sao185.wspox4.com Open in urlscan Pro
184.107.149.198 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sao185.wspox4.com/
Submission: On June 21 via api (June 21st 2024, 7:04:04 pm UTC) from US — Scanned from CA

Summary HTTP 40 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 40 HTTP transactions. The main IP is 184.107.149.198, located in Canada and belongs to IWEB-AS, CA. The main domain is sao185.wspox4.com.
TLS certificate: Issued by R11 on June 15th 2024. Valid for: 3 months.

This is the only time sao185.wspox4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	184.107.149.198 184.107.149.198	32613 (IWEB-AS) (IWEB-AS)
5	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
2	172.64.147.188 172.64.147.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.251.174.97 142.251.174.97	15169 (GOOGLE) (GOOGLE)
4	157.240.244.1 157.240.244.1	32934 (FACEBOOK) (FACEBOOK)
1	172.253.122.190 172.253.122.190	15169 (GOOGLE) (GOOGLE)
1 2	172.217.222.148 172.217.222.148	15169 (GOOGLE) (GOOGLE)
1	173.194.204.148 173.194.204.148	15169 (GOOGLE) (GOOGLE)
2	209.85.144.100 209.85.144.100	15169 (GOOGLE) (GOOGLE)
1	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
2	173.194.204.157 173.194.204.157	15169 (GOOGLE) (GOOGLE)
2	209.85.201.94 209.85.201.94	15169 (GOOGLE) (GOOGLE)
2	157.240.244.35 157.240.244.35	32934 (FACEBOOK) (FACEBOOK)
1	209.85.144.106 209.85.144.106	15169 (GOOGLE) (GOOGLE)
40	14

13 184.107.149.198 (Canada)

ASN32613 (IWEB-AS, CA)

sao185.wspox4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.147.188 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.174.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.244.1 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-mty2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.190 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f190.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.222.148 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: qi-in-f148.1e100.net

8529603.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.204.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.85.144.100 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.204.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.85.201.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.244.35 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-mty2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.144.106 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	wspox4.com sao185.wspox4.com	797 KB
5	doubleclick.net 1 redirects 8529603.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 164 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	1 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	205 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	161 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	278 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8928	126 B
2	google.com analytics.google.com — Cisco Umbrella Rank: 174 www.google.com — Cisco Umbrella Rank: 5	309 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
2	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 8521	171 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 96
40	11

	Domain	Requested by
13	sao185.wspox4.com	sao185.wspox4.com
5	cdn.jsdelivr.net	sao185.wspox4.com
4	connect.facebook.net	sao185.wspox4.com connect.facebook.net
3	www.googletagmanager.com	sao185.wspox4.com www.googletagmanager.com
2	www.facebook.com	sao185.wspox4.com
2	www.google.ca	sao185.wspox4.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	8529603.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	pro.fontawesome.com	sao185.wspox4.com pro.fontawesome.com
1	www.google.com	sao185.wspox4.com
1	analytics.google.com	www.googletagmanager.com
1	ad.doubleclick.net	sao185.wspox4.com
1	www.youtube.com	sao185.wspox4.com
40	14

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
www.par217.wspox4.com R11	`2024-06-15` - `2024-09-13`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-31` - `2024-06-29`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.ca WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://sao185.wspox4.com/
Frame ID: EEA53D613F5AEF91712E76D6EF1C5FDA
Requests: 38 HTTP requests in this frame

Frame: https://www.youtube.com/embed/gvyr8cEFIfc
Frame ID: 2954F436F6192D2222DA85EE1EC1A9E8
Requests: 1 HTTP requests in this frame

Frame: https://8529603.fls.doubleclick.net/activityi;dc_pre=CMCOqcGx7YYDFSHo_QUdLpIBdQ;src=8529603;type=morer001;cat=mrpro0;ord=1;num=6996888851613;npa=0;auiddc=1422362200.1718996638;ps=1;pcor=1833882561;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsao185.wspox4.com%2F
Frame ID: 3DD58D58C28A4CA1A7B63C81D028E977
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - More Rewards Win Win Event

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

40
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

14
IPs

3
Countries

1637 kB
Transfer

3318 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/SaveOnFoods

Search URL Search Domain Scan URL

URL: https://www.instagram.com/SaveOnFoods/?hl=en

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://8529603.fls.doubleclick.net/activityi;src=8529603;type=morer001;cat=mrpro0;ord=1;num=6996888851613;npa=0;auiddc=1422362200.1718996638;ps=1;pcor=1833882561;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsao185.wspox4.com%2F HTTP 302
https://8529603.fls.doubleclick.net/activityi;dc_pre=CMCOqcGx7YYDFSHo_QUdLpIBdQ;src=8529603;type=morer001;cat=mrpro0;ord=1;num=6996888851613;npa=0;auiddc=1422362200.1718996638;ps=1;pcor=1833882561;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsao185.wspox4.com%2F

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sao185.wspox4.com/ 15 KB
6 KB 187ms
70ms Document
text/html 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sao185.wspox4.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),

Reverse DNS

Software

Apache / deny

Resource Hash

b77b5e19e1e66c212bed37e1eb124792d38c39d4430c95ccd7db76776ac7f3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 5255
Content-Type: text/html; charset=utf-8
Date: Fri, 21 Jun 2024 19:03:57 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Powered-By: deny
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
strict-transport-security: max-age=7200

GET
H2 200 jquery-ui.min.css
cdn.jsdelivr.net/jquery.ui/1.11.4/ 29 KB
8 KB 84ms
24ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.ui/1.11.4/jquery-ui.min.css

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jun 2024 19:03:57 GMT
age: 2558345
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7847
x-served-by: cache-fra-etou8220067-FRA, cache-yyz4559-YYZ
etag: W/"75d3-aXMSI//k9mlETpbyTFSBEBXmp3Y"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.6/css/ 118 KB
21 KB 87ms
28ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jun 2024 19:03:57 GMT
age: 1454943
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21318
x-served-by: cache-fra-etou8220117-FRA, cache-yyz4559-YYZ
etag: W/"1d9ac-jrF2xwuc+mhxt21tyY+1Jufps94"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
cdn.jsdelivr.net/fontawesome/4.5.0/css/ 27 KB
6 KB 85ms
26ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fontawesome/4.5.0/css/font-awesome.min.css

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jun 2024 19:03:57 GMT
age: 662147
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6301
x-served-by: cache-fra-etou8220030-FRA, cache-yyz4559-YYZ
etag: W/"6b4a-EtaGEHXejikyZf9v8DsfOty0THY"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.13.0/css/ 170 KB
32 KB 108ms
47ms Stylesheet
text/css 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.13.0/css/all.css
Requested by: Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e36d48c48ae338b5cccef7dedc545d736dff75042f4ecf272c7061a4fd92a4b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Origin: https://sao185.wspox4.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 19:03:57 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 5RWTJ42CE89J1JJC
age: 25236
x-amz-id-2: NI2BCWqIIUB35ccmEktOXrIlz7ARbLQyy5qLXKInY7e8jHwsKoIcS5kY9Kpo2MIw9WQRx3UBfFc=
last-modified: Mon, 28 Jun 2021 17:09:16 GMT
server: cloudflare
etag: W/"e889f00c68ceb105b6680ca5c96b3eae"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 897642f72ac138e2-YYZ

GET
H2 200 jquery@1.12.1,jquery.ui@1.11.4,bootstrap@3.3.6 Show response
cdn.jsdelivr.net/g/ 366 KB
110 KB 143ms
85ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/g/jquery@1.12.1,jquery.ui@1.11.4,bootstrap@3.3.6

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f9c72687a5b4b636152f188c1012b7d33a2f9947f35784f671407d865d089296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jun 2024 19:03:57 GMT
age: 819884
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 112421
x-served-by: cache-fra-eddf8230078-FRA, cache-yyz4559-YYZ
etag: W/"5b7b6-O0hxZ0obS/Kmi1zP5tysZaBHGp8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vue.js Show response
cdn.jsdelivr.net/vue/2.1.3/ 206 KB
60 KB 116ms
58ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/vue/2.1.3/vue.js

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

10b76de5595cf1e1a703fad27bd135c81aa06700f9c0e057b79f1f3550caf662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 21 Jun 2024 19:03:57 GMT
age: 1434881
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 61260
x-served-by: cache-fra-eddf8230105-FRA, cache-yyz4559-YYZ
etag: W/"33891-EZIuXCkNsbey9t+g1sLmjPJYB5A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
75 KB 217ms
113ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8529603

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

75dd6120a037e15502cf60927f3bebdc328e4db0b3630a23225e2d3043c179f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 19:03:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75969
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 19:03:57 GMT

GET
H/1.1 200
OK load.css
sao185.wspox4.com/helper/ 16 KB
4 KB 123ms
59ms Stylesheet
text/css 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sao185.wspox4.com/helper/load.css?lib=8qjywB5N18XmdhlV7M2rYpn9JssjTgC1WtWkQMQm9JRfSKlctDD7vHJmgyjDNSTVQGCkLH9DL

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),

Reverse DNS

Software

Apache / deny

Resource Hash

dd28d2523db832fe0a0bc2f90f34ab5f095c09d0c2a6c10a8748b005b47c059c

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: public
Date: Fri, 21 Jun 2024 19:03:57 GMT
strict-transport-security: max-age=7200
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
X-Powered-By: deny
ETag: 8454275d277053c9f0e6619c6eeb4e6e
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: public, max-age=43200
Connection: close
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Expires: Sat, 22 Jun 2024 07:03:57 GMT

GET
H/1.1 200
OK YellowButton-164.png
sao185.wspox4.com/module/SAO185/img/ 3 KB
3 KB 102ms
38ms Image
image/png 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao185.wspox4.com/module/SAO185/img/YellowButton-164.png
Requested by: Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software: Apache /
Resource Hash: 6b918dd89fb6cc8190bee39e84cd937e028514ac3d07a81edfcec42060648024

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 19:03:57 GMT
Last-Modified: Mon, 30 Nov 2020 22:53:47 GMT
Server: Apache
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3030

GET
H/1.1 200
OK SplashHeader-Base.png
sao185.wspox4.com/module/SAO185/img/ 431 KB
431 KB 105ms
37ms Image
image/png 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao185.wspox4.com/module/SAO185/img/SplashHeader-Base.png
Requested by: Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software: Apache /
Resource Hash: df0f2ec9325ea02ae48a139e21790f69d729d4e0feb7671a3c4a479e721f4508

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 19:03:57 GMT
Last-Modified: Mon, 30 Nov 2020 22:53:45 GMT
Server: Apache
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 441187

GET
H/1.1 200
OK YellowButton-Long.png
sao185.wspox4.com/module/SAO185/img/ 3 KB
3 KB 103ms
39ms Image
image/png 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao185.wspox4.com/module/SAO185/img/YellowButton-Long.png
Requested by: Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software: Apache /
Resource Hash: 4d66bfabb5772223031e222c4d3016b2618fbe80efc4800652a10d6a23cd1928

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 19:03:57 GMT
Last-Modified: Mon, 30 Nov 2020 22:53:47 GMT
Server: Apache
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 2841

GET
H/1.1 200
OK PrizeIconAnimate-v3.gif
sao185.wspox4.com/module/SAO185/img/ 65 KB
65 KB 105ms
39ms Image
image/gif 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao185.wspox4.com/module/SAO185/img/PrizeIconAnimate-v3.gif
Requested by: Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software: Apache /
Resource Hash: 6097e35ff68d3918e50c54c1a9ab72cc7ff05c6e3ecfe955c4de7736570231c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 19:03:57 GMT
Last-Modified: Mon, 30 Nov 2020 22:53:42 GMT
Server: Apache
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 66406

GET
H/1.1 200
OK _VendorLogos-Online2.png
sao185.wspox4.com/module/SAO185/img/ 207 KB
208 KB 104ms
38ms Image
image/png 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao185.wspox4.com/module/SAO185/img/_VendorLogos-Online2.png
Requested by: Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software: Apache /
Resource Hash: 8a44587a1086e8c429bd2ab6711c7285bb9303fc2042dff91c0c5aab3e5d9bdd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 19:03:57 GMT
Last-Modified: Mon, 30 Nov 2020 22:53:49 GMT
Server: Apache
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 212435

GET
H/1.1 200
OK SOFLogo.png
sao185.wspox4.com/module/SAO185/img/ 64 KB
64 KB 108ms
39ms Image
image/png 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao185.wspox4.com/module/SAO185/img/SOFLogo.png
Requested by: Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software: Apache /
Resource Hash: 851d560816f4a85547f5b279c761a57139618defdb706a72f82491c3c02e068e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 19:03:57 GMT
Last-Modified: Mon, 30 Nov 2020 22:53:44 GMT
Server: Apache
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 65242

GET
H/1.1 200
OK SocialIcons_Facebook.png
sao185.wspox4.com/module/SAO185/img/ 3 KB
3 KB 220ms
38ms Image
image/png 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao185.wspox4.com/module/SAO185/img/SocialIcons_Facebook.png
Requested by: Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software: Apache /
Resource Hash: c71864bd136a59b5f40864b6a6092847f314b08c776ebad050fbafe39ec9f59c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 19:03:57 GMT
Last-Modified: Mon, 30 Nov 2020 22:53:43 GMT
Server: Apache
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 2832

GET
H/1.1 200
OK SocialIcons_Instagram.png
sao185.wspox4.com/module/SAO185/img/ 5 KB
5 KB 103ms
39ms Image
image/png 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao185.wspox4.com/module/SAO185/img/SocialIcons_Instagram.png
Requested by: Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software: Apache /
Resource Hash: 1738ed62e5b3d62349b529c2129b41758a8a5c2d2405211951e26506edbbeb57

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 19:03:57 GMT
Last-Modified: Mon, 30 Nov 2020 22:53:44 GMT
Server: Apache
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 4779

GET
H/1.1 200
OK load.js Show response
sao185.wspox4.com/helper/ 9 KB
4 KB 169ms
100ms Script
application/javascript 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sao185.wspox4.com/helper/load.js?lib=5TM0VD9NsCN3PGP2dZhsdfyF9nfKFb3LF7WCkRdFgrMJpwNDS7yP8Zy

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),

Reverse DNS

Software

Apache / deny

Resource Hash

53fde5a4f9dfce89c278f9a37901b94cec70a046b3d037be583708c6de5a7fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: public
Date: Fri, 21 Jun 2024 19:03:57 GMT
strict-transport-security: max-age=7200
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
X-Powered-By: deny
ETag: 29f6ab724bfdda2c165d6abe9657ecc1
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: public, max-age=43200
Connection: close
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Expires: Sat, 22 Jun 2024 07:03:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 285 KB
100 KB 271ms
168ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53KH2H6

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

399dd379a237b031acc5b55d326b85648a20ce6fcfba06006fc871299b7c7a34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 19:03:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102619
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 19:03:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 393ms
249ms Script
application/x-javascript 157.240.244.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-mty2.fbcdn.net

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 19:03:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=69, rtx=0, c=14, mss=1316, tbw=2797, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: AKRI2lgGugrWvOvsuv/iD+7/9VYM2ixQeV/BJAo+bjTrgYEPaoK8vApmFNYgos/XirLRtmbJ2CB29lUY9mWLaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gvyr8cEFIfc
www.youtube.com/embed/ Frame 2954 0
0 212ms
123ms Document
text/html 172.253.122.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/gvyr8cEFIfc

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f190.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://sao185.wspox4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jun 2024 19:03:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.13.0/webfonts/ 138 KB
139 KB 38ms
37ms Font
font/woff2 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.13.0/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.13.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pro.fontawesome.com/releases/v5.13.0/css/all.css
Origin: https://sao185.wspox4.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 19:03:57 GMT
cf-cache-status: HIT
x-amz-request-id: 5RWRYG230M6DVND4
age: 25236
content-length: 141600
x-amz-id-2: vh1+RPX8vZI21zcJmDSp1CJiD+2I+qrngLkbjKIoVRNCv2GFX30iZoNyGe36DNLsL7XxABTic9Q=
last-modified: Mon, 28 Jun 2021 17:11:03 GMT
server: cloudflare
etag: "16e9dbeb2afd22d5cf0e7eeb2b2879ae"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 897642f8bc6038e2-YYZ

GET
H/1.1 404
Not Found MyriadPro-Regular.otf
sao185.wspox4.com/helper/font/ 0
0 92ms
52ms Font
text/html 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sao185.wspox4.com/helper/font/MyriadPro-Regular.otf

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/helper/load.css?lib=8qjywB5N18XmdhlV7M2rYpn9JssjTgC1WtWkQMQm9JRfSKlctDD7vHJmgyjDNSTVQGCkLH9DL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),

Reverse DNS

Software

Apache / deny

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/helper/load.css?lib=8qjywB5N18XmdhlV7M2rYpn9JssjTgC1WtWkQMQm9JRfSKlctDD7vHJmgyjDNSTVQGCkLH9DL
Origin: https://sao185.wspox4.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 19:03:57 GMT
strict-transport-security: max-age=7200
X-Content-Type-Options: nosniff
Server: Apache
X-Powered-By: deny
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Connection: close
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 218ms
218ms Script
application/x-javascript 157.240.244.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/helper/load.js?lib=5TM0VD9NsCN3PGP2dZhsdfyF9nfKFb3LF7WCkRdFgrMJpwNDS7yP8Zy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-mty2.fbcdn.net

Software

Resource Hash

64e8600b6afa91ba66f3347cda3dee00f5dc0ecb62f2ef50b39eb6b8813bbb23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Jun 2024 19:03:57 GMT
content-md5: Wuf3icGneuLq6x4FG500FA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=69, rtx=0, c=14, mss=1316, tbw=5210, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: Hq5p7W2PiCydv09homxLtpmVXre5nzqorpvi68qrCRhvzdaNEuMC47kiRr3g2yAmmJ8jQvi91rQ3CgJ6julCNg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c6be1e1bb158c9e9941d094134442802
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "b5d628e324149d34e896cb4dfae1ae27"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 21 Jun 2024 19:08:08 GMT

GET
H2

200

activityi;dc_pre=CMCOqcGx7YYDFSHo_QUdLpIBdQ;src=8529603;type=morer001;cat=mrpro0;ord=1;num=6996888851613;npa=0;auiddc=1422362200.1718996638;ps=1;pcor=1833882561;uaa=x86;uab=64;uafvl=Not%252FA)Brand...
8529603.fls.doubleclick.net/ Frame 3DD5
Redirect Chain

https://8529603.fls.doubleclick.net/activityi;src=8529603;type=morer001;cat=mrpro0;ord=1;num=6996888851613;npa=0;auiddc=1422362200.1718996638;ps=1;pcor=1833882561;uaa=x86;uab=64;uafvl=Not%252FA)Bra...
https://8529603.fls.doubleclick.net/activityi;dc_pre=CMCOqcGx7YYDFSHo_QUdLpIBdQ;src=8529603;type=morer001;cat=mrpro0;ord=1;num=6996888851613;npa=0;auiddc=1422362200.1718996638;ps=1;pcor=1833882561;...

0
0

318ms
317ms

Document
text/html

172.217.222.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8529603.fls.doubleclick.net/activityi;dc_pre=CMCOqcGx7YYDFSHo_QUdLpIBdQ;src=8529603;type=morer001;cat=mrpro0;ord=1;num=6996888851613;npa=0;auiddc=1422362200.1718996638;ps=1;pcor=1833882561;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsao185.wspox4.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8529603

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://sao185.wspox4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 397
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jun 2024 19:04:01 GMT
expires: Fri, 21 Jun 2024 19:04:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jun 2024 19:04:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8529603.fls.doubleclick.net/activityi;dc_pre=CMCOqcGx7YYDFSHo_QUdLpIBdQ;src=8529603;type=morer001;cat=mrpro0;ord=1;num=6996888851613;npa=0;auiddc=1422362200.1718996638;ps=1;pcor=1833882561;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsao185.wspox4.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=8529603;type=morer001;cat=mrpro0;ord=1;num=6996888851613;npa=0;auiddc=1422362200.1718996638;ps=1;pcor=1833882561;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7C...
ad.doubleclick.net/ 0
24 B 474ms
420ms Image
image/png 173.194.204.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=8529603;type=morer001;cat=mrpro0;ord=1;num=6996888851613;npa=0;auiddc=1422362200.1718996638;ps=1;pcor=1833882561;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0za200;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsao185.wspox4.com%2F?

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f148.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 19:03:58 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"7850960462874209187"}],"aggregatable_trigger_data":[{"filters":[{"14":["8217864"]}],"key_piece":"0xe365c6e2df6831b9","source_keys":["12","13","14","15","16","17","18","19","20","21","628495216","628495217","628495218","628495219","628652156","628652157","628652158","628652159","628699940","628699941","628699942","628699943","628840148","628840149","628840150","628840151","628867908","628867909","628867910","628867911","628889608","628889609","628889610","628889611","634764208","634764209","634764210","634764211","634974964","634974965","634974966","634974967"]},{"key_piece":"0x7e612e9a48ec191f","not_filters":{"14":["8217864"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628495216","628495217","628495218","628495219","628652156","628652157","628652158","628652159","628699940","628699941","628699942","628699943","628840148","628840149","628840150","628840151","628867908","628867909","628867910","628867911","628889608","628889609","628889610","628889611","634764208","634764209","634764210","634764211","634974964","634974965","634974966","634974967"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628495216":109,"628495217":109,"628495218":109,"628495219":10594,"628652156":32,"628652157":32,"628652158":32,"628652159":3177,"628699940":32,"628699941":32,"628699942":32,"628699943":3177,"628840148":32,"628840149":32,"628840150":32,"628840151":3177,"628867908":65,"628867909":65,"628867910":65,"628867911":6356,"628889608":32,"628889609":32,"628889610":32,"628889611":3177,"634764208":72,"634764209":72,"634764210":72,"634764211":7062,"634974964":32,"634974965":32,"634974966":32,"634974967":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"6985173978201373850","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"7850960462874209187","filters":[{"14":["8217864"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"7850960462874209187","filters":[{"14":["8217864"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"7850960462874209187","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"7850960462874209187","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["8529603"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
103 KB 59ms
58ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZM4WBLPQ9B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53KH2H6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

daea03251328b3befc089051524c284999d6f1337d20c78a3eed9e91182278b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 19:03:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105563
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jun 2024 19:03:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 1173ms
51ms Script
text/javascript 209.85.144.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53KH2H6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Jun 2024 17:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4550
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 21 Jun 2024 19:48:09 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
246 B 118ms
48ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ZM4WBLPQ9B&gtm=45je46j0v868978704za200zb832217187&_p=1718996637514&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1630997305.1718996638&ul=en-ca&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=BA&_s=1&sid=1718996638&sct=1&seg=0&dl=https%3A%2F%2Fsao185.wspox4.com%2F&dt=Home%20-%20More%20Rewards%20Win%20Win%20Event&en=page_view&_fv=1&_ss=1&ep.hostname=www.winwinevent.ca&tfd=1047&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZM4WBLPQ9B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 19:03:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sao185.wspox4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 1220ms
50ms Ping
text/plain 173.194.204.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZM4WBLPQ9B&cid=1630997305.1718996638&gtm=45je46j0v868978704za200zb832217187&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZM4WBLPQ9B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.204.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qb-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 19:03:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sao185.wspox4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 650ms
597ms Image
image/gif 209.85.201.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZM4WBLPQ9B&cid=1630997305.1718996638&gtm=45je46j0v868978704za200zb832217187&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1846857597

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 19:03:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1947126888667253 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 150ms
148ms Script
application/x-javascript 157.240.244.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1947126888667253?v=2.9.158&r=stable&domain=sao185.wspox4.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-mty2.fbcdn.net

Software

Resource Hash

dc51e7f3b21e0109512b55ad7d39da6996bbe17dfd08220be81fc18b32d33422

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 19:03:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=74, rtx=6, c=50, mss=1316, tbw=65688, tp=-1, tpl=-1, uplat=78, ullat=0
pragma: public
x-fb-debug: w+CjlyQk5WU1+Wl9sZL0VAZf8zkVcCRiNfuwwOPX6KH2oXHSY9MZY9AlRopmWVE48aqutkgzBbLOEzuxCzWhDQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
86 KB 140ms
70ms Script
application/x-javascript 157.240.244.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b735db30f3610689f7171154d8d2ece6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-mty2.fbcdn.net

Software

Resource Hash

6d1b4174cd9b8339c7388cf11727cb96978e7d22a08f82873b2308e74ba23443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Origin: https://sao185.wspox4.com
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Jun 2024 19:03:58 GMT
content-md5: QM4ej27ptqTox2MzR5EOcg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87577
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=23, mss=1232, tbw=4299, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: fvMZQRkborxGouqZ5hN8xncJuJfQNDO7+ActwaWMsRgIR3S1+FPWq9gfpEWH+vBLYUbZQjrA/doehnYpkMDt+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 5f35d85f570da4be953ddde7cc695383
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "8d70f4adf3c202413a2a6cfb3005eb93"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 21 Jun 2025 18:14:04 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 467ms
71ms Image
text/plain 157.240.244.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1947126888667253&ev=PageView&dl=https%3A%2F%2Fsao185.wspox4.com%2F&rl=&if=false&ts=1718996638306&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718996638301.369631053893863887&cs_est=true&ler=empty&cdl=API_unavailable&it=1718996638108&coo=false&rqm=GET

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-mty2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=69, rtx=0, c=10, mss=1316, tbw=2832, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 19:03:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 551ms
154ms Image
image/png 157.240.244.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1947126888667253&ev=PageView&dl=https%3A%2F%2Fsao185.wspox4.com%2F&rl=&if=false&ts=1718996638306&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718996638301.369631053893863887&cs_est=true&ler=empty&cdl=API_unavailable&it=1718996638108&coo=false&rqm=FGET

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-mty2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xdb16e6fd98da0e59","source_keys":["1","2"]},{"key_piece":"0x47d48d2f621fe6ab","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 19:03:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383034343661947951", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=69, rtx=0, c=17, mss=1316, tbw=3145, tp=-1, tpl=-1, uplat=82, ullat=0
pragma: no-cache
x-fb-debug: yg9o/oFaiyQCW1LBJyC5CBDcmcxCODRDUjcyjp28aS/nn8ZEEC4varSG8Tg7ZYE9rPdeaq/RyLAy7qE+xzZZLw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383034343661947951"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 52ms
51ms XHR
text/plain 209.85.144.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=990161141&t=pageview&_s=1&dl=https%3A%2F%2Fsao185.wspox4.com%2F&ul=en-ca&de=UTF-8&dt=Home%20-%20More%20Rewards%20Win%20Win%20Event&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1616213654&gjid=421482884&cid=1630997305.1718996638&tid=UA-3016345-8&_gid=305830865.1718996639&_r=1&_slc=1&gtm=45He46j0n8153KH2H6v832217187za200&cd1=WinWinEvent&cd2=WinWinEvent&cd3=WinWinEvent&cd17=not-set&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1529554299

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 19:03:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sao185.wspox4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 77ms
50ms XHR
text/plain 173.194.204.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3016345-8&cid=1630997305.1718996638&jid=1616213654&gjid=421482884&_gid=305830865.1718996639&_u=YCDACEAABAAAACAAI~&z=1815574058

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.204.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Jun 2024 19:03:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sao185.wspox4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 212ms
114ms Image
image/gif 209.85.144.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3016345-8&cid=1630997305.1718996638&jid=1616213654&_u=YCDACEAABAAAACAAI~&z=1306186865

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.106 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 19:03:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 116ms
115ms Image
image/gif 209.85.201.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3016345-8&cid=1630997305.1718996638&jid=1616213654&_u=YCDACEAABAAAACAAI~&z=1306186865

Requested by

Host: sao185.wspox4.com
URL: https://sao185.wspox4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 19:03:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found favicon.ico
sao185.wspox4.com/ 771 B
1 KB 373ms
55ms Other
text/html 184.107.149.198
IWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sao185.wspox4.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

184.107.149.198 , Canada, ASN32613 (IWEB-AS, CA),

Reverse DNS

Software

Apache / deny

Resource Hash

2e7bde40f1a7d93fd8a61e46671c729722c71b5b436a2917680b9e6fc0b6fb77

Security Headers

Name	Value
Strict-Transport-Security	max-age=7200
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sao185.wspox4.com/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 19:04:02 GMT
strict-transport-security: max-age=7200
X-Content-Type-Options: nosniff
Server: Apache
X-Powered-By: deny
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Connection: close
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sao185.wspox4.com/	1970-01-20 21:29:57	Name: _SAO185_S Value: 91eebb589a1c701b4343bd1b8b2cdd8b
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: WPBIYrnVD9M
.youtube.com/	1970-01-21 01:49:08	Name: VISITOR_INFO1_LIVE Value: ZnF4H_zigT0
.youtube.com/	1970-01-21 01:49:08	Name: VISITOR_PRIVACY_METADATA Value: CgJDQRIEGgAgFA%3D%3D
.wspox4.com/	1970-01-20 23:39:32	Name: _gcl_au Value: 1.1.1422362200.1718996638
.wspox4.com/	1970-01-21 07:05:56	Name: _ga_ZM4WBLPQ9B Value: GS1.1.1718996638.1.0.1718996638.60.0.0
.wspox4.com/	1970-01-20 23:39:32	Name: _fbp Value: fb.1.1718996638301.369631053893863887
.doubleclick.net/	1970-01-20 22:13:08	Name: ar_debug Value: 1
.wspox4.com/	1970-01-21 07:05:56	Name: _ga Value: GA1.2.1630997305.1718996638
.wspox4.com/	1970-01-20 21:31:23	Name: _gid Value: GA1.2.305830865.1718996639
.wspox4.com/	1970-01-20 21:29:56	Name: _gat_UA-3016345-8 Value: 1
.doubleclick.net/	1970-01-21 07:05:56	Name: IDE Value: AHWqTUlKp1ZLbhXQUYUcemjWMbx-ImkT5bPP46L22nrAeegIDY42P_oy_y1JKuqdxbM
.doubleclick.net/	1970-01-21 01:49:08	Name: receive-cookie-deprecation Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sao185.wspox4.com/helper/font/MyriadPro-Regular.otf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation	verbose	URL: https://sao185.wspox4.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://sao185.wspox4.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=7200
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8529603.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
cdn.jsdelivr.net
connect.facebook.net
pro.fontawesome.com
sao185.wspox4.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.youtube.com
142.251.174.97
151.101.129.229
157.240.244.1
157.240.244.35
172.217.222.148
172.253.122.190
172.64.147.188
173.194.204.148
173.194.204.157
184.107.149.198
209.85.144.100
209.85.144.106
209.85.201.94
216.239.32.181
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0e36d48c48ae338b5cccef7dedc545d736dff75042f4ecf272c7061a4fd92a4b
10b76de5595cf1e1a703fad27bd135c81aa06700f9c0e057b79f1f3550caf662
1738ed62e5b3d62349b529c2129b41758a8a5c2d2405211951e26506edbbeb57
2e7bde40f1a7d93fd8a61e46671c729722c71b5b436a2917680b9e6fc0b6fb77
399dd379a237b031acc5b55d326b85648a20ce6fcfba06006fc871299b7c7a34
4d66bfabb5772223031e222c4d3016b2618fbe80efc4800652a10d6a23cd1928
53fde5a4f9dfce89c278f9a37901b94cec70a046b3d037be583708c6de5a7fdb
550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b
6097e35ff68d3918e50c54c1a9ab72cc7ff05c6e3ecfe955c4de7736570231c1
64e8600b6afa91ba66f3347cda3dee00f5dc0ecb62f2ef50b39eb6b8813bbb23
6b918dd89fb6cc8190bee39e84cd937e028514ac3d07a81edfcec42060648024
6d1b4174cd9b8339c7388cf11727cb96978e7d22a08f82873b2308e74ba23443
75dd6120a037e15502cf60927f3bebdc328e4db0b3630a23225e2d3043c179f0
851d560816f4a85547f5b279c761a57139618defdb706a72f82491c3c02e068e
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8a44587a1086e8c429bd2ab6711c7285bb9303fc2042dff91c0c5aab3e5d9bdd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b77b5e19e1e66c212bed37e1eb124792d38c39d4430c95ccd7db76776ac7f3f1
c71864bd136a59b5f40864b6a6092847f314b08c776ebad050fbafe39ec9f59c
daea03251328b3befc089051524c284999d6f1337d20c78a3eed9e91182278b7
dc51e7f3b21e0109512b55ad7d39da6996bbe17dfd08220be81fc18b32d33422
dd28d2523db832fe0a0bc2f90f34ab5f095c09d0c2a6c10a8748b005b47c059c
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0f2ec9325ea02ae48a139e21790f69d729d4e0feb7671a3c4a479e721f4508
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77c7e1c8f859611d1200ee9a75eadbce02664f28a53b05807233e88deb82f65
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9c72687a5b4b636152f188c1012b7d33a2f9947f35784f671407d865d089296

sao185.wspox4.com Open in urlscan Pro 184.107.149.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

0 %IPv6

11 Domains

14 Subdomains

14 IPs

3 Countries

1637 kBTransfer

3318 kBSize

13 Cookies

2 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sao185.wspox4.com Open in urlscan Pro
184.107.149.198 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

14
IPs

3
Countries

1637 kB
Transfer

3318 kB
Size

13
Cookies

40 HTTP transactions
0 data transactions