urlscan.io logo urlscan.io
SecurityTrails logo

www.winner.com Open in urlscan Pro
2a02:26f0:64::214:84cb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://survey.winner.com/
Effective URL: https://www.winner.com/
Submission: On October 02 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 8 domains to perform 32 HTTP transactions. The main IP is 2a02:26f0:64::214:84cb, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is www.winner.com.
TLS certificate: Issued by DigiCert Secure Site ECC CA-1 on May 18th 2020. Valid for: a year.
This is the only time www.winner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    134.213.233.164 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)
survey.winner.com
offers.winner.com
14    2a02:26f0:64::214:84cb (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
www.winner.com
static.winner.com
1    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    94.190.159.132 (Estonia)

ASN43937 (PTNET, EE)
oapi.winner.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    18.130.114.88 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-114-88.eu-west-2.compute.amazonaws.com
mpsnare.iesnare.com
Domain Requested by
13 static.winner.com www.winner.com
www.googletagmanager.com
static.winner.com
7 offers.winner.com www.winner.com
2 mpsnare.iesnare.com static.winner.com
mpsnare.iesnare.com
2 connect.facebook.net static.winner.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.winner.com
2 survey.winner.com 2 redirects
1 www.facebook.com connect.facebook.net
1 oapi.winner.com static.winner.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com www.winner.com
1 ajax.googleapis.com www.winner.com
1 www.winner.com
32 12

This site contains links to these domains. Also see Links.

Domain
www.nethive.com
Subject Issuer Validity Valid
*.winner.com
DigiCert Secure Site ECC CA-1		 2020-05-18 -
2021-08-17		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
mpsnare.iesnare.com
DigiCert SHA2 High Assurance Server CA		 2020-04-08 -
2021-05-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.winner.com/
Frame ID: B7B963990387B0277E703A8E233C4705
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://survey.winner.com/ HTTP 301
    https://survey.winner.com/ HTTP 301
    https://www.winner.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

32
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

12
Subdomains

11
IPs

6
Countries

1097 kB
Transfer

2152 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://survey.winner.com/ HTTP 301
    https://survey.winner.com/ HTTP 301
    https://www.winner.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.winner.com/
Redirect Chain
  • http://survey.winner.com/
  • https://survey.winner.com/
  • https://www.winner.com/
99 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
836710f818b206d9d78c4c86b48aeef75bc40d8031305e97a49523c4aa5991d3

Request headers

:method
GET
:authority
www.winner.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
Apache
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
content-encoding
gzip
cache-control
private, max-age=512270
date
Fri, 02 Oct 2020 10:40:14 GMT
content-length
18260
set-cookie
_global=DE,FALKENSTEIN,low,1,0;Domain=.winner.com; Path=/;

Redirect headers

Server
Apache
Cache-control
private
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 02 Oct 2020 10:40:14 GMT
Location
https://www.winner.com/
Set-Cookie
X-Mapping-fjhppofk=79FE0B4154222725D4DFC19FC251FC87; path=/ SID=pw6; path=/
Content-Length
231
bundle.css
static.winner.com/wallet/registration/ 		179 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.winner.com/wallet/registration/bundle.css?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
7d2a9cd54bd45e228fe6f4e8a9c42b94fe806507982e1360f69444a4b9c49da8

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:14 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
100517
last-modified
Thu, 09 Jul 2020 14:49:45 GMT
server
Apache
etag
"2cd58-5aa0355d5fa78"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 09 Oct 2020 10:40:14 GMT
loader-login.gif
static.winner.com/offers/images/ 		604 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.winner.com/offers/images/loader-login.gif?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
92ce0928fa6f607987437d3b178c3d3d7273c5f74904d51e3a24f3fbaceae4a4

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:14 GMT
last-modified
Fri, 28 Apr 2017 08:07:56 GMT
server
Apache
status
200
etag
"25c-54e359234fa73"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
604
expires
Fri, 09 Oct 2020 10:40:14 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 01 Oct 2020 14:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74277
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Oct 2021 14:02:17 GMT
gtm.js
www.googletagmanager.com/ 		180 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ML9JVL5
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
859c7e3a512ca13c35fc55633f93ed78159c6ca8ed2a88951722470b2b537d1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:14 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83491
x-xss-protection
0
last-modified
Fri, 02 Oct 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Oct 2020 10:40:14 GMT
winner-logo-web.png
offers.winner.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.winner.com/images/winner-logo-web.png?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
134.213.233.164 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Apache /
Resource Hash
dfd36b79c18f7b8e3e3417f0a4e0abda72ab746e73fe7bda17a1e9e9fcbb1fd0

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 02 Oct 2020 10:40:14 GMT
Last-Modified
Thu, 27 Apr 2017 20:22:43 GMT
Server
Apache
ETag
"123e-54e2bb8221848"
Content-Type
image/png
Cache-control
private
Accept-Ranges
bytes
Content-Length
4670
lock-icon.jpg
offers.winner.com/images/ 		642 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.winner.com/images/lock-icon.jpg?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
134.213.233.164 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Apache /
Resource Hash
750b71fe988e0b5e2f7408a194238a982cce84a1391a8ed9c41c69bf9f5fefc9

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 02 Oct 2020 10:40:14 GMT
Last-Modified
Mon, 07 Aug 2017 14:01:23 GMT
Server
Apache
ETag
"282-5562a48356dae"
Content-Type
image/jpeg
Cache-control
private
Accept-Ranges
bytes
Content-Length
642
container_one_firstImg.jpg
offers.winner.com/images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.winner.com/images/container_one_firstImg.jpg?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
134.213.233.164 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Apache /
Resource Hash
0ca13816a835bbefd882a89a4a381b2acf23786bb14657ac4143a8bfa6b5b7f4

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 02 Oct 2020 10:40:14 GMT
Last-Modified
Mon, 07 Aug 2017 14:01:23 GMT
Server
Apache
ETag
"ffec-5562a48356dae"
Content-Type
image/jpeg
Cache-control
private
Accept-Ranges
bytes
Content-Length
65516
wn-lp-mid2.png
offers.winner.com/images/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.winner.com/images/wn-lp-mid2.png?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
134.213.233.164 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Apache /
Resource Hash
3898317d323284766c71f55c43bc586e4269af7a5ef49c3cf2ebb95647cb29da

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 02 Oct 2020 10:40:14 GMT
Last-Modified
Fri, 12 May 2017 22:48:32 GMT
Server
Apache
ETag
"98f4-54f5b813da105"
Content-Type
image/png
Cache-control
private
Accept-Ranges
bytes
Content-Length
39156
container_three_firstImg.jpg
offers.winner.com/images/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.winner.com/images/container_three_firstImg.jpg?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
134.213.233.164 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Apache /
Resource Hash
fcc3554a3b7426dca38e5963f07b97f3bbbd4b1bb4756d6814a607429cc97ac7

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 02 Oct 2020 10:40:14 GMT
Last-Modified
Thu, 27 Apr 2017 00:21:59 GMT
Server
Apache
ETag
"148c4-54e1af200fc59"
Content-Type
image/jpeg
Cache-control
private
Accept-Ranges
bytes
Content-Length
84164
top_logos_winner.png
offers.winner.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.winner.com/images/top_logos_winner.png?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
134.213.233.164 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Apache /
Resource Hash
9e07ba0da19a75ce5b47dbeae62480acc595d17b4abefb2e950d73398d666fcb

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 02 Oct 2020 10:40:14 GMT
Last-Modified
Thu, 27 Apr 2017 20:22:43 GMT
Server
Apache
ETag
"2805-54e2bb8221848"
Content-Type
image/png
Cache-control
private
Accept-Ranges
bytes
Content-Length
10245
payment_dark.png
offers.winner.com/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offers.winner.com/images/payment_dark.png?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
134.213.233.164 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Apache /
Resource Hash
1e27ce8fdea4ce6ac0da27f32e0e04eb60fc2533a3153ec06a0a212a42ca3cab

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 02 Oct 2020 10:40:14 GMT
Last-Modified
Thu, 27 Apr 2017 20:22:43 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"21dc-54e2bb8221848"
Content-Length
8668
Content-Type
image/png
GothamBook.ttf
static.winner.com/utils/fonts/gotham/ 		65 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.winner.com/utils/fonts/gotham/GothamBook.ttf
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
2567d7a267a93cdab7551a40a838d0057d3d02685746c445278d6de182d32c1a

Request headers

Origin
https://www.winner.com
Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 02 Oct 2020 10:40:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
31638
Last-Modified
Wed, 16 Aug 2017 15:26:33 GMT
Server
Apache
ETag
"104f4-556e085530fd8"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/font-sfnt
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=604800
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Fri, 09 Oct 2020 10:40:14 GMT
wl_winner_de_DE.js
static.winner.com/wallet/registration/ 		387 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.winner.com/wallet/registration/wl_winner_de_DE.js?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
f986462572b73d2ea6008037328becff49fdd37b61129f85902cdffec50062d4

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:14 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
115353
last-modified
Thu, 09 Jul 2020 14:49:45 GMT
server
Apache
etag
"60cce-5aa0355dca3d8"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
private, max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 09 Oct 2020 10:40:14 GMT
integration.js.php
static.winner.com/login/jswrapper/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.winner.com/login/jswrapper/integration.js.php?casino=winnercasino&min=1
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
10b306624919ed24eb286b5271dd06696a1077bf2c3b25f7cbb6033ea662a4c0

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:14 GMT
content-encoding
gzip
server
Apache
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
9651
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML9JVL5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
394
date
Fri, 02 Oct 2020 10:33:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Fri, 02 Oct 2020 12:33:40 GMT
gdpr-cookies.js
static.winner.com/utils/api-login/media/js/ 		71 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.winner.com/utils/api-login/media/js/gdpr-cookies.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML9JVL5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
ca6265ec60f30cae276798ca9f47abf5b9a33a54c523102fe2880a3daa887c16

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:14 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
17814
last-modified
Mon, 20 Jan 2020 14:18:47 GMT
server
Apache
etag
"11ba5-59c92f837d407-gzip"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
private, max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 09 Oct 2020 10:40:14 GMT
mts.min.js
static.winner.com/utils/api-login/media/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.winner.com/utils/api-login/media/js/mts.min.js
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
54bd2d84e1ea7dc514416c13bb429ae66e6faac58084f94d6d2e0d9400352b0d

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:14 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
5786
last-modified
Thu, 22 Aug 2019 09:37:07 GMT
server
Apache
etag
"459e-590b16edf7cf4-gzip"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
private, max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 09 Oct 2020 10:40:14 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-39989342-27&cid=216007701.1601635215&jid=1309960531&gjid=954986799&_gid=29904290.1601635215&_u=YGBAgAABAAAAAE~&z=1977507589
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 02 Oct 2020 10:40:14 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.winner.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=1628972248&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winner.com%2F&ul=en-us&de=UTF-8&dt=Willkommen%20bei%20Winner%20Casino%2C%20Slots%20und%20Games&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1309960531&gjid=954986799&cid=216007701.1601635215&tid=UA-39989342-27&_gid=29904290.1601635215&gtm=2wg9n1ML9JVL5&z=1603246504
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Oct 2020 15:30:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69010
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fbLoginWPL3_new.php
static.winner.com/utils/registration/ 		107 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.winner.com/utils/registration/fbLoginWPL3_new.php?v=8.14&lang=DE
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
b40849667a763860b3bc529a1ad88342d7e219a41b8c32a146b294e8d30575a7

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:14 GMT
content-encoding
gzip
server
Apache
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, max-age=343224
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
23343
/
oapi.winner.com/socket.io/1/ 		64 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oapi.winner.com/socket.io/1/?t=1601635214825
Requested by
Host: static.winner.com
URL: https://static.winner.com/wallet/registration/wl_winner_de_DE.js?v=1708041653
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.190.159.132 , Estonia, ASN43937 (PTNET, EE),
Reverse DNS
Software
/
Resource Hash
def4b1377f5d7b8f61596b63785b9831b14c38ad1481dc67c7508889c6433035

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
https://www.winner.com
access-control-allow-credentials
true
connection
keep-alive
content-length
64
content-type
text/plain; charset=UTF-8
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: static.winner.com
URL: https://static.winner.com/utils/registration/fbLoginWPL3_new.php?v=8.14&lang=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
282fdfccd373be2750c954777e3ebe88514571e537875a4d15e960d6ab3e5fcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
y3WZ4y7MJcUnaL5jk7SkNw==
status
200
cross-origin-resource-policy
cross-origin
expires
Fri, 02 Oct 2020 10:52:43 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1777
etag
"7494bbe0d25acc11a9391d5cc0887038"
x-fb-debug
Udja7haQ2Ab+kdqOBZdpyNjfE4EKGNEgm+rQqfKyxsnxATY2SMxL6L18CPHWY8jRzOLqxzo522g2IxQMXWtaOg==
x-fb-trip-id
664085054
x-fb-content-md5
28d43e51432988aabadb0d3011aa026a
date
Fri, 02 Oct 2020 10:40:14 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
sdk.js
connect.facebook.net/en_US/ 		201 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=aafd728bb5a69c5936ed5e128bb763c5&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d33805de84bc926c23f017df78f4508e80b97fcce96e84909baa4f72807d9bdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.winner.com
Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
bV7pqFXYfRHwiRjfs150kA==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
62348
etag
"2a493b2169b9e55d2fa9f15a7b8d7c9e"
x-fb-debug
kMWohA0px1LQsrUrqPhTd16GVkha6ocfIykslgZNWuN50dK0bnPNpZfq5agxsi9nik8M5A6TG+AKrXlSvML+EA==
x-fb-trip-id
664085054
x-fb-content-md5
a60c125b87c170acff942b4354a1a97c
x-frame-options
DENY
date
Fri, 02 Oct 2020 10:40:14 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sat, 02 Oct 2021 08:37:41 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=909911385738393&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.winner.com%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=aafd728bb5a69c5936ed5e128bb763c5&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
muOjMUofWAQxtlr6YcZGpgxsdfunu1eP7O/iebtHi0IMpYUDlb1Lqpt9CF2AfsGh/0/5g3qubAMxrsMSmsR6ig==
fb-s
unknown
status
200
date
Fri, 02 Oct 2020 10:40:14 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.winner.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
flags.css
static.winner.com/wallet/registration/ 		72 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.winner.com/wallet/registration/flags.css?v=1594305480941
Requested by
Host: static.winner.com
URL: https://static.winner.com/wallet/registration/wl_winner_de_DE.js?v=1708041653
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
e09ccdf248893476b80e4c0efa695d5128e5dd1043841cd32f4b7e20b94d2db7

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:15 GMT
content-encoding
gzip
vary
Accept-Encoding
status
200
content-length
49765
last-modified
Tue, 19 Jun 2018 11:09:50 GMT
server
Apache
etag
"11e08-56efcb8874519"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
private, max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 09 Oct 2020 10:40:15 GMT
truncated
/ 		457 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61d6afba42dd1194296d9d15ee3c2c7e275a38fb8b79695406f1a4e6d8c96491

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		412 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d108115cc6f9aafe5cc35beb7074ef5c35bdd414e5c4abd086230f99ccd17b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
snare.js
mpsnare.iesnare.com/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mpsnare.iesnare.com/snare.js?ver=1594305480941
Requested by
Host: static.winner.com
URL: https://static.winner.com/wallet/registration/wl_winner_de_DE.js?v=1708041653
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.114.88 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-114-88.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8c882ed79e11c957598387dbc51be4793ead21e7fe857d1a0eb2f7166c3bdd48
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Oct 2020 10:40:16 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
p3p
CP="NON DSP COR CURa"
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Expires
0
truncated
/ 		46 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e54e3a5952079129779d803ba91d24bcf8b12a323ddc823d50a0619deee3a166

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
logo.js
mpsnare.iesnare.com/script/ 		96 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mpsnare.iesnare.com/script/logo.js
Requested by
Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/snare.js?ver=1594305480941
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.114.88 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-114-88.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6fe553c7af417d01f5fe2f757765dbab97ce9a8526ddff35dae90bdf272dc274
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 02 Oct 2020 10:40:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 May 2014 00:01:40 GMT
Accept-CH
ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security
max-age=15552000; includeSubDomains
p3p
CP="NON DSP COR CURa"
Cache-Control
private
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Server
nginx
Expires
Sat, 2 Oct 2021 10:40:16 GMT
container_one_secondImg.jpg
static.winner.com/offers/images/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.winner.com/offers/images/container_one_secondImg.jpg?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
3d3afdd6090e0fe70052107eef9e26f9958e935db38ec28ec628c6ff4c9fe635

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:20 GMT
last-modified
Fri, 28 Apr 2017 08:07:56 GMT
server
Apache
status
200
etag
"1479a-54e359234d74b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
83866
expires
Fri, 09 Oct 2020 10:40:20 GMT
container_three_secondImg.jpg
static.winner.com/offers/images/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.winner.com/offers/images/container_three_secondImg.jpg?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
7b8aa878ff05e2e475dd0d3783b08def6a38d879ca456c396c728584b7cd5d56

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:20 GMT
last-modified
Fri, 28 Apr 2017 08:07:56 GMT
server
Apache
status
200
etag
"12db9-54e359234ead3"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
77241
expires
Fri, 09 Oct 2020 10:40:20 GMT
container_one_thirdImg.jpg
static.winner.com/offers/images/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.winner.com/offers/images/container_one_thirdImg.jpg?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
fcac8fd97263836b25a2fde4c97baeb8ac8c59933ef62cef3d0709a264d57fc7

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:25 GMT
last-modified
Fri, 28 Apr 2017 08:07:56 GMT
server
Apache
status
200
etag
"dea2-54e359234db33"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
56994
expires
Fri, 09 Oct 2020 10:40:25 GMT
container_three_thirdImg.jpg
static.winner.com/offers/images/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.winner.com/offers/images/container_three_thirdImg.jpg?v=1708041653
Requested by
Host: www.winner.com
URL: https://www.winner.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:84cb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
e4e2708fbb992077153a46742e1611710482d3e264c7680f9eece0a47f288eaa

Request headers

Referer
https://www.winner.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 10:40:25 GMT
last-modified
Fri, 28 Apr 2017 08:07:56 GMT
server
Apache
status
200
etag
"1827a-54e359234f68b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
98938
expires
Fri, 09 Oct 2020 10:40:25 GMT

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| rewriteAdvCookie function| readAdvCookie object| queryDict string| newAdvCookie undefined| getTheVar object| dataLayer string| offerCodeId string| defaultTrackingTemplate function| $ function| jQuery function| LPafterRegComplete function| highLightRegForm function| doRegistration function| setCookie object| regSettings number| mlcounter object| translations object| translations_titles function| showExitIntentMessage function| doRegister function| trackExitIntent function| addCookieValue object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| fbLang string| enableReg function| loadFbLoginScript number| loadFbScriptIntervalCounter number| loadFbScriptInterval object| mtsScript string| seolink object| $jscomp function| replaceImsDomain string| iapiVersion number| iapiERR_OK number| iapiERR_NOK number| iapiERR_BLOCKED string| iapiCALLOUT_LOGIN string| iapiCALLOUT_EMAILLOGIN string| iapiCALLOUT_TEMPORARYTOKEN string| iapiCALLOUT_LOGINANDGETTEMPTOKEN string| iapiCALLOUT_EMAILLOGINANDGETTEMPTOKEN string| iapiCALLOUT_SESSIONVALIDATION string| iapiCALLOUT_MESSAGES string| iapiCALLOUT_SUBMITDIALOG string| iapiCALLOUT_FORGOTPASSWORD string| iapiCALLOUT_STARTFORGOTEMAIL string| iapiCALLOUT_COMPLETEFORGOTEMAIL string| iapiCALLOUT_ONLINEFORGOTPASSWORD string| iapiCALLOUT_GETLOGGEDINPLAYER string| iapiCALLOUT_KEEPALIVE string| iapiCALLOUT_LOGOUT string| iapiCALLOUT_GETURLS number| iapiEVENT_TIMER string| STOCK_AUTH_PHONE_NUMBER object| iapiUsername object| iapiPassword object| iapiEmail object| iapiAdminUsername number| iapiRealMode object| iapiAuthenticationType string| iapiDivname string| iapiIframename string| iapiRealCookieIframe string| iapiFunCookieIframe number| iapiGetLoggedInPlayerRequestIdReal number| iapiGetLoggedInPlayerRequestIdFun object| iapiClientParams number| iapiWaitingMessagesId object| iapiRememberMeLogin object| iapiCalloutFunctions object| iapiRequestIds boolean| iapiLoginSuccess number| iapiSessionValid object| iapiNextLogin boolean| iapiLoginModeDownload boolean| iapiLoginModeFlash object| iapiFlashLoginClientType object| iapiFlashLoginGameType boolean| iapiMessagesSupported boolean| iapiMessagesAnswered object| iapiLoginTypes function| iapiLogin function| iapiEmailLogin function| iapiLoginExternalToken function| iapiLoginUsernameExternalToken function| iapiLoginAdminUsername function| iapiLoginSessionToken function| iapiLoginCryptoToken function| iapiLoginNickname function| iapiLoginIdTokenCodeAndPin function| iapiLoginPrintedIdTokenCodeAndPin function| iapiLoginUsernameAndPin function| iapiLoginIdTokenCodeAndPassword function| iapiLaunchClient function| iapiSetClientParams function| NoSystemId function| iapiRequestTemporaryToken function| iapiLoginAndGetTempToken function| iapiEmailLoginAndGetTempToken function| iapiLoginExternalTokenAndGetTempToken function| iapiDownloadLogin function| iapiDownloadEmailLogin function| iapiFlashLogin function| iapiFlashEmailLogin function| iapiLogout function| iapiSetCallout function| iapiGetWaitingMessages function| iapiAcceptPendingLimits function| iapiBonusConfirmation function| iapiValidateTCVersion function| iapiValidatePasswordChange function| iapiValidateConfirmationToken function| iapiValidateBirthdateToken function| iapiValidateActivationCode function| iapiValidatePinChange function| iapiValidatePinToken function| iapiForgotPassword function| iapiStartForgotEmail function| iapiCompleteForgotEmail function| iapiOnlineForgotPassword function| iapiGetLoggedInPlayer function| iapiKeepAlive function| iapiGetUrls function| iapiSetAuthenticationType function| iapiSetClientSkin function| iapiSetClientType function| iapiSetClientUrl function| iapiSetClientVersion function| iapiSetClientChannel function| iapiSetGameType function| iapiSetGameTypePrefix function| iapiSetClientPlatform function| iapiSetSystemId function| iapiSetServiceType function| iapiSetLanguageCode function| iapiSetCallId function| iapiSetDeliveryPlatform function| iapiSetDeviceBrowser function| iapiSetOsName function| iapiSetOsVersion function| iapiSetDeviceId function| iapiSetDeviceType function| iapiSetDeviceFamily function| iapiSetSoftSerial function| iapiSetIovationBlackbox function| iapiEnableUserErrors function| iapiCallbackWaitingMessages function| iapiBaseLogin function| iapiContinueLogin function| iapiWriteClientCookie function| iapiCreateDiv function| iapiCreateIframe function| iapiPost function| iapiPostWindow function| iapiMakeRedirectRequest number| storageAvailableResolved function| isStorageAvailable function| isPostMessagesDisabled function| iapiAppendContextParameters function| iapiJsonp function| iapiGet function| iapiAddUrlParams function| iapiLoginFailedActions function| iapiTokenFailedActions function| iapiCheckNextLogin function| iapiDownloadHtcmd function| iapiRedirectCallback function| iapiRequestFailed function| iapiRegisterRequestId function| iapiGetRequest function| iapiClearRedirectRequests function| iapiHasRedirectRequest function| initMessageListener function| iapiOnMessage function| iapiGetCookie function| encodeHTML function| encodeURL function| removeHex function| getCurrentDomain function| sleep object| iapiConf object| noSystemId object| mts object| gaplugins object| gaGlobal object| gaData object| cookieconsent function| showCookiesPopBar function| onError function| getContext function| requirejs function| require function| define object| io function| _ boolean| WEB_SOCKET_DISABLE_AUTO_INITIALIZATION object| requireConfig function| Store object| Log object| loader function| reloadAffData object| fbLogin function| jBone function| fbAsyncInit function| doFbRegistration object| FB undefined| isFirst function| fixMenuChat function| fixMenuLoginBind function| changeClientType function| hubLogin string| _i_a string| localObjectName function| __if_a function| __if_b function| __if_c object| _i_d object| _i_o object| _i_z object| _i_aa object| _i_ac object| _i_cr function| __if_d object| io_adp function| __if_e object| _i_dt function| __if_f function| iov_fl_cb function| iov_fl_fn function| iov_fl_get_value function| __if_g object| io_dp function| __if_h function| ioGetBlackbox object| io_cm function| __if_i object| _i_fm object| _i_fn object| _i_fo object| _i_dl object| _i_fp function| __if_j function| __if_k number| _i_fq function| __if_l number| _i_fs function| __if_m string| io_last_error object| IGLOO boolean| io_install_stm boolean| io_install_flash number| io_exclude_stm string| io_stm_cab_url string| io_install_stm_error_handler string| io_flash_needs_update_handler boolean| io_enable_rip object| io_flash_blacklist object| io_flash_whitelist string| io_min_flash_in_firefox_version string| io_min_flash_in_firefox_linux_version string| io_min_flash_version string| _i_dw number| _i_g number| _i_bl

6 Cookies

Domain/Path Name / Value
.winner.com/ Name: _dc_gtm_UA-39989342-27
Value: 1
.winner.com/ Name: banner_click
Value: defaultwn%2C%2C%2C%2Cchannel%3A%3Bvar1%3A%3Bvar2%3A%3Bsource%3A%3Badmap%3A%3Blp_id%3A%3Bgclid%3A%3Blpofferid%3Adefault%3B
.winner.com/ Name: _ga
Value: GA1.2.216007701.1601635215
.winner.com/ Name: banner_domainclick
Value: defaultwn%2C%2C%2C%2Cchannel%3A%3Bvar1%3A%3Bvar2%3A%3Bsource%3A%3Badmap%3A%3Blp_id%3A%3Bgclid%3A%3Blpofferid%3Adefault%3B
.winner.com/ Name: _gid
Value: GA1.2.29904290.1601635215
.winner.com/ Name: _global
Value: DE,FALKENSTEIN,low,1,0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
mpsnare.iesnare.com
oapi.winner.com
offers.winner.com
static.winner.com
stats.g.doubleclick.net
survey.winner.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.winner.com
134.213.233.164
18.130.114.88
2a00:1450:4001:817::200a
2a00:1450:4001:81a::2008
2a00:1450:4001:820::200e
2a00:1450:400c:c08::9d
2a02:26f0:64::214:84cb
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
94.190.159.132
0ca13816a835bbefd882a89a4a381b2acf23786bb14657ac4143a8bfa6b5b7f4
10b306624919ed24eb286b5271dd06696a1077bf2c3b25f7cbb6033ea662a4c0
1e27ce8fdea4ce6ac0da27f32e0e04eb60fc2533a3153ec06a0a212a42ca3cab
2567d7a267a93cdab7551a40a838d0057d3d02685746c445278d6de182d32c1a
282fdfccd373be2750c954777e3ebe88514571e537875a4d15e960d6ab3e5fcd
3898317d323284766c71f55c43bc586e4269af7a5ef49c3cf2ebb95647cb29da
3d3afdd6090e0fe70052107eef9e26f9958e935db38ec28ec628c6ff4c9fe635
54bd2d84e1ea7dc514416c13bb429ae66e6faac58084f94d6d2e0d9400352b0d
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
61d6afba42dd1194296d9d15ee3c2c7e275a38fb8b79695406f1a4e6d8c96491
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fe553c7af417d01f5fe2f757765dbab97ce9a8526ddff35dae90bdf272dc274
750b71fe988e0b5e2f7408a194238a982cce84a1391a8ed9c41c69bf9f5fefc9
7b8aa878ff05e2e475dd0d3783b08def6a38d879ca456c396c728584b7cd5d56
7d2a9cd54bd45e228fe6f4e8a9c42b94fe806507982e1360f69444a4b9c49da8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836710f818b206d9d78c4c86b48aeef75bc40d8031305e97a49523c4aa5991d3
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
859c7e3a512ca13c35fc55633f93ed78159c6ca8ed2a88951722470b2b537d1b
8c882ed79e11c957598387dbc51be4793ead21e7fe857d1a0eb2f7166c3bdd48
92ce0928fa6f607987437d3b178c3d3d7273c5f74904d51e3a24f3fbaceae4a4
9e07ba0da19a75ce5b47dbeae62480acc595d17b4abefb2e950d73398d666fcb
a0d108115cc6f9aafe5cc35beb7074ef5c35bdd414e5c4abd086230f99ccd17b
b40849667a763860b3bc529a1ad88342d7e219a41b8c32a146b294e8d30575a7
ca6265ec60f30cae276798ca9f47abf5b9a33a54c523102fe2880a3daa887c16
d33805de84bc926c23f017df78f4508e80b97fcce96e84909baa4f72807d9bdf
def4b1377f5d7b8f61596b63785b9831b14c38ad1481dc67c7508889c6433035
dfd36b79c18f7b8e3e3417f0a4e0abda72ab746e73fe7bda17a1e9e9fcbb1fd0
e09ccdf248893476b80e4c0efa695d5128e5dd1043841cd32f4b7e20b94d2db7
e4e2708fbb992077153a46742e1611710482d3e264c7680f9eece0a47f288eaa
e54e3a5952079129779d803ba91d24bcf8b12a323ddc823d50a0619deee3a166
f986462572b73d2ea6008037328becff49fdd37b61129f85902cdffec50062d4
fcac8fd97263836b25a2fde4c97baeb8ac8c59933ef62cef3d0709a264d57fc7
fcc3554a3b7426dca38e5963f07b97f3bbbd4b1bb4756d6814a607429cc97ac7