urlscan.io logo urlscan.io
SecurityTrails logo

www.winwinevent.ca Open in urlscan Pro
107.161.75.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://r.wc3.winwinevent.ca/tr/cl/pF_FqMcLczewtIwTC6J1MCmKK7M2pxjztePwbzvKHPJLgjLmMv1vgUEiTdJioNUjXtqMU9yypKTyZSgjXBcCmo6cMD...
Effective URL: https://www.winwinevent.ca/wc/redeemAll
Submission: On October 15 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 39 HTTP transactions. The main IP is 107.161.75.198, located in Canada and belongs to IWEB-AS, CA. The main domain is www.winwinevent.ca.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 24th 2022. Valid for: 3 months.
This is the only time www.winwinevent.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    185.107.232.127 (Campet-et-Lamolere, France)

ASN200484 (SENDINBLUE-ASN, FR)
r.wc3.winwinevent.ca
2    2606:4700:4400::ac40:996f (United States)

ASN13335 (CLOUDFLARENET, US)
sibautomation.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700::6811:90c (United States)

ASN13335 (CLOUDFLARENET, US)
in-automate.sendinblue.com
11    107.161.75.198 (Canada)

ASN32613 (IWEB-AS, CA)
www.winwinevent.ca
2    2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
pro.fontawesome.com
2    2607:f8b0:4006:809::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    13.225.214.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-10.ewr50.r.cloudfront.net
beacon-v2.helpscout.net
1    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    13.33.81.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-81-219.ewr52.r.cloudfront.net
d3hb14vkzrxvla.cloudfront.net
1    2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
Apex Domain
Subdomains		 Transfer
12 winwinevent.ca
r.wc3.winwinevent.ca
www.winwinevent.ca
243 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
201 KB
3 helpscout.net
beacon-v2.helpscout.net — Cisco Umbrella Rank: 10423
33 KB
3 fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 5406
246 KB
2 cloudfront.net
d3hb14vkzrxvla.cloudfront.net
7 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
2 KB
2 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 25828
2 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9257
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
445 B
1 gstatic.com
www.gstatic.com
157 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
53 KB
1 sendinblue.com
in-automate.sendinblue.com — Cisco Umbrella Rank: 27424
140 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1116
5 KB
39 15
Domain Requested by
11 www.winwinevent.ca 1 redirects r.wc3.winwinevent.ca
www.winwinevent.ca
5 cdn.jsdelivr.net www.winwinevent.ca
3 beacon-v2.helpscout.net www.winwinevent.ca
beacon-v2.helpscout.net
3 pro.fontawesome.com www.winwinevent.ca
pro.fontawesome.com
2 d3hb14vkzrxvla.cloudfront.net beacon-v2.helpscout.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com www.winwinevent.ca
2 fonts.googleapis.com www.winwinevent.ca
2 sibautomation.com r.wc3.winwinevent.ca
static.cloudflareinsights.com
1 www.google.ca
1 stats.g.doubleclick.net www.google-analytics.com
1 www.gstatic.com www.google.com
1 www.googletagmanager.com www.winwinevent.ca
1 in-automate.sendinblue.com sibautomation.com
1 static.cloudflareinsights.com sibautomation.com
1 r.wc3.winwinevent.ca
39 16
Subject Issuer Validity Valid
r.wc3.winwinevent.ca
R3		 2022-09-27 -
2022-12-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-09 -
2023-06-09		 a year crt.sh
sendinblue.com
Cloudflare Inc ECC CA-3		 2022-09-26 -
2023-09-25		 a year crt.sh
winwinevent.ca
cPanel, Inc. Certification Authority		 2022-09-24 -
2022-12-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.helpscout.net
Amazon		 2022-04-18 -
2023-05-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.winwinevent.ca/wc/redeemAll
Frame ID: 2BD9BB7939B7C83BEA2A5030DFCF4E49
Requests: 33 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=1655221
Frame ID: 03C06F3CF6E46805BB185B7E6B583964
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Win-Win Event | Redeem All

Page URL History Show full URLs

  1. https://r.wc3.winwinevent.ca/tr/cl/pF_FqMcLczewtIwTC6J1MCmKK7M2pxjztePwbzvKHPJLgjLmMv1vgUEiTdJioNUjXtqMU9... Page URL
  2. https://www.winwinevent.ca/wc/i?c=8660558&h=b15b731f9b5a5c0a663e31f54d32c6a44ea01da50fd22c0d77d16979960... HTTP 302
    https://www.winwinevent.ca/wc/redeemAll Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

39
Requests

97 %
HTTPS

75 %
IPv6

15
Domains

16
Subdomains

17
IPs

3
Countries

969 kB
Transfer

2095 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r.wc3.winwinevent.ca/tr/cl/pF_FqMcLczewtIwTC6J1MCmKK7M2pxjztePwbzvKHPJLgjLmMv1vgUEiTdJioNUjXtqMU9yypKTyZSgjXBcCmo6cMDx3PuMUMdnIcC_EL0NtiJQQzIBFa67PwioP3-nbbjoDal_YrlOibVlL33dy2c2AcogujXw_WeYd2g0lSXLcfCB-oLS7h1REePQ7gK6QqGF3rCKRKiWzRzI0RmGHOiJIlVxPbcUYSZYJr346leJYgWw0Ph3gpSjDE2MI6oQjDPeJ9Ya2XgKLMEKx5Mnlk9iR3kxJrtb0R-4dQMMdoIZCjoY9Nc4eVjgCQyOtKKIn0pAFERKYB55LwjTSVRzCmORz Page URL
  2. https://www.winwinevent.ca/wc/i?c=8660558&h=b15b731f9b5a5c0a663e31f54d32c6a44ea01da50fd22c0d77d1697996074af2 HTTP 302
    https://www.winwinevent.ca/wc/redeemAll Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
pF_FqMcLczewtIwTC6J1MCmKK7M2pxjztePwbzvKHPJLgjLmMv1vgUEiTdJioNUjXtqMU9yypKTyZSgjXBcCmo6cMDx3PuMUMdnIcC_EL0NtiJQQzIBFa67PwioP3-nbbjoDal_YrlOibVlL33dy2c2AcogujXw_WeYd2g0lSXLcfCB-oLS7h1REePQ7gK6QqGF3r...
r.wc3.winwinevent.ca/tr/cl/ 		893 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.wc3.winwinevent.ca/tr/cl/pF_FqMcLczewtIwTC6J1MCmKK7M2pxjztePwbzvKHPJLgjLmMv1vgUEiTdJioNUjXtqMU9yypKTyZSgjXBcCmo6cMDx3PuMUMdnIcC_EL0NtiJQQzIBFa67PwioP3-nbbjoDal_YrlOibVlL33dy2c2AcogujXw_WeYd2g0lSXLcfCB-oLS7h1REePQ7gK6QqGF3rCKRKiWzRzI0RmGHOiJIlVxPbcUYSZYJr346leJYgWw0Ph3gpSjDE2MI6oQjDPeJ9Ya2XgKLMEKx5Mnlk9iR3kxJrtb0R-4dQMMdoIZCjoY9Nc4eVjgCQyOtKKIn0pAFERKYB55LwjTSVRzCmORz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.107.232.127 Campet-et-Lamolere, France, ASN200484 (SENDINBLUE-ASN, FR),
Reverse DNS
Software
/
Resource Hash
66e8b07ba9935213287ec345f633fab3355d5abc00692e2629ebb677e916c0b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
893
content-type
text/html; charset=utf-8
date
Sat, 15 Oct 2022 04:44:07 GMT
x-content-type-options
nosniff
x-sib-server
red1.dc3.51b.tech
x-xss-protection
1
cm.html
sibautomation.com/ Frame 03C0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=1655221
Requested by
Host: r.wc3.winwinevent.ca
URL: https://r.wc3.winwinevent.ca/tr/cl/pF_FqMcLczewtIwTC6J1MCmKK7M2pxjztePwbzvKHPJLgjLmMv1vgUEiTdJioNUjXtqMU9yypKTyZSgjXBcCmo6cMDx3PuMUMdnIcC_EL0NtiJQQzIBFa67PwioP3-nbbjoDal_YrlOibVlL33dy2c2AcogujXw_WeYd2g0lSXLcfCB-oLS7h1REePQ7gK6QqGF3rCKRKiWzRzI0RmGHOiJIlVxPbcUYSZYJr346leJYgWw0Ph3gpSjDE2MI6oQjDPeJ9Ya2XgKLMEKx5Mnlk9iR3kxJrtb0R-4dQMMdoIZCjoY9Nc4eVjgCQyOtKKIn0pAFERKYB55LwjTSVRzCmORz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
45d6bea3c30a906c235012643eef7ecdba3900acb1552c504f1f222762ac0589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://r.wc3.winwinevent.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
age
21613
cache-control
public, max-age=7200
cf-apo-via
origin,host
cf-cache-status
HIT
cf-ray
75a5e5d52a71a1f2-YYZ
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 15 Oct 2022 04:44:07 GMT
expires
Sat, 15 Oct 2022 06:44:07 GMT
last-modified
Fri, 14 Oct 2022 22:43:54 GMT
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Sails <sailsjs.com>
x-sib-server
SENDINBLUE-web2-2
x-xss-protection
1
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 03C0 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=1655221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://sibautomation.com/
Origin
https://sibautomation.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
75a5e5d5bb94a1de-YYZ
cm
in-automate.sendinblue.com/ Frame 03C0 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-automate.sendinblue.com/cm?uuid=fe6c39a8-b57b-4a83-bd7d-6c933fa5a137&key=k3sk7dcjyhb8eojyv7guv&trans=1&message_id=f7f05ddc-dc88-4868-add8-4595f2c01cfc
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=1655221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
no-cache
cf-apo-via
origin,host
cf-ray
75a5e5d5bf635473-YYZ
Primary Request redeemAll
www.winwinevent.ca/wc/
Redirect Chain
  • https://www.winwinevent.ca/wc/i?c=8660558&h=b15b731f9b5a5c0a663e31f54d32c6a44ea01da50fd22c0d77d1697996074af2
  • https://www.winwinevent.ca/wc/redeemAll
11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.winwinevent.ca/wc/redeemAll
Requested by
Host: r.wc3.winwinevent.ca
URL: https://r.wc3.winwinevent.ca/tr/cl/pF_FqMcLczewtIwTC6J1MCmKK7M2pxjztePwbzvKHPJLgjLmMv1vgUEiTdJioNUjXtqMU9yypKTyZSgjXBcCmo6cMDx3PuMUMdnIcC_EL0NtiJQQzIBFa67PwioP3-nbbjoDal_YrlOibVlL33dy2c2AcogujXw_WeYd2g0lSXLcfCB-oLS7h1REePQ7gK6QqGF3rCKRKiWzRzI0RmGHOiJIlVxPbcUYSZYJr346leJYgWw0Ph3gpSjDE2MI6oQjDPeJ9Ya2XgKLMEKx5Mnlk9iR3kxJrtb0R-4dQMMdoIZCjoY9Nc4eVjgCQyOtKKIn0pAFERKYB55LwjTSVRzCmORz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.161.75.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache / deny
Resource Hash
f8799f2c6ad0ac17c730624414c8e24924a727ff0a447a79c74f1888a8169435
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://r.wc3.winwinevent.ca/tr/cl/pF_FqMcLczewtIwTC6J1MCmKK7M2pxjztePwbzvKHPJLgjLmMv1vgUEiTdJioNUjXtqMU9yypKTyZSgjXBcCmo6cMDx3PuMUMdnIcC_EL0NtiJQQzIBFa67PwioP3-nbbjoDal_YrlOibVlL33dy2c2AcogujXw_WeYd2g0lSXLcfCB-oLS7h1REePQ7gK6QqGF3rCKRKiWzRzI0RmGHOiJIlVxPbcUYSZYJr346leJYgWw0Ph3gpSjDE2MI6oQjDPeJ9Ya2XgKLMEKx5Mnlk9iR3kxJrtb0R-4dQMMdoIZCjoY9Nc4eVjgCQyOtKKIn0pAFERKYB55LwjTSVRzCmORz
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Type
text/html; charset=utf-8
Date
Sat, 15 Oct 2022 04:44:08 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
deny
X-Powered-By
deny
X-XSS-Protection
1; mode=block
strict-transport-security
max-age=7200

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 15 Oct 2022 04:44:08 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
LOCATION
/wc/redeemAll
Pragma
no-cache
Server
Apache
X-Content-Type-Options
nosniff
X-Frame-Options
deny
X-Powered-By
deny
X-XSS-Protection
1; mode=block
strict-transport-security
max-age=7200
rum
sibautomation.com/cdn-cgi/ Frame 03C0 		0
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:996f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sibautomation.com/cm.html?id=1655221
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
x-content-type-options
nosniff
server
cloudflare
cf-ray
75a5e5d64c5aa1f2-YYZ
x-frame-options
DENY
rum
sibautomation.com/cdn-cgi/ Frame 03C0 		0
0
css
fonts.googleapis.com/ 		2 KB
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:400,400italic,800,700
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2dd310aa86824e25ec3e4ebcc7509dfebf350bd819b4e3f252d1d3f2fe6f608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Oct 2022 04:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 15 Oct 2022 04:42:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Oct 2022 04:44:08 GMT
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f6d567745426a11367c78761428e6fcb13b2ceb57ed6a0a5284ce03d16929e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Oct 2022 04:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 15 Oct 2022 04:00:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Oct 2022 04:44:08 GMT
jquery-ui.min.css
cdn.jsdelivr.net/jquery.ui/1.11.4/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.ui/1.11.4/jquery-ui.min.css
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17954158
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19139-FRA, cache-yyz4531-YYZ
server
cloudflare
etag
W/"75d3-aXMSI//k9mlETpbyTFSBEBXmp3Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHO%2BW4RJj0iPMIsvQolUn8Vr6ay4H8yd0xwZB5I2zJSr7YZDaFxAL49ckdTqZPEbcShQg7t2mnpYAubg%2Br%2BAMVXTdy%2FDgip%2Fa7xX4tfYIhU4Ri62Ewy2LflAjQlhSRFNdeBavyJKwdRJuF%2Bjujw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
75a5e5daa91ca23a-YYZ
bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.6/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17954158
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19145-FRA, cache-yyz4522-YYZ
server
cloudflare
etag
W/"1d9ac-jrF2xwuc+mhxt21tyY+1Jufps94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsRUajCX0hNJsHE8r1nnofXBFYziqT9ZNYLRZRZ9mHR%2BwbcYhtLMVxb5zDaYgh6Zo3ff8rh6eDD054ZEqwW%2B00%2FW3VmZ46ce9w2FdJIqnGkEnIsqvNJ2avkwRqQTpuf7DO5mbglaWCq29WdQm1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
75a5e5daa920a23a-YYZ
font-awesome.min.css
cdn.jsdelivr.net/fontawesome/4.5.0/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fontawesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17953851
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19137-FRA, cache-yyz4539-YYZ
server
cloudflare
etag
W/"6b4a-EtaGEHXejikyZf9v8DsfOty0THY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7z%2FqPE7hE4zUqCqo%2BSQ%2BS8pxPR6Ns6MB1EqGuH4NugZPMTyWzmNa8rX%2FlOQasMjY2ebKzZwBgZhdq0FuEipGJy9NFeMpp0HZastLHb7CI6atfm45Itg%2Ffmpv%2FM51uu8vPrAsDaJ5eaqoJrbjEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
75a5e5daa922a23a-YYZ
all.css
pro.fontawesome.com/releases/v5.13.0/css/ 		170 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.13.0/css/all.css
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e36d48c48ae338b5cccef7dedc545d736dff75042f4ecf272c7061a4fd92a4b

Request headers

Referer
https://www.winwinevent.ca/
Origin
https://www.winwinevent.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
DNBHX4G57E3W84RN
age
1047639
x-amz-id-2
UCgb3oqCw5gUbXP4jEWMNmaEBB63g7NuaJdw6mSAgVwDqi3n1AoMJbZl5qtHwI9/ZL5VK/6aSek=
last-modified
Mon, 28 Jun 2021 17:09:16 GMT
server
cloudflare
etag
W/"e889f00c68ceb105b6680ca5c96b3eae"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=31556926
cf-ray
75a5e5daa9a754a3-YYZ
new-styles.css
www.winwinevent.ca/module/SAO199/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.winwinevent.ca/module/SAO199/css/new-styles.css
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.161.75.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
abb24a57140739412d37df11d2ce9cf1b383b4c72456c4855d469f3588d3a4dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/wc/redeemAll
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 15 Oct 2022 04:44:08 GMT
Last-Modified
Wed, 05 Oct 2022 20:06:38 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
8355
Content-Type
text/css
jquery@1.12.1,jquery.ui@1.11.4,bootstrap@3.3.6
cdn.jsdelivr.net/g/ 		366 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/g/jquery@1.12.1,jquery.ui@1.11.4,bootstrap@3.3.6
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c72687a5b4b636152f188c1012b7d33a2f9947f35784f671407d865d089296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17954158
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19169-FRA, cache-yyz4529-YYZ
server
cloudflare
etag
W/"5b7b6-O0hxZ0obS/Kmi1zP5tysZaBHGp8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqAsEWRFl39054i50tWTeuVA%2FQflHwKFVkpRE4dh6Y24DFAmaMsDh7BqrBA9wUxyAPfaHKLeE2bW0dAdX5IzWBu42XPc6UWnAjj5AnrqSrvUntJNhGoaMcL2uPrvPFC%2FFegAtvxxLgmFhK%2BComQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
75a5e5daa923a23a-YYZ
vue.js
cdn.jsdelivr.net/vue/2.1.3/ 		206 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/vue/2.1.3/vue.js
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10b76de5595cf1e1a703fad27bd135c81aa06700f9c0e057b79f1f3550caf662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17946061
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19136-FRA, cache-yyz4550-YYZ
server
cloudflare
etag
W/"33891-EZIuXCkNsbey9t+g1sLmjPJYB5A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7uqPJR1UFTr1izeNv40gwyAZp7%2F2vY8Age4EEv9c76Ej2tW1vD%2Bsi6B3XlWpynSI0NHrR2x9VZyDQsZi9Ks3hbJ0DKGBqCePHx%2FnZeUZizDYdiqIITau%2FSgHFUcz0Fs3fMK1z%2Bk4rTCewOIgpo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
75a5e5daa925a23a-YYZ
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4bfc4c1c553cd28d54f909def2b3c9981b02aa40a537873a257fd8cc9713343f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sat, 15 Oct 2022 04:44:08 GMT
load.css
www.winwinevent.ca/helper/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.winwinevent.ca/helper/load.css?lib=4yY0kpmW9FcsR2TkhgphSs5q9fM7TKr7GxyR7xcRbjts9mPyWBFR2N
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.161.75.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache / deny
Resource Hash
b56108d788bf3a6a6fa2a76e6047bdd6551359493542ad49d08732e3997548ff
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/wc/redeemAll
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
public
Date
Sat, 15 Oct 2022 04:44:08 GMT
strict-transport-security
max-age=7200
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
X-Powered-By
deny
ETag
c09fdedc8fafc2867e6951959f072232
X-Frame-Options
deny
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF-8
Cache-Control
public, max-age=43200
Connection
close
X-XSS-Protection
1; mode=block
Expires
Sat, 15 Oct 2022 16:44:08 GMT
YellowButton-164.png
www.winwinevent.ca/module/SAO199/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winwinevent.ca/module/SAO199/img/YellowButton-164.png
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.161.75.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
6b918dd89fb6cc8190bee39e84cd937e028514ac3d07a81edfcec42060648024

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/wc/redeemAll
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 15 Oct 2022 04:44:08 GMT
Last-Modified
Wed, 05 Oct 2022 20:07:43 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
3030
Content-Type
image/png
saveonfoods@2x.png
www.winwinevent.ca/module/SAO199/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winwinevent.ca/module/SAO199/img/saveonfoods@2x.png
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.161.75.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
21a15ebfc7d4bbade7479d52fd2674af58761003011fd2d7a63918be9251a842

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/wc/redeemAll
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 15 Oct 2022 04:44:08 GMT
Last-Modified
Wed, 05 Oct 2022 20:07:28 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
9902
Content-Type
image/png
urbanfare@2x.png
www.winwinevent.ca/module/SAO199/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winwinevent.ca/module/SAO199/img/urbanfare@2x.png
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.161.75.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
c0dc7dae9a937763e6a6497ab0202c3b85dceccca162bf6dff2bc114e0e3e3ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/wc/redeemAll
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 15 Oct 2022 04:44:08 GMT
Last-Modified
Wed, 05 Oct 2022 20:07:38 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
6447
Content-Type
image/png
pricesmartfoods@2x.png
www.winwinevent.ca/module/SAO199/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winwinevent.ca/module/SAO199/img/pricesmartfoods@2x.png
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.161.75.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
7ed7481b1b7c99b2f0ce21d0fea98fcfb01edd159abbc13d16fd2656efc41de8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/wc/redeemAll
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 15 Oct 2022 04:44:08 GMT
Last-Modified
Wed, 05 Oct 2022 20:07:25 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
7913
Content-Type
image/png
load.js
www.winwinevent.ca/helper/ 		533 B
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winwinevent.ca/helper/load.js?lib=2dtT99zPHKxgMxqtgF
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.161.75.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache / deny
Resource Hash
2fcb3b21d9ae09bbaefb027a49dc19275545fd38d1c11930038c483eab493467
Security Headers
Name Value
Strict-Transport-Security max-age=7200
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/wc/redeemAll
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
public
Date
Sat, 15 Oct 2022 04:44:08 GMT
strict-transport-security
max-age=7200
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
X-Powered-By
deny
ETag
eb3e08c81a70cea5a53613aeae4fc16c
X-Frame-Options
deny
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
public, max-age=43200
Connection
close
X-XSS-Protection
1; mode=block
Expires
Sat, 15 Oct 2022 16:44:08 GMT
gtm.js
www.googletagmanager.com/ 		138 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53KH2H6
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0a344899887fc99fe0757426fd07c3d2f38eeec275523a923de18e08898d582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53467
x-xss-protection
0
last-modified
Sat, 15 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 15 Oct 2022 04:44:08 GMT
fa-solid-900.woff2
pro.fontawesome.com/releases/v5.13.0/webfonts/ 		138 KB
139 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.13.0/webfonts/fa-solid-900.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.13.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65

Request headers

Referer
https://pro.fontawesome.com/releases/v5.13.0/css/all.css
Origin
https://www.winwinevent.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
cf-cache-status
HIT
x-amz-request-id
2PMKBRNBDRHSNY1Q
age
381889
content-length
141600
x-amz-id-2
5p2FEdPKirHRybqEMH7Fs9YkwTQfmNEODvJMTGzFUlTDuo0Us5fxsOh+EohWS75OIsJ6xVobDlg=
last-modified
Mon, 28 Jun 2021 17:11:03 GMT
server
cloudflare
etag
"16e9dbeb2afd22d5cf0e7eeb2b2879ae"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
75a5e5db6a8054a3-YYZ
MyriadPro-Bold.otf
www.winwinevent.ca/module/SAO199/font/ 		93 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.winwinevent.ca/module/SAO199/font/MyriadPro-Bold.otf
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/module/SAO199/css/new-styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.161.75.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
c9098c9171dfaa6fb650ecc405f43baa1d291953abbf6095f54f0025d6e5dc2a

Request headers

Referer
https://www.winwinevent.ca/module/SAO199/css/new-styles.css
Origin
https://www.winwinevent.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 15 Oct 2022 04:44:08 GMT
Last-Modified
Wed, 05 Oct 2022 20:06:43 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
95520
Content-Type
font/otf
MyriadPro-Regular.otf
www.winwinevent.ca/module/SAO199/font/ 		94 KB
94 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.winwinevent.ca/module/SAO199/font/MyriadPro-Regular.otf
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/module/SAO199/css/new-styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.161.75.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
2c009f056c5faa4d1182a1707c8d64fb5a8688c70202d76a819385b8505f4aae

Request headers

Referer
https://www.winwinevent.ca/module/SAO199/css/new-styles.css
Origin
https://www.winwinevent.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 15 Oct 2022 04:44:08 GMT
Last-Modified
Wed, 05 Oct 2022 20:06:43 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
95984
Content-Type
font/otf
fa-brands-400.woff2
pro.fontawesome.com/releases/v5.13.0/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.13.0/webfonts/fa-brands-400.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.13.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c7d8d88a91688aa18a1ce39ec33e15ac5e1cad7c7be1c5fa3c403f34f1b53c

Request headers

Referer
https://pro.fontawesome.com/releases/v5.13.0/css/all.css
Origin
https://www.winwinevent.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:08 GMT
cf-cache-status
HIT
x-amz-request-id
HKN41K7NQ0CT8GF1
age
320364
content-length
76636
x-amz-id-2
edVVI7FPsroa6ZEQ9eF2YFOb1D7WxjAfmin9SrKSu3AB76BAs/SAQgG5TqgpONc+dtCZeB6WTvw=
last-modified
Mon, 28 Jun 2021 17:11:03 GMT
server
cloudflare
etag
"a0f6b35c2b55babc93cb9b15791a1d4c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
75a5e5db8ac154a3-YYZ
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 		392 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.winwinevent.ca/
Origin
https://www.winwinevent.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159789
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Oct 2023 04:31:36 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53KH2H6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 15 Oct 2022 04:34:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
551
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 15 Oct 2022 06:34:58 GMT
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=427266473&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winwinevent.ca%2Fwc%2FredeemAll&dr=https%3A%2F%2Fr.wc3.winwinevent.ca%2F&ul=en-us&de=UTF-8&dt=Win-Win%20Event%20%7C%20Redeem%20All&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=886003496&gjid=1007379491&cid=1961914935.1665809049&tid=UA-3016345-8&_gid=959115328.1665809049&_r=1&gtm=2wgaa053KH2H6&cd1=WinWinEvent&cd2=WinWinEvent&cd3=WinWinEvent&cd17=not-set&z=1139965258
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.winwinevent.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 15 Oct 2022 04:44:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.winwinevent.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
beacon-v2.helpscout.net/ 		458 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: www.winwinevent.ca
URL: https://www.winwinevent.ca/wc/redeemAll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-10.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3620257543531665da968385ba4980c52e20cd951040280597320ea734a94523

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 04:44:03 GMT
content-encoding
gzip
via
1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 09:30:09 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
7
etag
"e06ae6a347de0e093eebf0f226a4a587"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120, s-maxage=120, public
accept-ranges
bytes
content-length
328
x-amz-cf-id
XipgX6p842OY4i3KNU29JhSnFKUxJD8nqETZnxXa3N9E2ibYltV_Ww==
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3016345-8&cid=1961914935.1665809049&jid=886003496&gjid=1007379491&_gid=959115328.1665809049&_u=YEBAAEAAAAAAACAAI~&z=1510779301
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.winwinevent.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 15 Oct 2022 04:44:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.winwinevent.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendor.06c7227b.js
beacon-v2.helpscout.net/static/js/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.06c7227b.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-10.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50bf3385e888eee5e31a92d71c9a194b3bdfb62760b9cc069b962ef9d3b5646f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 02:45:58 GMT
content-encoding
gzip
via
1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 09:30:10 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
7092
etag
"3f4a5cbde86a1c38d64756f63411e950"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
content-length
22285
x-amz-cf-id
qhXhcTigEyn28blujAcD1lpnuK9bNxfW1ssk0sierMJhB3EmkZrHUQ==
main.18441a3c.js
beacon-v2.helpscout.net/static/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/main.18441a3c.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-10.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5238d1120a87c02fab0edda3c4644957218902bbfa90236202876d5f2cdb354

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 03:30:12 GMT
content-encoding
gzip
via
1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 09:30:10 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
4438
etag
"f2c0d254011b42ee6d3d9712c2404f0d"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
content-length
9699
x-amz-cf-id
6U_FqigSh7ZG_8n1FxW8iAUTsotYLcIm-XqZFRtGBaAWD_Wi1r-cQQ==
66d72ca1-66d1-4404-b3e4-eb21c1d498a5
d3hb14vkzrxvla.cloudfront.net/v1/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3hb14vkzrxvla.cloudfront.net/v1/66d72ca1-66d1-4404-b3e4-eb21c1d498a5
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/static/js/vendor.06c7227b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.81.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-81-219.ewr52.r.cloudfront.net
Software
/
Resource Hash
b78ffe8ef176a42fa5ce959c9f3ed4ad7fc8c528a084be5fcbb3821ece499149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

correlationId
71256dd3-8662-4631-9a00-53e6b1f1b5bb
Helpscout-Release
2.2.26
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Accept
application/json, text/plain, */*
Beacon-Device-ID
2716dc97-0bea-4980-98ca-baa16428aaef
Referer
https://www.winwinevent.ca/
Helpscout-Origin
Beacon-Embed

Response headers

date
Sat, 15 Oct 2022 04:43:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 4a93be6e6adaadeec2a72967f0720080.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
age
27
x-cache
Hit from cloudfront
x-ratelimit-remaining-identify-hour
25
x-ratelimit-limit-general-minute
60
x-ratelimit-remaining-conversations-hour
10
x-ratelimit-limit-identify-hour
25
x-ratelimit-remaining-chat-tokens-hour
25
x-ratelimit-limit-conversations-hour
10
x-ratelimit-limit-attachments-hour
10
vary
Origin,Access-Control-Request-Method
content-type
application/json
access-control-allow-origin
https://www.winwinevent.ca
x-ratelimit-remaining-general-minute
60
access-control-expose-headers
Resource-ID
cache-control
max-age=300
access-control-allow-credentials
true
x-ratelimit-remaining-attachments-hour
10
x-amz-cf-id
YnPdTQd0Vd41QVRtxQJCBcyMpN6VeAwNTJ5fnALf6nYGLpRNhJu4ug==
x-ratelimit-limit-chat-tokens-hour
25
66d72ca1-66d1-4404-b3e4-eb21c1d498a5
d3hb14vkzrxvla.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d3hb14vkzrxvla.cloudfront.net/v1/66d72ca1-66d1-4404-b3e4-eb21c1d498a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.81.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-81-219.ewr52.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
beacon-device-id,correlationid,helpscout-origin,helpscout-release
Access-Control-Request-Method
GET
Origin
https://www.winwinevent.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-methods
GET
access-control-allow-origin
https://www.winwinevent.ca
age
27
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Sat, 15 Oct 2022 04:43:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method
via
1.1 4a93be6e6adaadeec2a72967f0720080.cloudfront.net (CloudFront)
x-amz-cf-id
m17FjERuc5vP3GudQccZ4ffS-DKV9CZeZuIwKWJwSv_BX0JwkG5wOQ==
x-amz-cf-pop
EWR52-C1
x-cache
Hit from cloudfront
x-ratelimit-limit-attachments-hour
10
x-ratelimit-limit-chat-tokens-hour
25
x-ratelimit-limit-conversations-hour
10
x-ratelimit-limit-general-minute
60
x-ratelimit-limit-identify-hour
25
x-ratelimit-remaining-attachments-hour
10
x-ratelimit-remaining-chat-tokens-hour
25
x-ratelimit-remaining-conversations-hour
10
x-ratelimit-remaining-general-minute
60
x-ratelimit-remaining-identify-hour
25
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3016345-8&cid=1961914935.1665809049&jid=886003496&_u=YEBAAEAAAAAAACAAI~&z=479839733
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Oct 2022 04:44:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3016345-8&cid=1961914935.1665809049&jid=886003496&_u=YEBAAEAAAAAAACAAI~&z=479839733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winwinevent.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Oct 2022 04:44:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sibautomation.com
URL
https://sibautomation.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| jQuery1121018466776907873217 function| Vue object| dataLayer function| Beacon function| float_width function| same_height object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| gaplugins object| gaGlobal object| gaData object| beaconJsonp

6 Cookies

Domain/Path Name / Value
sibautomation.com/ Name: uuid
Value: fe6c39a8-b57b-4a83-bd7d-6c933fa5a137
.www.winwinevent.ca/ Name: _SAO199_CS
Value: Y%CD4+%C5%5D%F5%DBg%7B%25G%92%D5H%D6%C4%C4%81%AB%A15%A8%2C%01%8Bz%F41xR%17%B6G%BAT%83%DFX%3F%86%FD%3D%13%8D%8B%1AJb%B2%F0%5B%E5%D0%DE%CE%07%165K%F30%02%0B%0D9%B1k%EF%C0%E0-%F2%F4%FA%99%AA%F8%F6N%C9f%2B%CBC%5D%BF%92%D3%0C%81%BAS%2F%88l%A3%A7%F1-%06%E7KX%3A%D7Zt%14%12%0Cx%05%CF%40N%B0%93%17%1F%CF%0E6l%F52%19lML%02%5E%99%98%26X%2Bh%2A%96c%D5%08%1E%C1%9F%18%C1%8AOW%A1%98D%B25R%AEs%3F%BE%F8d%80+%80%80p%AD%06%9Aes%90%0Bs%21%84%07%83%5E.P6%DB%9F%E3z%A6DRuL%931%22%2A%DC%09%9FM%FD%D7GZH%C2%CD%12%FA%CEv%CE%CE%D3%17%02%1F%ED%25%9E%F6%261K%BF%B4c%7D%B5%26%8E%91%80d%13A%90a%9B%9Du%25%F1%7D%A8%14%E6J%92%24%08_%99%8Ez%00%7B%87%7Bc%B8%F5%B8%ED%0F%BEg%0A%03n%96%D3%13%FAM%CE%E8%DD0%D1%B1%91%CA%98%9F%AC%3E%CFg9%8A%B6B%7F%C4%CD%F3%C9%EA%0F%80%26h%2Fb%C8%C6%B1g%04%F0M%EAt%06%287%D2%D8%E6%08u%1B%3FE%92%8F%AE%AD%D2%D5%1E%FA%25%D6%8Am%0E%EC%5Dwq%AA_O0%B7D3%D1%E3%E5%CD%9E-%8F%C7%F1%AB%AD%FAs%06%FC%10%19%2B%25%60h%FERR%09%122%00%12%08%BAb%BD%1B
.www.winwinevent.ca/ Name: _SAO199_S
Value: 4e624b269bf173e86212a19328d5eef2
.winwinevent.ca/ Name: _ga
Value: GA1.2.1961914935.1665809049
.winwinevent.ca/ Name: _gid
Value: GA1.2.959115328.1665809049
.winwinevent.ca/ Name: _gat_UA-3016345-8
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon-v2.helpscout.net
cdn.jsdelivr.net
d3hb14vkzrxvla.cloudfront.net
fonts.googleapis.com
in-automate.sendinblue.com
pro.fontawesome.com
r.wc3.winwinevent.ca
sibautomation.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.winwinevent.ca
sibautomation.com
107.161.75.198
13.225.214.10
13.33.81.219
185.107.232.127
2606:4700:4400::ac40:996f
2606:4700:440e::6812:2fe6
2606:4700::6810:5514
2606:4700::6811:90c
2606:4700::6812:1634
2607:f8b0:4004:c1b::9c
2607:f8b0:4006:809::2004
2607:f8b0:4006:817::200e
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81f::2008
2607:f8b0:4006:823::2003
0e36d48c48ae338b5cccef7dedc545d736dff75042f4ecf272c7061a4fd92a4b
0f6d567745426a11367c78761428e6fcb13b2ceb57ed6a0a5284ce03d16929e4
10b76de5595cf1e1a703fad27bd135c81aa06700f9c0e057b79f1f3550caf662
21a15ebfc7d4bbade7479d52fd2674af58761003011fd2d7a63918be9251a842
2c009f056c5faa4d1182a1707c8d64fb5a8688c70202d76a819385b8505f4aae
2fcb3b21d9ae09bbaefb027a49dc19275545fd38d1c11930038c483eab493467
3620257543531665da968385ba4980c52e20cd951040280597320ea734a94523
396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0
45d6bea3c30a906c235012643eef7ecdba3900acb1552c504f1f222762ac0589
4bfc4c1c553cd28d54f909def2b3c9981b02aa40a537873a257fd8cc9713343f
50bf3385e888eee5e31a92d71c9a194b3bdfb62760b9cc069b962ef9d3b5646f
550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b
66e8b07ba9935213287ec345f633fab3355d5abc00692e2629ebb677e916c0b9
6b918dd89fb6cc8190bee39e84cd937e028514ac3d07a81edfcec42060648024
7ed7481b1b7c99b2f0ce21d0fea98fcfb01edd159abbc13d16fd2656efc41de8
80c7d8d88a91688aa18a1ce39ec33e15ac5e1cad7c7be1c5fa3c403f34f1b53c
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
abb24a57140739412d37df11d2ce9cf1b383b4c72456c4855d469f3588d3a4dd
b0a344899887fc99fe0757426fd07c3d2f38eeec275523a923de18e08898d582
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5238d1120a87c02fab0edda3c4644957218902bbfa90236202876d5f2cdb354
b56108d788bf3a6a6fa2a76e6047bdd6551359493542ad49d08732e3997548ff
b78ffe8ef176a42fa5ce959c9f3ed4ad7fc8c528a084be5fcbb3821ece499149
c0dc7dae9a937763e6a6497ab0202c3b85dceccca162bf6dff2bc114e0e3e3ce
c9098c9171dfaa6fb650ecc405f43baa1d291953abbf6095f54f0025d6e5dc2a
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2dd310aa86824e25ec3e4ebcc7509dfebf350bd819b4e3f252d1d3f2fe6f608
e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8799f2c6ad0ac17c730624414c8e24924a727ff0a447a79c74f1888a8169435
f9c72687a5b4b636152f188c1012b7d33a2f9947f35784f671407d865d089296
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505