sayweonline.org Open in urlscan Pro
172.67.215.94 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sayweonline.org/
Effective URL:
https://sayweonline.org/
Submission: On June 12 via api (June 12th 2024, 10:49:57 am UTC) from JP — Scanned from JP

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 172.67.215.94, located in United States and belongs to CLOUDFLARENET, US. The main domain is sayweonline.org.
TLS certificate: Issued by WE1 on June 12th 2024. Valid for: 3 months.

This is the only time sayweonline.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	172.67.215.94 172.67.215.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.26.43.135 184.26.43.135	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	216.69.141.204 216.69.141.204	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
17	4

13 172.67.215.94 (United States)

ASN13335 (CLOUDFLARENET, US)

sayweonline.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.26.43.135 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-26-43-135.deploy.static.akamaitechnologies.com

img3.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.69.141.204 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 204.141.69.216.host.secureserver.net

widget.starfieldtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	sayweonline.org sayweonline.org	10 KB
2	starfieldtech.com widget.starfieldtech.com	370 KB
1	wsimg.com img3.wsimg.com	33 KB
0	secureserver.net Failed imagesak.secureserver.net Failed
17	4

	Domain	Requested by
13	sayweonline.org	sayweonline.org
2	widget.starfieldtech.com	sayweonline.org
1	img3.wsimg.com	sayweonline.org
0	imagesak.secureserver.net Failed	sayweonline.org
17	4

This site contains no links.

Subject Issuer	Validity	Valid
sayweonline.org WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2023-09-19` - `2024-10-20`	a year	crt.sh
widget.starfieldtech.com Starfield Secure Certificate Authority - G2	`2023-06-09` - `2024-07-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sayweonline.org/
Frame ID: 38E1603A2D0EDEA26A2DB9C5D300B1B3
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

We SAY

Page URL History Show full URLs

http://sayweonline.org/ HTTP 307
https://sayweonline.org/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

413 kB
Transfer

480 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sayweonline.org/ HTTP 307
https://sayweonline.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response sayweonline.org/ Redirect Chain http://sayweonline.org/ https://sayweonline.org/	8 KB 2 KB	659ms 638ms	Document text/html	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sayweonline.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a04cf8d9a63546c49163bd034dafab9c255137fa44186d50a05c2d28107fa85c` Request headers Accept-Language ja-JP,ja;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 892946ce3c5f808d-NRT content-encoding br content-type text/html; charset=utf-8 date Wed, 12 Jun 2024 10:49:51 GMT last-modified Thu, 25 Jul 2013 02:05:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MNr7jNg3eQ3q6Wt0r%2B52rm140ngbWg4A8952mFvTN0DFBL9vO3f%2BxzWZJOOdJXmbg07o82Q2YJs%2BTRAlofjioCxUZjS3vH7k%2B%2F%2FWX5%2FtlYbidBj4ksze2v8VojqpIgyTiRM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers Location https://sayweonline.org/ Non-Authoritative-Reason HttpsUpgrades
GET H3	404	imageSwap.js sayweonline.org/scripts/	0 0	600ms 597ms	Script text/html	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sayweonline.org/scripts/imageSwap.js Requested by Host: sayweonline.org URL: https://sayweonline.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:52 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WXYb1EI36nyC7IPQEsg%2Bfa7J7atWuEwQezcrOerLRnD1rUQrEXlFH5eFLMSu7UDWDtfpDhRZW16fc633kmAvsT5ehWRlfffxcOl%2F5OATRew%2FXoxQOFAFJQyB%2FNa74W1pn2E%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 892946d259f1808d-NRT alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	jquery.js Show response img3.wsimg.com/starfield/jquery/v1.7.2/	93 KB 33 KB	578ms 458ms	Script application/x-javascript	184.26.43.135 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://img3.wsimg.com/starfield/jquery/v1.7.2/jquery.js Requested by Host: sayweonline.org URL: https://sayweonline.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.26.43.135 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-26-43-135.deploy.static.akamaitechnologies.com Software / Resource Hash `47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 12 Jun 2024 10:49:52 GMT Content-Encoding gzip Last-Modified Thu, 19 Apr 2012 20:41:14 GMT ETag "91d95dc36c1ecd1:0" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 33673 Expires Thu, 12 Jun 2025 10:49:52 GMT
GET		jquery-ui-1.8.12.min.js imagesak.secureserver.net/js/jquery/	0 0

GET H2	200	cygnus.js Show response widget.starfieldtech.com/API.svc/	353 KB 353 KB	515ms 245ms	Script text/javascript	216.69.141.204 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://widget.starfieldtech.com/API.svc/cygnus.js?app=WST&user=3022274&space=WST30222ItU8fxHh9v&proxy=/plugins/cygnuswidget/proxyhandler.php Requested by Host: sayweonline.org URL: https://sayweonline.org/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 216.69.141.204 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 204.141.69.216.host.secureserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `1082cb8de2276e6681357249db338810a4c06b44b62415cafd955867b218172c` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:52 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 361320 content-type text/javascript
GET H3	404	jquery.wst.cygnuswidget.css sayweonline.org/plugins/jquery.wst.cygnuswidget/	0 0	622ms 618ms	Stylesheet text/html	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sayweonline.org/plugins/jquery.wst.cygnuswidget/jquery.wst.cygnuswidget.css Requested by Host: sayweonline.org URL: https://sayweonline.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:52 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVjmXLWzq2YEbxdkgiWFoUwk7dCy9%2Fw7t8M0K38i420edEKhf4R2WjXwmYMLJnj8x2Z97EXyko8Xluc3MF65E1asMOQ2yp%2FFbjz2xVcObN0WRflbVSIvtUx85HW2tlnKmwU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 892946d269fc808d-NRT alt-svc h3=":443"; ma=86400
GET H3	200	layoutcontainer.css sayweonline.org/	551 B 710 B	633ms 630ms	Stylesheet text/css	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sayweonline.org/layoutcontainer.css Requested by Host: sayweonline.org URL: https://sayweonline.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4bc955ec8c087ed2ad1abf59300c34a0e811ea0073b621d08374f231abd9fe77` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:52 GMT content-encoding br cf-cache-status MISS last-modified Fri, 08 Mar 2013 02:46:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"066c54de73acdd3becbc9fa2d1860c12" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0csb8Pf2bMENU4Sgm7gR3VOckvmluBhKQKlyZGm9oURGuZK2pI8hLNrGOY%2Bf71avT3ZVniEljQi16nFYDbKLQrTO3zts99qPhO8XR6Bc2E8%2FU4q5JNQIL9u7jfZoK0Otm3w%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control public, max-age=2592000 cf-ray 892946d269fd808d-NRT alt-svc h3=":443"; ma=86400
GET H3	200	theme.css sayweonline.org/	5 KB 2 KB	637ms 634ms	Stylesheet text/css	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sayweonline.org/theme.css Requested by Host: sayweonline.org URL: https://sayweonline.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `982ea58e64e8df2b59bea9263463bd31c0c19af4b76d8e05db8a6b234785ff5b` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:52 GMT content-encoding br cf-cache-status MISS last-modified Fri, 08 Mar 2013 02:46:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"49145ad2b91a03ecb6ab60c61caefa55" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c6H%2F0yaQ62UXDae%2Bs3Wku5YPry2UxXP3Djk1VGuv7I3IKx5it5%2BuntoIU1nX7XgV%2FvJFBG6Zf5VnDXGgTFlosSPpBZLEYP3a06cSmb6sHAo26OJIWMNS0lbmBY4ZW%2FcB8SA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control public, max-age=2592000 cf-ray 892946d269fe808d-NRT alt-svc h3=":443"; ma=86400
GET H3	200	color_6.css sayweonline.org/	1 KB 886 B	611ms 608ms	Stylesheet text/css	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sayweonline.org/color_6.css Requested by Host: sayweonline.org URL: https://sayweonline.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4b425ed69035539af24e15f9414f3e4d9d65d8b0bcfcb297495b58f241352530` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:52 GMT content-encoding br cf-cache-status MISS last-modified Fri, 08 Mar 2013 02:46:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"cc7a899bf55e9c9470b20d163bd2cc4d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0f%2Fr%2BfusZcGVkchhiP9j7bJllf1U%2FVBKhktkiufqYPbTmn6EB3o8ujpCzky0AN5g%2Fy6XMf3vXzJha%2BoTwKeei%2FoJOEjSIMAbY2RLr%2B688bpYmJDq5%2F8X5AB15tjG7ocfBpo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control public, max-age=2592000 cf-ray 892946d26a00808d-NRT alt-svc h3=":443"; ma=86400
GET H3	200	custom.css sayweonline.org/	306 B 630 B	637ms 635ms	Stylesheet text/css	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sayweonline.org/custom.css Requested by Host: sayweonline.org URL: https://sayweonline.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `77a9293c967d7de095b8fb2c3b57f9fcc2d108ff15515c9df32387fb6a37d1c3` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:52 GMT content-encoding br cf-cache-status MISS last-modified Fri, 08 Mar 2013 02:46:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"a37f1dc924dbc7a6597c691a74918ba4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2FPga86c8L5SnsuFICtZdpRxRPO4PpX9Z5PWgwINGGb8T%2BK%2Fqh9funM7jIAJ0Qx9a2zDdfPqdVb0S%2FgCi6%2FYsm76e5a7URjzbhDNZoQa%2Bf1AVpPRTa7F5pTFKNs8xi52fPg%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control public, max-age=2592000 cf-ray 892946d26a03808d-NRT alt-svc h3=":443"; ma=86400
GET H2	200	support.js Show response widget.starfieldtech.com/API.svc/	17 KB 17 KB	390ms 124ms	Script text/javascript	216.69.141.204 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://widget.starfieldtech.com/API.svc/support.js?script=simpledialog Requested by Host: sayweonline.org URL: https://sayweonline.org/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 216.69.141.204 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 204.141.69.216.host.secureserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `56ddc4ac5e3fabfe76df4a3dfdbefa870971d81f7d39efa92270efbebbdf17e6` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:52 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 16963 content-type text/javascript
GET H3	404	672_bg-repeater.gif sayweonline.org/images/	534 B 534 B	573ms 572ms	Image text/html	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sayweonline.org/images/672_bg-repeater.gif Requested by Host: sayweonline.org URL: https://sayweonline.org/theme.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a030a4d007a6be8c7033f227bc0d0f40fd1e93b4c80755770257fa41ccd7d293` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/theme.css Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xcnhl7Y898U9e1MTqaCvs5BIicKJAkKIub%2BlXEUKaLvg0wLBYNHMYNnqvxaBLjsa%2Bv3Yi%2FoHvv3SLY85DbavjNzeXfYN6aliDCYZYBPrfBeJ8YgxfyQCjw%2BC7dnYnBCS4uY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 892946d84972808d-NRT alt-svc h3=":443"; ma=86400
GET H3	404	672_lightspot.gif sayweonline.org/images/	534 B 534 B	627ms 626ms	Image text/html	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sayweonline.org/images/672_lightspot.gif Requested by Host: sayweonline.org URL: https://sayweonline.org/theme.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a030a4d007a6be8c7033f227bc0d0f40fd1e93b4c80755770257fa41ccd7d293` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/theme.css Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jyV2BGICiy1X8hrGY2mN2xFp5Wm1mUQhbJrj7i4Ch4Q6AnpWEKyAlzvKvddDwZuojlgen%2BiLcljnBqkF6622P412xJgNsS5R1HtcBPf%2BU5JGC5bx%2FbiusxR5fzgEI2ao2vY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 892946d84974808d-NRT alt-svc h3=":443"; ma=86400
GET H3	404	672_faux-sidebar_6.gif sayweonline.org/images/	534 B 534 B	601ms 600ms	Image text/html	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sayweonline.org/images/672_faux-sidebar_6.gif Requested by Host: sayweonline.org URL: https://sayweonline.org/color_6.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a030a4d007a6be8c7033f227bc0d0f40fd1e93b4c80755770257fa41ccd7d293` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/color_6.css Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYrlQuss4Gwxve3Dv25fUUf%2BQJ9aylsvKr15ckTziKij7mExx1qNuNUkykEQ55oe23TgcwTHASbX6BV68SEI6bcvcY6WaeRe%2Fj7kPUvwqoORF80MkxgQ2%2FP0GQjMOZRIaa4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 892946d84975808d-NRT alt-svc h3=":443"; ma=86400
GET H3	404	672_sidebar-text_6.gif sayweonline.org/images/	534 B 534 B	589ms 587ms	Image text/html	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sayweonline.org/images/672_sidebar-text_6.gif Requested by Host: sayweonline.org URL: https://sayweonline.org/color_6.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a030a4d007a6be8c7033f227bc0d0f40fd1e93b4c80755770257fa41ccd7d293` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/color_6.css Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZGudNFfOlI7YInxSom%2BRuyrKyzi1onD0fbLQsYNDGxX1T5q1Zde%2FYgUpKGm6%2FLFdFftKG8vAIAymCjOLUMMSnP2qhCAJCMKgKTsjlyeY1uwYOv032wOIjQAOIQdPWGOhNw%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 892946d84976808d-NRT alt-svc h3=":443"; ma=86400
GET H3	404	672_navigation-reppeater.gif sayweonline.org/images/	534 B 534 B	596ms 595ms	Image text/html	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sayweonline.org/images/672_navigation-reppeater.gif Requested by Host: sayweonline.org URL: https://sayweonline.org/theme.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a030a4d007a6be8c7033f227bc0d0f40fd1e93b4c80755770257fa41ccd7d293` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/theme.css Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLw7oD1z0hZI3Xy60MxrGngmKq6JNk2WOGIjWm0A%2FXyoWVDuwHIct2Ndyu%2FmWDn4hJLpe6%2BiupNMYJ60t8%2BkyoGkxMJ1x9Tl7GOSd8dvWo0LRkyH1c7ExSiCOUxJRpMmAz8%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 892946d84979808d-NRT alt-svc h3=":443"; ma=86400
GET H3	404	favicon.ico sayweonline.org/	534 B 556 B	585ms 584ms	Other text/html	172.67.215.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sayweonline.org/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.215.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a030a4d007a6be8c7033f227bc0d0f40fd1e93b4c80755770257fa41ccd7d293` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sayweonline.org/ Accept-Language ja-JP,ja;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 10:49:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lf6BDThNi%2BBH3TDT224gXG3Hw2mAb0%2Fr1851edM5C4kIaMKWwUOXxvJnwO1u8O3Odjr0pvecLH0ZDdZY0lckXOcMQBOD4MEfUcCIX6Wp3Yw8JSNMKAN5Wquq33cTB4ZWRF0%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 892946dc3ebc808d-NRT alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: imagesak.secureserver.net
URL: https://imagesak.secureserver.net/js/jquery/jquery-ui-1.8.12.min.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sayweonline.org/scripts/imageSwap.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sayweonline.org/plugins/jquery.wst.cygnuswidget/jquery.wst.cygnuswidget.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sayweonline.org/images/672_bg-repeater.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sayweonline.org/images/672_sidebar-text_6.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sayweonline.org/images/672_navigation-reppeater.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sayweonline.org/images/672_faux-sidebar_6.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sayweonline.org/images/672_lightspot.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sayweonline.org/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

imagesak.secureserver.net
img3.wsimg.com
sayweonline.org
widget.starfieldtech.com
imagesak.secureserver.net
172.67.215.94
184.26.43.135
216.69.141.204
1082cb8de2276e6681357249db338810a4c06b44b62415cafd955867b218172c
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4b425ed69035539af24e15f9414f3e4d9d65d8b0bcfcb297495b58f241352530
4bc955ec8c087ed2ad1abf59300c34a0e811ea0073b621d08374f231abd9fe77
56ddc4ac5e3fabfe76df4a3dfdbefa870971d81f7d39efa92270efbebbdf17e6
77a9293c967d7de095b8fb2c3b57f9fcc2d108ff15515c9df32387fb6a37d1c3
982ea58e64e8df2b59bea9263463bd31c0c19af4b76d8e05db8a6b234785ff5b
a030a4d007a6be8c7033f227bc0d0f40fd1e93b4c80755770257fa41ccd7d293
a04cf8d9a63546c49163bd034dafab9c255137fa44186d50a05c2d28107fa85c

sayweonline.org Open in urlscan Pro 172.67.215.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

413 kBTransfer

480 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

sayweonline.org Open in urlscan Pro
172.67.215.94 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

413 kB
Transfer

480 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions