thewheel.cmail19.com Open in urlscan Pro
52.36.51.127  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/	43 KB 9 KB	1271ms 596ms	Document text/html	52.36.51.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.36.51.127 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-36-51-127.us-west-2.compute.amazonaws.com Software _waflopenresty/1.11.2.2 / Resource Hash aba99572baf422908ebbab10fdfe83f505ac4488874ebe220c1353e40f0b240e Security Headers Name Value Content-Security-Policy script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language zh-SG,zh;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control private Connection keep-alive Content-Encoding gzip Content-Security-Policy script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce; Content-Type text/html; charset=utf-8 Date Wed, 24 Apr 2024 01:21:47 GMT P3P CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE" Referrer-Policy no-referrer-when-downgrade Server _waflopenresty/1.11.2.2 Transfer-Encoding chunked Vary Accept-Encoding X-Content-Type-Options nosniff X-Robots-Tag noindex, nofollow X-XSS-Protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	436ms 40ms	Stylesheet text/css	142.251.175.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Merriweather:400italic,400,700,700italic Requested by Host: thewheel.cmail19.com URL: https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.175.95 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS sh-in-f95.1e100.net Software ESF / Resource Hash 3221fdddb002ae086dd9d6d9f015417ec5d6f7e23ddda62069a2b445a3fb3725 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 24 Apr 2024 01:21:48 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 24 Apr 2024 01:21:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 24 Apr 2024 01:21:48 GMT
GET H2	200	social.min.css css.createsend1.com/css/	3 KB 1 KB	102ms 28ms	Stylesheet text/css	18.155.68.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://css.createsend1.com/css/social.min.css?h=2EF897D720240412 Requested by Host: thewheel.cmail19.com URL: https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.155.68.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-155-68-116.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash 4dabfc3b869b33309240233fc6225ca01f22d1a37ef5c76516a25b3a7509b41a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 23:27:29 GMT content-encoding gzip via 1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Thu, 11 Jul 2024 00:00:00 GMT", rule-id="assets-clean-up" last-modified Thu, 11 Apr 2024 23:24:59 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 age 1043660 etag W/"45c56b209c92832268c6b3833193a0b0" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control public, max-age=31536000 x-amz-cf-id MMvR0fCTCviCOcmtnJVhpQBfET2tk1oBnjWO2stTyi0YQflPOwN7Mg==
GET H2	200	2023-OurEUStory-Launch-990000079e04513c.gif i1.createsend1.com/ei/i/DF/897/FF4/191606/csfinal/	172 KB 173 KB	101ms 26ms	Image image/gif	13.35.18.41 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i1.createsend1.com/ei/i/DF/897/FF4/191606/csfinal/2023-OurEUStory-Launch-990000079e04513c.gif Requested by Host: thewheel.cmail19.com URL: https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.18.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-18-41.sin5.r.cloudfront.net Software csw / Resource Hash 713b872e5666005e267f7de72a76a2a45a9638b18181d0b332eadd6d18f065df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 20:55:25 GMT via 1.1 1728256c36c9016e0b9379e91a1c2e68.cloudfront.net (CloudFront) x-content-type-options nosniff referrer-policy no-referrer-when-downgrade server csw x-amz-cf-pop SIN5-C1 age 15983 x-cache Hit from cloudfront content-type image/gif cache-control public, max-age=86400 content-length 176238 x-xss-protection 1; mode=block x-amz-cf-id kCE2wTAuWEAEwC_ixnAE8w15be6te0dmyZ0lLKP9gIl9fWGNkoWYQQ==
GET H2	200	fblike-white-flex@2x.png i1.createsend1.com//static/eb/master/13-the-blueprint-3/images/	407 B 819 B	93ms 27ms	Image image/png	13.35.18.41 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i1.createsend1.com//static/eb/master/13-the-blueprint-3/images/fblike-white-flex@2x.png Requested by Host: thewheel.cmail19.com URL: https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.18.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-18-41.sin5.r.cloudfront.net Software csw / Resource Hash cd9d1526df727d1706e2a439b3a4cc3b38af25150e301148658b07232bdb97b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 16:57:18 GMT via 1.1 1728256c36c9016e0b9379e91a1c2e68.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop SIN5-C1 age 807870 x-cache Hit from cloudfront content-length 407 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 19 Oct 2023 22:53:53 GMT server csw etag "3222e021df2da1:0" content-type image/png cache-control public,max-age=864000 accept-ranges bytes x-amz-cf-id O2N8-ro_dcGjyfbHFEiGZt54VXEZTHmBQUdtOC2xUEob3gQI3ZIN3g==
GET H2	200	tweet-white-flex@2x.png i2.createsend1.com//static/eb/master/13-the-blueprint-3/images/	629 B 1 KB	91ms 25ms	Image image/png	13.35.18.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i2.createsend1.com//static/eb/master/13-the-blueprint-3/images/tweet-white-flex@2x.png Requested by Host: thewheel.cmail19.com URL: https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.18.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-18-125.sin5.r.cloudfront.net Software csw / Resource Hash df8d5617292f124f74d5f9678130d29fb5680fa9fa77cdf7580de046d07cf723 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 07:58:53 GMT via 1.1 47f0d09d9d5d7d899c2e467cfbfb08e0.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop SIN5-C1 age 753774 x-cache Hit from cloudfront content-length 629 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 19 Oct 2023 22:53:53 GMT server csw etag "42c0422df2da1:0" content-type image/png cache-control public,max-age=864000 accept-ranges bytes x-amz-cf-id wPY7-FKkCGMJbvx8dO1N2GGZiKU9DSXyNejNKx2z1q83t2iVAPXs9w==
GET H2	200	linkedinshare-white-flex@2x.png i3.createsend1.com//static/eb/master/13-the-blueprint-3/images/	387 B 801 B	89ms 23ms	Image image/png	13.35.18.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i3.createsend1.com//static/eb/master/13-the-blueprint-3/images/linkedinshare-white-flex@2x.png Requested by Host: thewheel.cmail19.com URL: https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.18.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-18-109.sin5.r.cloudfront.net Software csw / Resource Hash c5635efb474e9f233a1c6def2ee2f885e0f1f6c682e2737a07c2067f30331012 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 14 Apr 2024 16:57:18 GMT via 1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop SIN5-C1 age 807870 x-cache Hit from cloudfront content-length 387 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 19 Oct 2023 22:53:53 GMT server csw etag "b6f8f321df2da1:0" content-type image/png cache-control public,max-age=864000 accept-ranges bytes x-amz-cf-id 8OIV4j-ixVMyKbmRn-H1RUIqPhkeT7SMqYjYVhZ08qX9jtRJ618W7g==
GET H2	200	forwardtoafriend-white-flex@2x.png i4.createsend1.com//static/eb/master/13-the-blueprint-3/images/	464 B 877 B	89ms 29ms	Image image/png	13.35.18.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i4.createsend1.com//static/eb/master/13-the-blueprint-3/images/forwardtoafriend-white-flex@2x.png Requested by Host: thewheel.cmail19.com URL: https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.18.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-18-109.sin5.r.cloudfront.net Software csw / Resource Hash 23a0dcee2f36d233d88f88b11b3e26ec44a335cc302d871b54ad71d728aa59d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 07:07:56 GMT via 1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop SIN5-C1 age 670432 x-cache Hit from cloudfront content-length 464 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 19 Oct 2023 22:53:53 GMT server csw etag "9657ec21df2da1:0" content-type image/png cache-control public,max-age=864000 accept-ranges bytes x-amz-cf-id l3ezfSe4dVT47ja4a1Ev3pGOulIOX-T7LDE8RPlqAhwhm-P8Iv4h0g==
GET H2	200	jquery-1.7.2.min.js Show response js.createsend1.com/js/	93 KB 34 KB	89ms 25ms	Script application/javascript	18.155.68.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.createsend1.com/js/jquery-1.7.2.min.js?h=C99A465920240412 Requested by Host: thewheel.cmail19.com URL: https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.155.68.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-155-68-38.sin52.r.cloudfront.net Software csw / Resource Hash d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 23:14:32 GMT content-encoding gzip x-content-type-options nosniff via 1.1 c32320ec66084fc36ce5afbb4359a2c4.cloudfront.net (CloudFront) x-amz-cf-pop SIN52-P1 age 1044435 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Tue, 09 Apr 2024 14:23:36 GMT server csw etag W/"0242d82898ada1:0" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control public,max-age=31536000 x-amz-cf-id i76SxZbX4S_zsK05YrxJGL8ZWGJ8UC7bx-4MYSCM_xFHGx0s6ybssg==
GET H2	200	all.js Show response connect.facebook.net/en_US/	3 KB 4 KB	425ms 24ms	Script application/x-javascript	157.240.235.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: thewheel.cmail19.com URL: https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-04-sin6.fbcdn.net Software / Resource Hash ac144218d751306b7e6d28489f3b3efaaa0ea77bb17230c54af2866b19f75738 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Wed, 24 Apr 2024 01:21:48 GMT content-md5 fQNLJ2bUO/vYNWVy8SJ4ZQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1687 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=4, rtx=0, c=12, mss=1380, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=-1 x-fb-debug f7EtADRZdHntJR+KhROp0Mqwvceu7nDxFX/HZoJ3BlLzuAWlt/OvGEWgZ9FEdZqcCbmjP8RgEZkZRsBz/JglDg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 7405ccd5b0b68a69be0e177a15e124ec cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" etag "39b9a8eaf762ec7f77f9579caed3bfd5" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-frame-options DENY timing-allow-origin * expires Wed, 24 Apr 2024 01:37:50 GMT
GET H2	200	track.min.js Show response js.createsend1.com/js/	6 KB 3 KB	93ms 30ms	Script application/x-javascript	18.155.68.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.createsend1.com/js/track.min.js?h=8B8A122620240412 Requested by Host: thewheel.cmail19.com URL: https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.155.68.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-155-68-38.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash 89e3824c669a8cb35b3716255fc14bbec60841e0c73e7453f6cbd3c99bc0be2a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 23:27:28 GMT content-encoding gzip via 1.1 c32320ec66084fc36ce5afbb4359a2c4.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Thu, 11 Jul 2024 00:00:00 GMT", rule-id="assets-clean-up" last-modified Thu, 11 Apr 2024 23:25:05 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 age 1043661 etag W/"8a71cd670d4ed2aaaa3ca6a1938470bf" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control public, max-age=31536000 x-amz-cf-id nl_RcR9A32er5V3VE-ZTWsqDs-SBpG-FCKcWizGAwOyvv3_TibAE1Q==
GET H2	200	u-440qyriQwlOrhSvowK_l5-fCZM.woff2 fonts.gstatic.com/s/merriweather/v30/	20 KB 20 KB	388ms 32ms	Font font/woff2	142.251.10.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather:400italic,400,700,700italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f94.1e100.net Software sffe / Resource Hash 5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://thewheel.cmail19.com Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 22 Apr 2024 22:14:48 GMT x-content-type-options nosniff age 97620 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20028 x-xss-protection 0 last-modified Tue, 26 Apr 2022 16:41:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 22 Apr 2025 22:14:48 GMT
GET H2	200	u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 fonts.gstatic.com/s/merriweather/v30/	19 KB 19 KB	387ms 31ms	Font font/woff2	142.251.10.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather:400italic,400,700,700italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f94.1e100.net Software sffe / Resource Hash 273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://thewheel.cmail19.com Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 21 Apr 2024 21:22:33 GMT x-content-type-options nosniff age 187155 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19740 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 21 Apr 2025 21:22:33 GMT
GET H2	200	u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2 fonts.gstatic.com/s/merriweather/v30/	19 KB 20 KB	376ms 21ms	Font font/woff2	142.251.10.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather:400italic,400,700,700italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f94.1e100.net Software sffe / Resource Hash 499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://thewheel.cmail19.com Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 21 Apr 2024 02:30:01 GMT x-content-type-options nosniff age 255107 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19780 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 21 Apr 2025 02:30:01 GMT
GET H2	200	u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2 fonts.gstatic.com/s/merriweather/v30/	19 KB 20 KB	378ms 23ms	Font font/woff2	142.251.10.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Merriweather:400italic,400,700,700italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f94.1e100.net Software sffe / Resource Hash 3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://thewheel.cmail19.com Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 20 Apr 2024 21:14:14 GMT x-content-type-options nosniff age 274054 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19900 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:46:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 20 Apr 2025 21:14:14 GMT
GET H2	200	all.js Show response connect.facebook.net/en_US/	301 KB 87 KB	373ms 23ms	Script application/x-javascript	157.240.235.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=01df8df3a2af40146b5da3c70041149c Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-04-sin6.fbcdn.net Software / Resource Hash 35603e63961295867c671e5188ef554d1b713beae2f08456101b2fd691db97a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Origin https://thewheel.cmail19.com Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Wed, 24 Apr 2024 01:21:48 GMT content-md5 GqG8FKn1n6PmTlyjqp2d8g== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 87026 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=13, mss=1380, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=-1 x-fb-debug T9AbTbHhQjNfPZQHGEfWaWb704JTdFf78PSl0JAlIi1wNRh1PuJjzGVudmDiI1i0ycmq8ZTTZXnniUREIvHAow== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 ee8305abd0059cebb150a9ae319838c5 cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" etag "56333bdd9c56d5bb896054095e98f0ef" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-frame-options DENY timing-allow-origin * expires Wed, 23 Apr 2025 23:10:49 GMT
GET H/1.1	200 OK	favicon.ico thewheel.cmail19.com/	990 B 964 B	385ms 385ms	Other text/html	52.36.51.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://thewheel.cmail19.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.36.51.127 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-36-51-127.us-west-2.compute.amazonaws.com Software _waflopenresty/1.11.2.2 / Resource Hash 35f2dec6fb85bd756d19aa2f49fa41382f242b88e1596b2ecb41556c28e12356 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://thewheel.cmail19.com/t/i-e-ajttjc-tulyhjvjl-k/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 24 Apr 2024 01:21:48 GMT Content-Encoding gzip X-Content-Type-Options nosniff Referrer-Policy no-referrer-when-downgrade Server _waflopenresty/1.11.2.2 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=utf-8 P3P CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE" Cache-Control private Connection keep-alive X-Robots-Tag noindex, nofollow X-XSS-Protection 1; mode=block

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| FB object| CS object| jQuery17207651268298680771 object| __buffer

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
css.createsend1.com
fonts.googleapis.com
fonts.gstatic.com
i1.createsend1.com
i2.createsend1.com
i3.createsend1.com
i4.createsend1.com
js.createsend1.com
thewheel.cmail19.com
13.35.18.109
13.35.18.125
13.35.18.41
142.251.10.94
142.251.175.95
157.240.235.1
18.155.68.116
18.155.68.38
52.36.51.127
23a0dcee2f36d233d88f88b11b3e26ec44a335cc302d871b54ad71d728aa59d5
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
3221fdddb002ae086dd9d6d9f015417ec5d6f7e23ddda62069a2b445a3fb3725
35603e63961295867c671e5188ef554d1b713beae2f08456101b2fd691db97a2
35f2dec6fb85bd756d19aa2f49fa41382f242b88e1596b2ecb41556c28e12356
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4dabfc3b869b33309240233fc6225ca01f22d1a37ef5c76516a25b3a7509b41a
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
713b872e5666005e267f7de72a76a2a45a9638b18181d0b332eadd6d18f065df
89e3824c669a8cb35b3716255fc14bbec60841e0c73e7453f6cbd3c99bc0be2a
aba99572baf422908ebbab10fdfe83f505ac4488874ebe220c1353e40f0b240e
ac144218d751306b7e6d28489f3b3efaaa0ea77bb17230c54af2866b19f75738
c5635efb474e9f233a1c6def2ee2f885e0f1f6c682e2737a07c2067f30331012
cd9d1526df727d1706e2a439b3a4cc3b38af25150e301148658b07232bdb97b8
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
df8d5617292f124f74d5f9678130d29fb5680fa9fa77cdf7580de046d07cf723