css/ 69 B
356 B 19ms
18ms Stylesheet
text/css 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/modules/contrib/seckit/css/seckit.no_body.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

a0ed6564518031e9c6350d7d8801868a5ce638331fba94da7413880a8c1b1bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 6996
x-ah-environment: prod
content-length: 85
x-request-id: v-b0f4e700-0828-11eb-a697-4f9e391c72ac
last-modified: Thu, 24 Sep 2020 18:27:57 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Thu, 26 Nov 2020 13:17:12 GMT
cache-control: max-age=846291
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 sony-logo%20%281%29.png
www.wheeloffortune.com/sites/default/files/2020-04/ 3 KB
3 KB 34ms
33ms Image
image/png 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheeloffortune.com/sites/default/files/2020-04/sony-logo%20%281%29.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

865fd95d3c2313313188dad5d5e22b05c64bd03d86b827059cd4613f9e1f75cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 May 2020 18:42:25 GMT
server: nginx
content-type: image/png
status: 200
x-ah-environment: prod
cache-control: max-age=843684
x-cache-hits: 1
x-age: 515
accept-ranges: bytes
content-length: 2804
x-request-id: v-c561223e-1111-11eb-8415-f315ba56447b
expires: Thu, 26 Nov 2020 12:33:45 GMT

GET
H2 200 newer_0.png
www.wheeloffortune.com/sites/default/files/ 3 KB
3 KB 34ms
33ms Image
image/png 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheeloffortune.com/sites/default/files/newer_0.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

80103d3b8204e0261b8cc302d9326583cc30774e691c6ff66b21401237797865

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
content-type: image/png
status: 200
x-ah-environment: prod
cache-control: max-age=843831
x-cache-hits: 1
x-age: 1501
accept-ranges: bytes
content-length: 2713
x-request-id: v-71773220-24e0-11eb-9142-5bc0205c94d1
expires: Thu, 26 Nov 2020 12:36:12 GMT

GET
H2 200 logo-5_0_0.png
www.wheeloffortune.com/sites/default/files/ 38 KB
39 KB 40ms
39ms Image
image/png 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheeloffortune.com/sites/default/files/logo-5_0_0.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

38f9147a7f23e2342e589a8a1608d022d1adc2e647a43d09da0a5360f297f69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Aug 2020 19:08:57 GMT
server: nginx
content-type: image/png
status: 200
x-ah-environment: prod
cache-control: max-age=941975
x-cache-hits: 4
x-age: 99086
accept-ranges: bytes
content-length: 39118
x-request-id: v-0e9b2692-1afa-11eb-b409-5326d2247a83
expires: Fri, 27 Nov 2020 15:51:56 GMT

GET
H2 200 css_Y4H_4BqmgyCtG7E7YdseTs2qvy9C34c51kBamDdgark.css
www.wheeloffortune.com/sites/default/files/css/ 497 B
543 B 47ms
45ms Stylesheet
text/css 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/sites/default/files/css/css_Y4H_4BqmgyCtG7E7YdseTs2qvy9C34c51kBamDdgark.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

6381ffe01aa68320ad1bb13b61db1e4ecdaabf2f42df8739d6405a9837606ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 445
x-ah-environment: prod
content-length: 270
x-request-id: v-58c556fc-24e6-11eb-b244-6bada618dbde
last-modified: Mon, 02 Nov 2020 23:16:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Thu, 26 Nov 2020 13:02:15 GMT
cache-control: max-age=845394
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 footer-logo.png
www.wheeloffortune.com/sites/default/files/2020-05/ 3 KB
3 KB 54ms
50ms Image
image/png 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheeloffortune.com/sites/default/files/2020-05/footer-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

f24c183921a01d9f81711647d78254a41c47d97f1ce01a36d4898b150f487640

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
content-type: image/png
status: 200
x-ah-environment: prod
cache-control: max-age=843873
x-cache-hits: 1
x-age: 526
accept-ranges: bytes
content-length: 3122
x-request-id: v-b6fc7808-24e2-11eb-a84b-5f39a77f72ff
expires: Thu, 26 Nov 2020 12:36:54 GMT

GET
H2 200 js_L7fJf6OsByqhxiL1KebrshIXY-ayQQracvN5D450Sys.js Show response
www.wheeloffortune.com/sites/default/files/js/ 158 KB
48 KB 54ms
50ms Script
text/javascript 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/sites/default/files/js/js_L7fJf6OsByqhxiL1KebrshIXY-ayQQracvN5D450Sys.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

2fb7c97fa3ac072aa1c622f529e6ebb2121763e6b2410ada72f3790f8e744b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 23:16:11 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
status: 200
x-ah-environment: prod
cache-control: max-age=843908
x-age: 0
accept-ranges: bytes
content-length: 48818
x-request-id: v-d29f3068-24e3-11eb-a2c8-d3346c9fbbd7
expires: Thu, 26 Nov 2020 12:37:29 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 18ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 411898
x-via: cfworker/kv
status: 200
content-length: 6451
cf-request-id: 0673db161800002c2e893ae000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
etag: "5eb03fa9-4f71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B4anzZFeJ6d5nerCn21Ydb%2Ff6NxhcAvxXNZy9%2BjBJ9ZzSSuWOjPveEPhdp2S%2Fpuy4NcBds170%2BWji2eEUnaZdDtLxxUCP0FPj8jRddqLdXKsyO11d9rj7axB%2B1MYRqpDWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f332e035bc82c2e-FRA
expires: Sat, 06 Nov 2021 18:12:21 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/ 50 KB
14 KB 380ms
33ms Script
text/javascript 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:53 GMT
status: 200
etag: "1544639633"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 14049

GET
H2 200 js_baSb4raLZFoT1n26Ry3Ge4oyJRdYWse23-Ror2jDJpM.js Show response
www.wheeloffortune.com/sites/default/files/js/ 85 KB
22 KB 58ms
55ms Script
text/javascript 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/sites/default/files/js/js_baSb4raLZFoT1n26Ry3Ge4oyJRdYWse23-Ror2jDJpM.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

6da49be2b68b645a13d67dba472dc67b8a322517585ac7b6dfe468af68c32693

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 5929
x-ah-environment: prod
content-length: 22160
x-request-id: v-64340910-24e2-11eb-86d1-5b71659d8042
last-modified: Mon, 02 Nov 2020 23:16:11 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
expires: Thu, 26 Nov 2020 14:06:10 GMT
cache-control: max-age=849229
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 hc-offcanvas-nav.js Show response
www.jqueryscript.net/demo/Multi-Level-Sidebar-Menu-HC-MobileNav/ 7 KB
3 KB 41ms
22ms Script
application/javascript 2606:4700:3038::6815:ebcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jqueryscript.net/demo/Multi-Level-Sidebar-Menu-HC-MobileNav/hc-offcanvas-nav.js
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 854a8427d893854617018acd8117db7dce8fbf0fc9d6df729884d6986855b644

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 544088
status: 200
cf-request-id: 0673db16290000175a13129000000001
last-modified: Sat, 28 Jul 2018 00:22:24 GMT
server: cloudflare
etag: W/"1c89-5720438ec5000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=isFuSghU8a1SZRly1AzUBxQwYVm3k7M8BBWXS7IWeUSvfALU%2BKb3YVepkd4Er3kSvoH8DbmYW2XKlksp6V9xigM1Gbo%2FhX%2FA%2Bo%2BVHZhYk6SOC8WHL3BQqA596GTwJLcq7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 5f332e037e96175a-FRA
expires: Tue, 17 Nov 2020 11:04:13 GMT

GET
H2 200 js_35DeaU8uBiyHIC_Jt7E19Ufd3pkkkiiU7afakArM7T8.js Show response
www.wheeloffortune.com/sites/default/files/js/ 140 KB
23 KB 63ms
61ms Script
text/javascript 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/sites/default/files/js/js_35DeaU8uBiyHIC_Jt7E19Ufd3pkkkiiU7afakArM7T8.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

df90de694f2e062c87202fc9b7b135f547ddde9924922894eda7da900acced3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 04 Oct 2020 18:59:01 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
status: 200
x-ah-environment: prod
cache-control: max-age=764185
x-age: 0
accept-ranges: bytes
content-length: 23283
x-request-id: v-dc434322-0673-11eb-a16e-bb2113bd6644
expires: Wed, 25 Nov 2020 14:28:46 GMT

GET
H2 200 niqngNhI.js Show response
cdn.jwplayer.com/libraries/ 126 KB
40 KB 49ms
11ms Script
text/javascript 2600:9000:2182:800:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/niqngNhI.js
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 67ddaf37ff9ee141e597625e9f236e6a253accb3a008b2bddf34c52e63a0fb44

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:10:14 GMT
content-encoding: gzip
server: openresty
age: 127
status: 200
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
x-amz-cf-pop: DUS51-C1
content-length: 41018
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
x-amz-cf-id: ivDCkLk72kSlKyScut7MyqUSqWu_O0daayqDWGQp4xO6qqb9IREJOg==
expires: Mon, 16 Nov 2020 18:12:44 GMT

GET
H2 200 js_lt8QGrUO53oTZxfUhGpnFGopES8-F5bcwSMDvbSHbEQ.js Show response
www.wheeloffortune.com/sites/default/files/js/ 70 KB
13 KB 70ms
68ms Script
text/javascript 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/sites/default/files/js/js_lt8QGrUO53oTZxfUhGpnFGopES8-F5bcwSMDvbSHbEQ.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

96df101ab50ee77a136717d4846a67146a29112f3e1796dcc12303bdb4876c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 6958
x-ah-environment: prod
content-length: 13370
x-request-id: v-5779f8ac-2752-11eb-9435-efe62b51f371
last-modified: Fri, 13 Nov 2020 20:27:00 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
expires: Sun, 29 Nov 2020 16:49:18 GMT
cache-control: max-age=1118217
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 195 KB
59 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=4d177176cd32de03d21ae2f23eebbb57&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aef811c442aaca96bf407e23114e47fd65ef6f2039721c0fc93d53546e70c14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.wheeloffortune.com
Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mPKSnJilm9pnhZxa+IuI4w==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60128
etag: "6f6f825ad2bc387fe0bf677f9a92c2ec"
x-fb-debug: MwUx6pQAtt0LPJ/j8swjdw2ABd+3GvA/hXg/ym26NpzYxEZ/+23VkqB5CvWjOE1Fx/XpNNSqCFXcL69Mr6xlvw==
x-fb-trip-id: 2050670934
x-fb-content-md5: bdaf55325d36bc0303c9a970bc0d0b0c
x-frame-options: DENY
date: Mon, 16 Nov 2020 18:12:21 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 16 Nov 2021 16:37:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1053371504818118&ev=fb_page_view&dl=https%3A%2F%2Fwww.wheeloffortune.com%2Flogin%3Futm_source%3Dwof%26utm_medium%3Demail%26utm_campaign%3DS38_WK09_Winback_10NOV2020%26utm_audience%3DRecovery%26utm_category%3DWin%26utm_subcategory%3DSecretSanta%26utm_linkposition%3DST1%26utm_linkobject%3DBTN&rl=&if=false&ts=1605550341719&sw=1600&sh=1200&at=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 16 Nov 2020 18:12:21 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 17FE 0
0 104ms
104ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fwheeloffortune&layout=button_count&show_faces=false&width=200&action=like&colorscheme=light&height=21

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fwheeloffortune&layout=button_count&show_faces=false&width=200&action=like&colorscheme=light&height=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0xcPBgKvhHVlCXr5u..BfssEF...1.0.BfssEF.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: Nx95TcI10OGI//1ULfYjPNULjI/Fa6377SzdYykhwHyAOqsZcYqoqThYn3vIp4dhGDXLCKNVaWRtjwS8bOLFAw==
date: Mon, 16 Nov 2020 18:12:22 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 facebook.svg
www.wheeloffortune.com/themes/custom/wof/images/svg/ 929 B
807 B 13ms
13ms Image
image/svg+xml 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheeloffortune.com/themes/custom/wof/images/svg/facebook.svg

Requested by

Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

ce215c36890205f6d822b89c5b4d1e00da4bf1200452cdefe78dc35559ecab8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 5466
x-ah-environment: prod
content-length: 528
x-request-id: v-4e74c968-24e0-11eb-9319-df1c607530b5
last-modified: Thu, 24 Sep 2020 18:27:59 GMT
server: nginx
vary: Accept-Encoding
content-type: image/svg+xml
expires: Thu, 26 Nov 2020 13:43:45 GMT
cache-control: max-age=847883
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 Layer%206461.png
www.wheeloffortune.com//sites/default/files/2020-07/ 605 KB
607 KB 55ms
55ms Image
image/png 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheeloffortune.com//sites/default/files/2020-07/Layer%206461.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

50c775156dca6695cae4bf46c298d9a689168fe0da3443fbe3112e0e05774680

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
content-type: image/png
status: 200
x-ah-environment: prod
cache-control: max-age=1149664
x-cache-hits: 1
x-age: 124280
accept-ranges: bytes
content-length: 619925
x-request-id: v-4572c2ba-268a-11eb-87b6-97a3d972cf2d
expires: Mon, 30 Nov 2020 01:33:26 GMT

GET
H2 200 040a78b437acd0433612f92e61d04a1b.woff2
www.wheeloffortune.com/themes/custom/wof/fonts/ 45 KB
45 KB 16ms
16ms Font
text/plain 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/themes/custom/wof/fonts/040a78b437acd0433612f92e61d04a1b.woff2

Requested by

Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

12a5199f6d7025e156ec951a0c1630164fdce3a380c19609712ee9cc31700bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.wheeloffortune.com
Referer: https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 18:27:46 GMT
server: nginx
accept-ranges: bytes
status: 200
cache-control: max-age=847806
x-cache-hits: 1
x-age: 0
x-ah-environment: prod
content-length: 45568
x-request-id: v-5977aef6-1118-11eb-a4ca-173079c5e975
expires: Thu, 26 Nov 2020 13:42:28 GMT

GET
H2 200 1064f0ad1cb65fdab43bb592ddd8aa91.woff2
www.wheeloffortune.com/themes/custom/wof/fonts/ 44 KB
44 KB 25ms
25ms Font
text/plain 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/themes/custom/wof/fonts/1064f0ad1cb65fdab43bb592ddd8aa91.woff2

Requested by

Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

9207bccf2c471f5a5af03d97577f3e17011e7ee64476d9fcd59f997264a25c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.wheeloffortune.com
Referer: https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 01:45:12 GMT
server: nginx
status: 200
x-ah-environment: prod
cache-control: max-age=846493
x-age: 0
accept-ranges: bytes
content-length: 44552
x-request-id: v-de43e520-24e9-11eb-953b-4b6dd611c56d
expires: Thu, 26 Nov 2020 13:20:35 GMT

GET
H2 200 fontawesome-webfont.woff2
www.wheeloffortune.com/themes/custom/wof/fonts/ 75 KB
76 KB 36ms
35ms Font
text/plain 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/themes/custom/wof/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.wheeloffortune.com
Referer: https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 18:27:46 GMT
server: nginx
accept-ranges: bytes
status: 200
cache-control: max-age=846534
x-cache-hits: 2
x-age: 0
x-ah-environment: prod
content-length: 77160
x-request-id: v-de195c9c-24e9-11eb-8a46-b3451b772619
expires: Thu, 26 Nov 2020 13:21:16 GMT

GET
H2 200 Arial.woff
www.wheeloffortune.com/themes/custom/wof/fonts/ 412 KB
413 KB 45ms
44ms Font
text/plain 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/themes/custom/wof/fonts/Arial.woff

Requested by

Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

d6e849c7ef42a7fd301e1227e210bb30691c4c6870cd2f27a40fb4763f2915e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.wheeloffortune.com
Referer: https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 18:27:46 GMT
server: nginx
status: 200
x-ah-environment: prod
cache-control: max-age=845838
x-cache-hits: 1
x-age: 3455
accept-ranges: bytes
content-length: 421820
x-request-id: v-27b556b2-24e0-11eb-8a3b-5b653682ab71
expires: Thu, 26 Nov 2020 13:09:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
35 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M25F52G

Requested by

Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/sites/default/files/google_tag//google_tag/site_data/google_tag.script.js?qjvsbv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1fb64aa643d93de1576a146332947894925568c0fc291476abb8b6ee5e96849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35970
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Nov 2020 18:12:22 GMT

GET
H2 200 like.php
www.facebook.com/v6.0/plugins/ Frame D7DC 0
0 61ms
60ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v6.0/plugins/like.php?app_id=1053371504818118&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe5f416619dca4%26domain%3Dwww.wheeloffortune.com%26origin%3Dhttps%253A%252F%252Fwww.wheeloffortune.com%252Ff16b39441619028%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fwww.wheeloffortune.com%2Flogin%3Futm_source%3Dwof%26utm_medium%3Demail%26utm_campaign%3DS38_WK09_Winback_10NOV2020%26utm_audience%3DRecovery%26utm_category%3DWin%26utm_subcategory%3DSecretSanta%26utm_linkposition%3DST1%26utm_linkobject%3DBTN&locale=en_GB&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=4d177176cd32de03d21ae2f23eebbb57&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v6.0/plugins/like.php?app_id=1053371504818118&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe5f416619dca4%26domain%3Dwww.wheeloffortune.com%26origin%3Dhttps%253A%252F%252Fwww.wheeloffortune.com%252Ff16b39441619028%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fwww.wheeloffortune.com%2Flogin%3Futm_source%3Dwof%26utm_medium%3Demail%26utm_campaign%3DS38_WK09_Winback_10NOV2020%26utm_audience%3DRecovery%26utm_category%3DWin%26utm_subcategory%3DSecretSanta%26utm_linkposition%3DST1%26utm_linkobject%3DBTN&locale=en_GB&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0xcPBgKvhHVlCXr5u..BfssEF...1.0.BfssEF.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v6.0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: vyr3tQZDcAuGYkgK2CBFoAcRyrzJTZkH6fWHPLmeV48DKIKISP3NKE70RAvk01CXDx03ZxaKKlqwtba20/T0Ow==
date: Mon, 16 Nov 2020 18:12:22 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H/1.1 200
OK gigya.js Show response
cdns.us1.gigya.com/js/ 313 KB
104 KB 150ms
68ms Script
text/javascript 104.108.145.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.js?apiKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&lang=en
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/sites/default/files/js/js_L7fJf6OsByqhxiL1KebrshIXY-ayQQracvN5D450Sys.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.18 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2395288370a34bb00b086b52cbaabe74d94cd480f84520eb19099d5cb86022a3

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:12:22 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
X-Soa: true, Gator
Vary: Accept-Encoding
P3P: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
X-CallID: dc95d61ca47346108bd7a77e78827871
Cache-Control: public, max-age=900, s-maxage=3600
X-Server: us1d-nomad-g10
Connection: keep-alive
X-Robots-Tag: none
X-Gigya-HA-cfg-ver: 5
Content-Length: 105712
Expires: Mon, 16 Nov 2020 18:27:22 GMT

GET
H2 200 lazysizes.min.js Show response
www.wheeloffortune.com/libraries/lazysizes/ 7 KB
4 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheeloffortune.com/libraries/lazysizes/lazysizes.min.js

Requested by

Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/sites/default/files/js/js_L7fJf6OsByqhxiL1KebrshIXY-ayQQracvN5D450Sys.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

eb32a635955e226734775639e6f9b84a8ff45b999bc1688f4b8cc9b77178b760

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-age: 2317
x-ah-environment: prod
content-length: 3307
x-request-id: v-20e030a8-1afb-11eb-a25c-d7f3f13a9500
last-modified: Thu, 24 Sep 2020 18:27:45 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
expires: Thu, 26 Nov 2020 13:02:31 GMT
cache-control: max-age=845409
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M25F52G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1377
date: Mon, 16 Nov 2020 17:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 16 Nov 2020 19:49:25 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 57 KB
15 KB 98ms
30ms Script
application/x-javascript 23.38.61.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.61.143 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-38-61-143.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 612c97f03d18e49fade68bee8209491382fab8aaed6fdb3e9f2d600762817717

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
status: 200
content-length: 14862
last-modified: Tue, 20 Oct 2020 19:35:34 GMT
server: AkamaiNetStorage
etag: "00c6080ca1a01c38c0a14c8b7f46c4b6:1603222534.839903"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 18 Nov 2020 18:12:22 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 240 B
452 B 114ms
47ms Script
application/x-javascript 23.38.61.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.61.143 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-38-61-143.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 643a2497b70ca41c122e8694d1d2057f0decbaf3551fdd3a8202e8f0b5720737

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:58 GMT
server: AkamaiNetStorage
status: 200
etag: "c81ac205c0d808235641c236e1d83746:1584143218.184718"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 167

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/2796/ 132 KB
5 KB 115ms
48ms Script
application/x-javascript 23.38.61.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2796/snthemes.js
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.61.143 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-38-61-143.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 815c2183fef5db3559cd9704c4c046dae477d579efa3466ae23681a71aedda0f

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
status: 200
content-length: 5015
last-modified: Thu, 29 Oct 2020 21:11:57 GMT
server: AkamaiNetStorage
etag: "49d6428644d36bb52e0db0a365b3c41b:1604005917.332712"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 18 Nov 2020 18:12:22 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/2796/wheeloffortune/ 7 KB
2 KB 116ms
49ms Script
application/x-javascript 23.38.61.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2796/wheeloffortune/settings.js
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.61.143 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-38-61-143.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 69ff98daac2b51cecc22a5e3099e39e5cbdd3068877d68dd241c9e7175a45bed

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
status: 200
content-length: 1260
last-modified: Wed, 19 Aug 2020 21:00:39 GMT
server: AkamaiNetStorage
etag: "dd6a2fbdfef06c51d9436ceadcc811df:1597870839.753969"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 18 Nov 2020 18:12:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23272
x-xss-protection: 0
pragma: public
x-fb-debug: 3YAzJbyUcHoJU9khUYP4ol/4lUdW1TGPCCvRRPW3T+bht/WwscriXCJ/lkPypBm73yW7+1ue5vIyrY3yHMI2Pg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 16 Nov 2020 18:12:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
393 B 49ms
13ms XHR
text/plain 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1573086233&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wheeloffortune.com%2Flogin%3Futm_source%3Dwof%26utm_medium%3Demail%26utm_campaign%3DS38_WK09_Winback_10NOV2020%26utm_audience%3DRecovery%26utm_category%3DWin%26utm_subcategory%3DSecretSanta%26utm_linkposition%3DST1%26utm_linkobject%3DBTN&ul=en-us&de=UTF-8&dt=Login%20Page%20%7C%20Wheel%20of%20Fortune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=641826567&gjid=1821169709&cid=654899271.1605550342&tid=UA-46026993-2&_gid=1985243372.1605550342&_r=1&gtm=2wgb41M25F52G&cd1=WOF%3AHome&cd3=WOF%3ALogin%20Page&cd4=WOF%3ALogin%20Page&cd5=logged_out&cd7=Login%20Page&cd10=Recovery&cd12=ST1&cd13=BTN&z=333587350

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 Nov 2020 18:12:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.wheeloffortune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 189639048354221 Show response
connect.facebook.net/signals/config/ 235 KB
69 KB 25ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/189639048354221?v=2.9.28&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba7aab71faebba889d9d553b39c534778f1a599d63748bac45f7c0adc6d0514f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70060
x-xss-protection: 0
pragma: public
x-fb-debug: BCYvytK95Gyf52kqRvhRNiZq2/AZEfpb/kGL1CzbGG4RduBcYVReRSq5qUFNtXcgumSTkoNcD3VKlpcvT3brpg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 16 Nov 2020 18:12:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
90 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-46026993-2&cid=654899271.1605550342&jid=641826567&gjid=1821169709&_gid=1985243372.1605550342&_u=YEBAAEAAAAAAAC~&z=1556515371

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 16 Nov 2020 18:12:22 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.wheeloffortune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Api.aspx
cdns.us1.gigya.com/gs/webSdk/ Frame DC7F 0
0 49ms
49ms Document
text/html 104.108.145.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.us1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&version=latest&build=11471

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apiKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.108.145.18 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-145-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Host: cdns.us1.gigya.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN

Response headers

Content-Type: text/html; charset=utf-8
Content-Length: 34233
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="IDC COR PSA DEV ADM OUR IND ONL"
X-Soa: true, Gator
X-Server: us1d-nomad-g1
X-CallID: 84a25257a3b3409d9be95f80cb2f4583
Accept-Ranges: bytes
X-Gigya-HA-cfg-ver: 5
X-Robots-Tag: none
Cache-Control: public, max-age=86400, s-maxage=3600
Date: Mon, 16 Nov 2020 18:12:22 GMT
Connection: keep-alive

GET
H2 200 /
www.facebook.com/tr/ 44 B
123 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=189639048354221&ev=PageView&dl=https%3A%2F%2Fwww.wheeloffortune.com%2Flogin%3Futm_source%3Dwof%26utm_medium%3Demail%26utm_campaign%3DS38_WK09_Winback_10NOV2020%26utm_audience%3DRecovery%26utm_category%3DWin%26utm_subcategory%3DSecretSanta%26utm_linkposition%3DST1%26utm_linkobject%3DBTN&rl=&if=false&ts=1605550342438&sw=1600&sh=1200&v=2.9.28&r=stable&ec=0&o=30&fbp=fb.1.1605550342436.96575471&it=1605550342332&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 16 Nov 2020 18:12:22 GMT

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/2796/translations/ 310 KB
9 KB 31ms
30ms Script
application/x-javascript 23.38.61.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2796/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.61.143 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-38-61-143.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6b57c3d3e26846143eb51cc53e3d2fd6d7658becdcf65a8f6971fe681c0e5acf

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
status: 200
content-length: 9137
last-modified: Thu, 29 Oct 2020 21:11:28 GMT
server: AkamaiNetStorage
etag: "b8814ee3e0d5ed69aa52e1601f28a04a:1604005888.41213"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 18 Nov 2020 18:12:22 GMT

GET
H2 200 evidon-banner.js Show response
c.evidon.com/sitenotice/ 11 KB
3 KB 31ms
30ms Script
application/x-javascript 23.38.61.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-banner.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.38.61.143 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-38-61-143.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 37245c9e63df1fb0eeb1c862ce7f7347eed8e598439fb535aab32d917bf35a09

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
status: 200
content-length: 3030
last-modified: Tue, 20 Oct 2020 19:35:35 GMT
server: AkamaiNetStorage
etag: "8ca458279ecbcfe38c8488d652154a97:1603222535.778156"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 18 Nov 2020 18:12:22 GMT

GET
H2 204 1
l.evidon.com/site/v3/2796/23563/1/1/2/ 0
120 B 411ms
185ms Image
text/plain 35.171.13.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/2796/23563/1/1/2/1?consent=1&regulationid=1&regulationconsenttypeid=2
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.13.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-13-153.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 59862
l.evidon.com/site/v3/2796/23563/1/4/2/1/ 0
121 B 297ms
114ms Image
text/plain 35.171.13.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/2796/23563/1/4/2/1/59862?consent=1&regulationid=1&regulationconsenttypeid=2
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.13.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-13-153.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 59862
l.evidon.com/site/v3/2796/23563/1/2/2/1/ 0
120 B 323ms
139ms Image
text/plain 35.171.13.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/2796/23563/1/2/2/1/59862?consent=1&regulationid=1&regulationconsenttypeid=2
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.13.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-13-153.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 59862
l.evidon.com/site/v3/2796/23563/1/1/2/1/ 0
120 B 310ms
127ms Image
text/plain 35.171.13.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/2796/23563/1/1/2/1/59862?consent=1&regulationid=1&regulationconsenttypeid=2
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.13.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-13-153.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 accounts.webSdkBootstrap Show response
api.wheeloffortune.com/ 177 B
1 KB 489ms
417ms XHR
text/javascript 99.86.2.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wheeloffortune.com/accounts.webSdkBootstrap?apiKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&pageURL=https%3A%2F%2Fwww.wheeloffortune.com%2Flogin%3Futm_source%3Dwof%26utm_medium%3Demail%26utm_campaign%3DS38_WK09_Winback_10NOV2020%26utm_audience%3DRecovery%26utm_category%3DWin%26utm_subcategory%3DSecretSanta%26utm_linkposition%3DST1%26utm_linkobject%3DBTN&sdk=js_latest&format=json
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-104.fra6.r.cloudfront.net
Software: /
Resource Hash: 05d3b2f44cd4246c1ef9b3b7b935e841649847fe0ae61614885104b8bf28ff22

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
x-soa: true, Gator
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
status: 200
content-length: 154
access-control-allow-origin: https://www.wheeloffortune.com
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-callid: 7dda648b958f426cb20a95d2d1c2c40b
cache-control: private
x-server: us1d-nomad-g2
access-control-allow-credentials: true
x-robots-tag: none
x-gigya-ha-cfg-ver: 5
x-amz-cf-id: 68lyXVRlk1zQun9j0lwABgMGtVyo6s3WG1MSaWLefjAOHs0s38OCpA==

GET
H2 200 nr-1184.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 93ms
31ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1184.min.js
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
x-amz-request-id: A21809B1C987C063
x-cache: HIT
status: 200
content-length: 10624
x-amz-id-2: 5/0iWHe8AbcxZN6Jo3BmJ2Q+tztfRSNwr+lcNTrsM79nJm6KurTN6rNwf14f8ELquc1TIDOjlf4=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
server: AmazonS3
x-timer: S1605550343.959380,VS0,VE0
etag: "3d7f312be60d08a2568e311e4762f3af"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 23207

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=189639048354221&ev=Microdata&if=false&ts=1605550342962&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20Page%20%7C%20Wheel%20of%20Fortune%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.wheeloffortune.com%2Flogin%22%2C%22og%3Atitle%22%3A%22Login%20Page%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.28&r=stable&ec=1&o=30&fbp=fb.1.1605550342436.96575471&it=1605550342332&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 16 Nov 2020 18:12:22 GMT

GET
H/1.1 200
OK 8a7222225e Show response
bam-cell.nr-data.net/1/ 57 B
647 B 320ms
282ms Script
text/javascript 162.247.243.147
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/8a7222225e?a=602564209&v=1184.ab39b52&to=NAEHN0UCDEtRBUQIWA1LJABDCg1WHyJCFEcCCDkNWAcHZHMJXhVFDAgJBkU/LFdUA2YIUhQnCg1DEQ1UXANCTAkVDQAU&rst=1415&ck=1&ref=https://www.wheeloffortune.com/login&ap=359&be=80&fe=1317&dc=629&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1605550341563,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:2,%22c%22:2,%22s%22:7,%22ce%22:14,%22rq%22:14,%22rp%22:43,%22rpe%22:47,%22dl%22:57,%22di%22:628,%22ds%22:629,%22de%22:657,%22dc%22:1316,%22l%22:1316,%22le%22:1318%7D,%22navigation%22:%7B%7D%7D&fp=525&fcp=606&at=GEYEQQ0YH0U%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:12:23 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 5f332e0bec477373-CPH
cf-request-id: 0673db1b7400007373b3823000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK gigya.services.plugins.base.min.js Show response
cdns.us1.gigya.com/js/ 340 KB
100 KB 56ms
56ms Script
text/javascript 104.108.145.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.services.plugins.base.min.js?services=gigya.services.accounts.plugins.screenSet&lang=en&version=latest
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apiKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.18 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 27364abbd0b7475e4a707d0a7d1bbc337f939c7d84885e4fbc99550e5dc78ec7

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:12:23 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
X-Soa: true, Gator
Vary: Accept-Encoding
P3P: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
X-CallID: 15b9b646e6664b05afd111ce4417a4c7
Cache-Control: public, max-age=900, s-maxage=3600
X-Server: us1d-nomad-g4
Connection: keep-alive
X-Robots-Tag: none
X-Gigya-HA-cfg-ver: 5
Content-Length: 102392
Expires: Mon, 16 Nov 2020 18:27:23 GMT

GET
H2 200 accounts.getScreenSets Show response
api.wheeloffortune.com/ 184 KB
35 KB 417ms
416ms XHR
text/javascript 99.86.2.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wheeloffortune.com/accounts.getScreenSets?screenSetIDs=WOF-Registration-LiteRegistration&include=html%2Ccss%2Cjavascript%2Ctranslations%2C&lang=en&APIKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&source=showScreenSet&sdk=js_latest&pageURL=https%3A%2F%2Fwww.wheeloffortune.com%2Flogin%3Futm_source%3Dwof%26utm_medium%3Demail%26utm_campaign%3DS38_WK09_Winback_10NOV2020%26utm_audience%3DRecovery%26utm_category%3DWin%26utm_subcategory%3DSecretSanta%26utm_linkposition%3DST1%26utm_linkobject%3DBTN&format=json
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-104.fra6.r.cloudfront.net
Software: /
Resource Hash: 8b8ca92012f99fce11b0c5e3599cf9a4ef66907703e158720b470c8ec401ecbf

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:22 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
x-soa: true, Gator
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
status: 200
content-length: 35263
access-control-allow-origin: https://www.wheeloffortune.com
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-callid: cbabf5c7360047bea4bec42f07adc67d
cache-control: private
x-server: us1d-nomad-g2
access-control-allow-credentials: true
x-robots-tag: none
x-gigya-ha-cfg-ver: 5
x-amz-cf-id: 6rFUtxsIi9sjeFkM3g_eG1E_VUvd2HrILEqdcDmreFfhZwgZgAs-iA==

GET
H2 200 login-modal-bg.jpg
www.wheeloffortune.com/themes/custom/wof/images/ 11 KB
11 KB 27ms
27ms Image
image/jpeg 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheeloffortune.com/themes/custom/wof/images/login-modal-bg.jpg

Requested by

Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

439cd7a0c413ceaddaf1cab10ddcdd2efe45f41e8ef51a91314fcabc40f257be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/sites/default/files/css/css_9RKisqZPeogC8Qdfy9NUc8LKPvhlbuyAg5cj6P-ppfo.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 02:02:25 GMT
server: nginx
content-type: image/jpeg
status: 200
x-ah-environment: prod
cache-control: max-age=872945
x-cache-hits: 1
x-age: 19651
accept-ranges: bytes
content-length: 10917
x-request-id: v-90d21cd4-24f9-11eb-b0f8-3336cb234a52
expires: Thu, 26 Nov 2020 20:41:28 GMT

GET
H/1.1 200
OK gigya.services.socialize.plugins.login_v2.min.js Show response
cdns.us1.gigya.com/js/ 58 KB
18 KB 58ms
57ms Script
text/javascript 104.108.145.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.services.socialize.plugins.login_v2.min.js?lang=en&version=latest
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apiKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.18 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 16fbad3584e0d31978610fdb21b22d22645b0054217deb46875834b72de3c590

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 18:12:23 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
X-Soa: true, Gator
Vary: Accept-Encoding
P3P: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
X-CallID: a987554157814ff294f9f066b651a640
Cache-Control: public, max-age=900, s-maxage=3600
X-Server: us1d-nomad-g10
Connection: keep-alive
X-Robots-Tag: none
X-Gigya-HA-cfg-ver: 5
Content-Length: 17908
Expires: Mon, 16 Nov 2020 18:27:23 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 912 B
667 B 17ms
16ms Script
text/javascript 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=gig_Google_onLoad&hl=en

Requested by

Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apiKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d84af97e2d2c74e100cfb48fc8bb8d7466d23d2874e7feca5f70ae4ed3652bce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 579
x-xss-protection: 1; mode=block
expires: Mon, 16 Nov 2020 18:12:23 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/rCr6uVkhcBxHr-Uhry4bcSYc/ 335 KB
130 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rCr6uVkhcBxHr-Uhry4bcSYc/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=gig_Google_onLoad&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8b4b2ca6272d6a145c9d5e85a0adf9413875ff9e231a92eabe9f6e947dc9354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.wheeloffortune.com
Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 17:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3441
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133476
x-xss-protection: 0
last-modified: Mon, 09 Nov 2020 05:27:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Nov 2021 17:15:02 GMT

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 44A4 0
0 49ms
35ms Document
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld6sKsZAAAAALITQwL48oe9Nj5ndlTHfL-FEMGA&co=aHR0cHM6Ly93d3cud2hlZWxvZmZvcnR1bmUuY29tOjQ0Mw..&hl=en&type=image&v=rCr6uVkhcBxHr-Uhry4bcSYc&theme=light&size=normal&cb=y0a3s1hm05ue

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rCr6uVkhcBxHr-Uhry4bcSYc/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2EBAlTX5hHvzegaP/IL6jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld6sKsZAAAAALITQwL48oe9Nj5ndlTHfL-FEMGA&co=aHR0cHM6Ly93d3cud2hlZWxvZmZvcnR1bmUuY29tOjQ0Mw..&hl=en&type=image&v=rCr6uVkhcBxHr-Uhry4bcSYc&theme=light&size=normal&cb=y0a3s1hm05ue
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 16 Nov 2020 18:12:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-2EBAlTX5hHvzegaP/IL6jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10855
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK GetSprite.ashx
cdns.us1.gigya.com/gs/ 2 KB
3 KB 64ms
64ms Image
image/png 104.108.145.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdns.us1.gigya.com/gs/GetSprite.ashx?path=%2FHTMLLogin%2FFullLogoColored%2F%5Bfacebook%5D_45.png%7C117%2C45
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.18 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: da7f074b7f3179e1be787658e88d0c0d0770129d8c2441e709e332e22331f036

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Version: 1
Date: Mon, 16 Nov 2020 18:12:23 GMT
Content-Type: image/png
Last-Modified: Wed, 20 May 2020 16:15:22 GMT
P3P: CP="IDC COR PSA DEV ADM OUR IND ONL"
X-LegacyProxy: true
Cache-Control: private, max-age=86400
X-Server: us1d-web508
Connection: keep-alive
X-Robots-Tag: none
X-Gigya-HA-cfg-ver: 5
Content-Length: 2454

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame E26B 0
0 20ms
19ms Document
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&k=6Ld6sKsZAAAAALITQwL48oe9Nj5ndlTHfL-FEMGA&cb=tgmrodh4qaff

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rCr6uVkhcBxHr-Uhry4bcSYc/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Lm81g3UZLR7udo4Od+bJcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=rCr6uVkhcBxHr-Uhry4bcSYc&k=6Ld6sKsZAAAAALITQwL48oe9Nj5ndlTHfL-FEMGA&cb=tgmrodh4qaff
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 16 Nov 2020 18:12:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-Lm81g3UZLR7udo4Od+bJcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1173
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sony-logo%20%281%29.png
www.wheeloffortune.com/sites/default/files/2020-04/ 3 KB
3 KB 34ms
13ms Image
image/png 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheeloffortune.com/sites/default/files/2020-04/sony-logo%20%281%29.png

Requested by

Host: cdn.levelaccess.net
URL: https://cdn.levelaccess.net/accessjs/YW1wMTEwOTM/access.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

865fd95d3c2313313188dad5d5e22b05c64bd03d86b827059cd4613f9e1f75cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 May 2020 18:42:25 GMT
server: nginx
content-type: image/png
status: 200
x-ah-environment: prod
cache-control: max-age=843679
x-cache-hits: 1
x-age: 515
accept-ranges: bytes
content-length: 2804
x-request-id: v-c561223e-1111-11eb-8415-f315ba56447b
expires: Thu, 26 Nov 2020 12:33:45 GMT

GET
H2 200 newer_0.png
www.wheeloffortune.com/sites/default/files/ 3 KB
3 KB 19ms
18ms Image
image/png 2a02:26f0:6c00:28e::1524
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheeloffortune.com/sites/default/files/newer_0.png

Requested by

Host: cdn.levelaccess.net
URL: https://cdn.levelaccess.net/accessjs/YW1wMTEwOTM/access.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:28e::1524 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

80103d3b8204e0261b8cc302d9326583cc30774e691c6ff66b21401237797865

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:12:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
content-type: image/png
status: 200
x-ah-environment: prod
cache-control: max-age=843826
x-cache-hits: 1
x-age: 1501
accept-ranges: bytes
content-length: 2713
x-request-id: v-71773220-24e0-11eb-9142-5bc0205c94d1
expires: Thu, 26 Nov 2020 12:36:12 GMT

POST
H2 200 results Show response
api.levelaccess.net/analytics/3.0/ 0
260 B 575ms
267ms XHR
text/plain 2600:1f18:4457:4600:fb08:16af:7d76:deae
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.levelaccess.net/analytics/3.0/results

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4457:4600:fb08:16af:7d76:deae Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 16 Nov 2020 18:12:27 GMT
x-content-type-options: nosniff
status: 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.wheeloffortune.com
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-credentials: true
content-length: 0

GET
H2 200 gscounters.sendReport Show response
api.wheeloffortune.com/ 171 B
567 B 421ms
413ms Script
application/ecmascript 99.86.2.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wheeloffortune.com/gscounters.sendReport?reports=%5B%7B%22name%22%3A%22loadc%22%2C%22time%22%3A%221605550342420%22%2C%22reportData%22%3A%7B%22sref%22%3A%22%22%7D%7D%2C%7B%22name%22%3A%22load%22%2C%22time%22%3A%221605550343122%22%2C%22source%22%3A%22showScreenSet%22%2C%22reportData%22%3A%7B%7D%7D%2C%7B%22name%22%3A%22load%22%2C%22time%22%3A%221605550343126%22%2C%22source%22%3A%22showScreenSet%22%2C%22reportData%22%3A%7B%7D%7D%2C%7B%22name%22%3A%22load%22%2C%22time%22%3A%221605550343127%22%2C%22source%22%3A%22showScreenSet%22%2C%22reportData%22%3A%7B%7D%7D%2C%7B%22name%22%3A%22load%22%2C%22time%22%3A%221605550343128%22%2C%22source%22%3A%22showScreenSet%22%2C%22reportData%22%3A%7B%7D%7D%5D&APIKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&sdk=js_latest&pageURL=https%3A%2F%2Fwww.wheeloffortune.com%2Flogin%3Futm_source%3Dwof%26utm_medium%3Demail%26utm_campaign%3DS38_WK09_Winback_10NOV2020%26utm_audience%3DRecovery%26utm_category%3DWin%26utm_subcategory%3DSecretSanta%26utm_linkposition%3DST1%26utm_linkobject%3DBTN&format=jsonp&callback=gigya.callback&context=R1583105750
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apiKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-104.fra6.r.cloudfront.net
Software: /
Resource Hash: 249ddee6d8dc8b2d44ebee23e2443e93bb0eebbf6afc22af26b9b20c3c3079fe

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-version: 1
date: Mon, 16 Nov 2020 18:12:27 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
status: 200
content-length: 171
pragma: no-cache
content-type: application/ecmascript; charset=utf-8
x-legacyproxy: true
cache-control: no-cache
x-server: us1d-web207
x-robots-tag: none
x-gigya-ha-cfg-ver: 5
x-amz-cf-id: GkQuPMtPzkeNim-Z_kq-uIyYonlHrG2sfrmsqTV7IPi7KW2T33Cj7w==
expires: -1

GET
H2 200 gscounters.sendReport Show response
api.wheeloffortune.com/ 171 B
568 B 483ms
475ms Script
application/ecmascript 99.86.2.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.wheeloffortune.com/gscounters.sendReport?reports=%5B%7B%22name%22%3A%22load%22%2C%22time%22%3A%221605550343128%22%2C%22source%22%3A%22showScreenSet%22%2C%22reportData%22%3A%7B%7D%7D%2C%7B%22name%22%3A%22load%22%2C%22time%22%3A%221605550343128%22%2C%22source%22%3A%22showScreenSet%22%2C%22reportData%22%3A%7B%7D%7D%5D&APIKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&sdk=js_latest&pageURL=https%3A%2F%2Fwww.wheeloffortune.com%2Flogin%3Futm_source%3Dwof%26utm_medium%3Demail%26utm_campaign%3DS38_WK09_Winback_10NOV2020%26utm_audience%3DRecovery%26utm_category%3DWin%26utm_subcategory%3DSecretSanta%26utm_linkposition%3DST1%26utm_linkobject%3DBTN&format=jsonp&callback=gigya.callback&context=R1726624185
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apiKey=3_le-j4Ry74aFYk2NO2ZGtHnUi5kKblRKYV48RejAhkknMitFBkwX2UXKU41_IiOGb&lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-104.fra6.r.cloudfront.net
Software: /
Resource Hash: 5079a5b3bb85156abf3bf723e2f18b641e435028e2fb1f15b28e0da14f392377

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-version: 1
date: Mon, 16 Nov 2020 18:12:27 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
status: 200
content-length: 171
pragma: no-cache
content-type: application/ecmascript; charset=utf-8
x-legacyproxy: true
cache-control: no-cache
x-server: us1d-web201
x-robots-tag: none
x-gigya-ha-cfg-ver: 5
x-amz-cf-id: 35RHcv7yoSw_4wGn-gQiSj6ydvCXeTAHKgXycfmTwCjqxTXT-feCoA==
expires: -1

POST
H/1.1 200
OK 8a7222225e Show response
bam-cell.nr-data.net/events/1/ 24 B
498 B 296ms
296ms XHR
image/gif 162.247.243.147
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/8a7222225e?a=602564209&v=1184.ab39b52&to=NAEHN0UCDEtRBUQIWA1LJABDCg1WHyJCFEcCCDkNWAcHZHMJXhVFDAgJBkU/LFdUA2YIUhQnCg1DEQ1UXANCTAkVDQAU&rst=11415&ck=1&ref=https://www.wheeloffortune.com/login
Requested by: Host: www.wheeloffortune.com
URL: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.wheeloffortune.com/login?utm_source=wof&utm_medium=email&utm_campaign=S38_WK09_Winback_10NOV2020&utm_audience=Recovery&utm_category=Win&utm_subcategory=SecretSanta&utm_linkposition=ST1&utm_linkobject=BTN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 16 Nov 2020 18:12:33 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.wheeloffortune.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 5f332e4a2e957373-CPH
Content-Length: 24
cf-request-id: 0673db425d000073738d318000000001

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.facebook.com/	1970-01-19 16:08:46	Name: fr Value: 0xcPBgKvhHVlCXr5u..BfssEF...1.0.BfssEF.
.wheeloffortune.com/	1970-01-19 16:08:46	Name: _fbp Value: fb.1.1605550342436.96575471
.wheeloffortune.com/	1970-01-19 13:59:10	Name: _gat_UA-46026993-2 Value: 1
.wheeloffortune.com/	1970-01-19 14:00:36	Name: _gid Value: GA1.2.1985243372.1605550342
.wheeloffortune.com/	1970-01-20 07:30:22	Name: _ga Value: GA1.2.654899271.1605550342

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js(Line 1) Message: Evidon -- evidon-notice-link not found on page, cant display the consent link.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=1000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6403988.collect.igodigital.com
api.levelaccess.net
api.wheeloffortune.com
bam-cell.nr-data.net
c.evidon.com
cdn.jwplayer.com
cdn.levelaccess.net
cdnjs.cloudflare.com
cdns.us1.gigya.com
connect.facebook.net
js-agent.newrelic.com
l.evidon.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.jqueryscript.net
www.wheeloffortune.com
104.108.145.18
151.101.114.110
162.247.243.147
209.197.3.15
23.38.61.143
2600:1f18:4457:4600:fb08:16af:7d76:deae
2600:9000:214f:5400:1:fb61:2b80:93a1
2600:9000:2182:800:1:a3fa:7cc0:93a1
2606:4700:3038::6815:ebcc
2606:4700::6810:135e
2a00:1450:4001:800::2003
2a00:1450:4001:802::200e
2a00:1450:4001:819::2004
2a00:1450:4001:81a::200e
2a00:1450:4001:820::2008
2a00:1450:400c:c00::9d
2a02:26f0:6c00:28e::1524
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.215.227.228
35.171.13.153
99.86.2.104
05d3b2f44cd4246c1ef9b3b7b935e841649847fe0ae61614885104b8bf28ff22
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f1530935351a1c05bf0091a47543edca68e2e10b982802ef7028502663154b1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12a5199f6d7025e156ec951a0c1630164fdce3a380c19609712ee9cc31700bca
16fbad3584e0d31978610fdb21b22d22645b0054217deb46875834b72de3c590
2395288370a34bb00b086b52cbaabe74d94cd480f84520eb19099d5cb86022a3
249ddee6d8dc8b2d44ebee23e2443e93bb0eebbf6afc22af26b9b20c3c3079fe
27364abbd0b7475e4a707d0a7d1bbc337f939c7d84885e4fbc99550e5dc78ec7
2fb7c97fa3ac072aa1c622f529e6ebb2121763e6b2410ada72f3790f8e744b2b
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
35e7682af3a1fce1feda4fffa0e206262fad45c1c1eb211a860e433ea310a2ba
37245c9e63df1fb0eeb1c862ce7f7347eed8e598439fb535aab32d917bf35a09
38f9147a7f23e2342e589a8a1608d022d1adc2e647a43d09da0a5360f297f69b
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
439cd7a0c413ceaddaf1cab10ddcdd2efe45f41e8ef51a91314fcabc40f257be
4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0
4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703
5079a5b3bb85156abf3bf723e2f18b641e435028e2fb1f15b28e0da14f392377
50c775156dca6695cae4bf46c298d9a689168fe0da3443fbe3112e0e05774680
59188bcaa3b5dccf38b0c478df9905898409051a07bc5c4e19b5df5f0d13a1b6
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
612c97f03d18e49fade68bee8209491382fab8aaed6fdb3e9f2d600762817717
6381ffe01aa68320ad1bb13b61db1e4ecdaabf2f42df8739d6405a9837606ab9
643a2497b70ca41c122e8694d1d2057f0decbaf3551fdd3a8202e8f0b5720737
67ddaf37ff9ee141e597625e9f236e6a253accb3a008b2bddf34c52e63a0fb44
69ff98daac2b51cecc22a5e3099e39e5cbdd3068877d68dd241c9e7175a45bed
6b57c3d3e26846143eb51cc53e3d2fd6d7658becdcf65a8f6971fe681c0e5acf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da49be2b68b645a13d67dba472dc67b8a322517585ac7b6dfe468af68c32693
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
80103d3b8204e0261b8cc302d9326583cc30774e691c6ff66b21401237797865
815c2183fef5db3559cd9704c4c046dae477d579efa3466ae23681a71aedda0f
854a8427d893854617018acd8117db7dce8fbf0fc9d6df729884d6986855b644
865fd95d3c2313313188dad5d5e22b05c64bd03d86b827059cd4613f9e1f75cb
8b8ca92012f99fce11b0c5e3599cf9a4ef66907703e158720b470c8ec401ecbf
9207bccf2c471f5a5af03d97577f3e17011e7ee64476d9fcd59f997264a25c67
96df101ab50ee77a136717d4846a67146a29112f3e1796dcc12303bdb4876c44
999490afa6f44c03a8d9a3d85c5085541b89fa9ee155841039dca682a788431b
a0ed6564518031e9c6350d7d8801868a5ce638331fba94da7413880a8c1b1bac
aef811c442aaca96bf407e23114e47fd65ef6f2039721c0fc93d53546e70c14c
b8da097c4c477730ead29c775b6ba4713dc7cf4c3fc3fa1768d46757b6b7df97
ba7aab71faebba889d9d553b39c534778f1a599d63748bac45f7c0adc6d0514f
c42ec8150369717e18254be7f3101a45b903056ddc90756a91e4bc33a2022510
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
ce215c36890205f6d822b89c5b4d1e00da4bf1200452cdefe78dc35559ecab8c
d6e849c7ef42a7fd301e1227e210bb30691c4c6870cd2f27a40fb4763f2915e0
d84af97e2d2c74e100cfb48fc8bb8d7466d23d2874e7feca5f70ae4ed3652bce
da7f074b7f3179e1be787658e88d0c0d0770129d8c2441e709e332e22331f036
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df90de694f2e062c87202fc9b7b135f547ddde9924922894eda7da900acced3f
e2d466d268fa2651f52f96d64605b59d44afa6bd3117e84182dab89059887fa3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eb32a635955e226734775639e6f9b84a8ff45b999bc1688f4b8cc9b77178b760
f1fb64aa643d93de1576a146332947894925568c0fc291476abb8b6ee5e96849
f24c183921a01d9f81711647d78254a41c47d97f1ce01a36d4898b150f487640
f512a2b2a64f7a8802f1075fcbd35473c2ca3ef8656eec80839723e8ffa9a5fa
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f8b4b2ca6272d6a145c9d5e85a0adf9413875ff9e231a92eabe9f6e947dc9354

www.wheeloffortune.com Open in urlscan Pro 2a02:26f0:6c00:28e::1524 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

73 Requests

100 %HTTPS

64 %IPv6

18 Domains

21 Subdomains

22 IPs

6 Countries

2230 kBTransfer

5398 kBSize

5 Cookies

19 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wheeloffortune.com Open in urlscan Pro
2a02:26f0:6c00:28e::1524 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

100 %
HTTPS

64 %
IPv6

18
Domains

21
Subdomains

22
IPs

6
Countries

2230 kB
Transfer

5398 kB
Size

5
Cookies

73 HTTP transactions
0 data transactions