thewinnersfr.online Open in urlscan Pro
143.204.98.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://stone.jgassoc.com/knj18cbbbcCQ63yccmJJHcxHnscGchxcpc46sNgDttcbbb4Q
Effective URL:
https://thewinnersfr.online/
Submission: On June 06 via manual (June 6th 2022, 10:13:04 pm UTC) from FR — Scanned from FR

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 13 domains to perform 19 HTTP transactions. The main IP is 143.204.98.103, located in United States and belongs to AMAZON-02, US. The main domain is thewinnersfr.online.
TLS certificate: Issued by Amazon on April 21st 2022. Valid for: a year.

This is the only time thewinnersfr.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	212.192.8.197 212.192.8.197	211252 (AS_DELIS) (AS_DELIS)
1 1	185.95.85.91 185.95.85.91	51559 (NETINTERN...) (NETINTERNET Netinternet Bilisim Teknolojileri AS)
1 1	34.117.79.165 34.117.79.165	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.241.31.206 35.241.31.206	15169 (GOOGLE) (GOOGLE)
1 1	35.190.66.152 35.190.66.152	15169 (GOOGLE) (GOOGLE)
1 8	143.204.98.103 143.204.98.103	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:3e94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
19	8

1 212.192.8.197 (Russian Federation) 1 redirects

ASN211252 (AS_DELIS, US)
PTR: stone.jgassoc.com

stone.jgassoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.95.85.91 (Turkey) 1 redirects

ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: 22342.domain.com

www.affordableserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.79.165 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.79.117.34.bc.googleusercontent.com

www.hypertr4ffic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.31.206 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 206.31.241.35.bc.googleusercontent.com

www.ldcrixtrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.66.152 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 152.66.190.35.bc.googleusercontent.com

www.smart8digital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.98.103 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-103.fra50.r.cloudfront.net

thewinnersfr.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:3e94 (United States)

ASN13335 (CLOUDFLARENET, US)

flagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	thewinnersfr.online 1 redirects thewinnersfr.online	194 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	2 KB
2	gstatic.com fonts.gstatic.com	60 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 818	27 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	442 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	297 B
1	flagcdn.com flagcdn.com — Cisco Umbrella Rank: 52239	765 B
1	smart8digital.com 1 redirects www.smart8digital.com	501 B
1	ldcrixtrack.com 1 redirects www.ldcrixtrack.com	459 B
1	hypertr4ffic.com 1 redirects www.hypertr4ffic.com	444 B
1	affordableserve.com 1 redirects www.affordableserve.com	582 B
1	jgassoc.com 1 redirects stone.jgassoc.com	279 B
19	13

	Domain	Requested by
8	thewinnersfr.online	1 redirects thewinnersfr.online
3	fonts.googleapis.com	thewinnersfr.online
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	thewinnersfr.online www.google-analytics.com
2	use.fontawesome.com	thewinnersfr.online use.fontawesome.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.facebook.com	thewinnersfr.online
1	flagcdn.com	thewinnersfr.online
1	www.smart8digital.com	1 redirects
1	www.ldcrixtrack.com	1 redirects
1	www.hypertr4ffic.com	1 redirects
1	www.affordableserve.com	1 redirects
1	stone.jgassoc.com	1 redirects
19	13

This site contains no links.

Subject Issuer	Validity	Valid
thewinners-uk.online Amazon	`2022-04-21` - `2023-05-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-16` - `2022-06-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://thewinnersfr.online/
Frame ID: 30030E96313B54B6D6BB85E0BE1AFA89
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Carte cadeau InterMarché

Page URL History Show full URLs

http://stone.jgassoc.com/knj18cbbbcCQ63yccmJJHcxHnscGchxcpc46sNgDttcbbb4Q HTTP 302
https://www.affordableserve.com/4ms7wlg/w3qr5n7/?sub1=35_511851_2628822&sub2=278_1367480_3588977_11&sub3=620... HTTP 302
https://www.hypertr4ffic.com/24QSBG/B9GDQ9P/?source_id=2265&sub1=f2ba6916d64f4502acff00b35704765a HTTP 302
https://www.ldcrixtrack.com/2GXK7W/3DM5ZT5/?sub1=25_2265&sub2=&sub3=b205db6e9b06455e895458d00ea37b16 HTTP 302
https://www.smart8digital.com/7BZ2W/6JHXF/?uid=2577&sub1=25_2265&sub2=&sub3=5366e068d08f414da7393a0981f8a7... HTTP 302
https://thewinnersfr.online/o/3D2237C2?clickid=f26d006f3cd04d46b3ac9054e0640ef3&subid=25_2265&sourceid=&... HTTP 302
https://thewinnersfr.online/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

19
Requests

100 %
HTTPS

54 %
IPv6

13
Domains

13
Subdomains

8
IPs

5
Countries

303 kB
Transfer

614 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://stone.jgassoc.com/knj18cbbbcCQ63yccmJJHcxHnscGchxcpc46sNgDttcbbb4Q HTTP 302
https://www.affordableserve.com/4ms7wlg/w3qr5n7/?sub1=35_511851_2628822&sub2=278_1367480_3588977_11&sub3=620296163 HTTP 302
https://www.hypertr4ffic.com/24QSBG/B9GDQ9P/?source_id=2265&sub1=f2ba6916d64f4502acff00b35704765a HTTP 302
https://www.ldcrixtrack.com/2GXK7W/3DM5ZT5/?sub1=25_2265&sub2=&sub3=b205db6e9b06455e895458d00ea37b16 HTTP 302
https://www.smart8digital.com/7BZ2W/6JHXF/?uid=2577&sub1=25_2265&sub2=&sub3=5366e068d08f414da7393a0981f8a7a8&sub4=&sub5= HTTP 302
https://thewinnersfr.online/o/3D2237C2?clickid=f26d006f3cd04d46b3ac9054e0640ef3&subid=25_2265&sourceid=&sub4=&sub5=&data=199.48.45.392.222.212.181.164.22.1846646254.1654553577.1586856147 HTTP 302
https://thewinnersfr.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
thewinnersfr.online/
Redirect Chain

http://stone.jgassoc.com/knj18cbbbcCQ63yccmJJHcxHnscGchxcpc46sNgDttcbbb4Q
https://www.affordableserve.com/4ms7wlg/w3qr5n7/?sub1=35_511851_2628822&sub2=278_1367480_3588977_11&sub3=620296163
https://www.hypertr4ffic.com/24QSBG/B9GDQ9P/?source_id=2265&sub1=f2ba6916d64f4502acff00b35704765a
https://www.ldcrixtrack.com/2GXK7W/3DM5ZT5/?sub1=25_2265&sub2=&sub3=b205db6e9b06455e895458d00ea37b16
https://www.smart8digital.com/7BZ2W/6JHXF/?uid=2577&sub1=25_2265&sub2=&sub3=5366e068d08f414da7393a0981f8a7a8&sub4=&sub5=
https://thewinnersfr.online/o/3D2237C2?clickid=f26d006f3cd04d46b3ac9054e0640ef3&subid=25_2265&sourceid=&sub4=&sub5=&data=199.48.45.392.222.212.181.164.22.1846646254.1654553577.1586856147
https://thewinnersfr.online/

10 KB
4 KB

427ms
427ms

Document
text/html

143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thewinnersfr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-103.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e23315ee3eb3c4da5cd9c1d991235bc766f4d88efccf811a466cec522ed88aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: max-age=0, must-revalidate, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 06 Jun 2022 22:12:58 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-amz-cf-id: 5fkDefbJAyuLyw8IRx8L69WnYAaFwjsmWiJtdOUL716BlifOqKi_5w==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, must-revalidate, private
content-type: text/html; charset=UTF-8
date: Mon, 06 Jun 2022 22:12:57 GMT
location: /
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-amz-cf-id: GG27F9qX2A1RLSsTWV_-49riQJbdhTJR--AjvcARQufa8og8VmmPgw==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 index.css
thewinnersfr.online/lp/giftcard-inter-marche.src/ 165 KB
20 KB 73ms
73ms Stylesheet
text/css 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thewinnersfr.online/lp/giftcard-inter-marche.src/index.css?1654553578

Requested by

Host: thewinnersfr.online
URL: https://thewinnersfr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-103.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b170efed95e08fe6470bb45ff2d2aefee0608784417de4b92486929bfa4c619b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 22:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 May 2022 15:18:32 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"627bd3c8-295f0"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-amz-cf-id: 8ekO3VCAdZ_jtehsWHDxspJ-5cQd7YDeKtcspXBCR4XY4k8cQSqExw==
x-xss-protection: 1; mode=block

GET
H2 200 index.js Show response
thewinnersfr.online/lp/giftcard-inter-marche.src/ 95 KB
28 KB 59ms
59ms Script
application/javascript 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thewinnersfr.online/lp/giftcard-inter-marche.src/index.js?1654553578

Requested by

Host: thewinnersfr.online
URL: https://thewinnersfr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-103.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c2fef0b8d9dad01f8786935ceb80ba704df2d28f1e8540618f7126b465f4c684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 22:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 May 2022 15:18:32 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"627bd3c8-17a81"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-amz-cf-id: mkB_Yn_cJ6h05oGBGDF5h6wpk3pWUesYXhMxzv8vmnPFkDjIBrbwlw==
x-xss-protection: 1; mode=block

GET
H2 200 logo.png
thewinnersfr.online/lp/giftcard-inter-marche.src/img/ 2 KB
2 KB 67ms
66ms Image
image/png 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinnersfr.online/lp/giftcard-inter-marche.src/img/logo.png

Requested by

Host: thewinnersfr.online
URL: https://thewinnersfr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-103.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

23ac5486ff5140bb689a3fea726d12052769e355542338a0974af5048d8d1128

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 22:12:58 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 10 May 2022 14:32:10 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "627a776a-7db"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
content-length: 2011
x-xss-protection: 1; mode=block
x-amz-cf-id: 6x2-fdKWLH-QGga8SetZPBrLpV0YavOw7ElHLp5mcvQg7Gqh2B3xKQ==

GET
H2 200 card.png
thewinnersfr.online/lp/giftcard-inter-marche.src/img/ 42 KB
42 KB 59ms
59ms Image
image/png 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinnersfr.online/lp/giftcard-inter-marche.src/img/card.png

Requested by

Host: thewinnersfr.online
URL: https://thewinnersfr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-103.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

41416cef448cf05eb5153ab73103fd7eafe5f1ef57e2d805c8a2548057bba2af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 22:12:58 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 10 May 2022 14:32:10 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "627a776a-a60a"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
content-length: 42506
x-xss-protection: 1; mode=block
x-amz-cf-id: aaWG_fs4c0l1SlCXkE1zL_cBKWPbAOMNzw6HHWVyRLcR_Mdh7aujaA==

GET
H2 200 paycards.png
thewinnersfr.online/lp/_global/img/ 38 KB
39 KB 82ms
81ms Image
image/png 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinnersfr.online/lp/_global/img/paycards.png

Requested by

Host: thewinnersfr.online
URL: https://thewinnersfr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-103.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

bcbba6b1642f8d581cca594275c19501804c452b19376f27ffada1d5141c8389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 22:12:58 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 03 Aug 2021 20:40:22 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "6109a9b6-9951"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
content-length: 39249
x-xss-protection: 1; mode=block
x-amz-cf-id: OiBKbOTcmwshy7iwYkoLJxhn_3sLBA02EhdUQPTxXq0giaqZzwuVHg==

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 100ms
36ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese

Requested by

Host: thewinnersfr.online
URL: https://thewinnersfr.online/lp/giftcard-inter-marche.src/index.css?1654553578

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15c55b700a8d338a5982fb2b3bbb2585daa6e152c3c84a3a0bedaaee222125ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 22:12:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Jun 2022 22:12:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Jun 2022 22:12:58 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
12 KB 86ms
36ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: thewinnersfr.online
URL: https://thewinnersfr.online/lp/giftcard-inter-marche.src/index.css?1654553578
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 22:12:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8806050
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7CJ11TBJNFNSGNFK
x-amz-id-2: UGVF6jpo0N7lHgyaA9rOpulGxlzWPWJdOCHitLiN7D4CCRr8NYLyQalEfDpLVcnTXxIjkmtv/bc=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkWqjD50VJEr4Z9IqfB%2Fih%2B22JcNODlV33Z%2FzbvVLRyUQofhPMhNA1Klb9XumcVI6C26rYEcvOxSqiV42Wq6EqyBOolP7bi3lbjsRu7FDOcvxXL0Ohg2frGYrvcoysvBUIHr32q5TZ6esyiYYSCJuh%2F8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 71747e1ad98d9999-CDG

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
923 B 102ms
38ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Requested by

Host: thewinnersfr.online
URL: https://thewinnersfr.online/lp/giftcard-inter-marche.src/index.css?1654553578

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 21:51:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Jun 2022 22:12:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Jun 2022 22:12:58 GMT

GET
H2 400 css2
fonts.googleapis.com/ 0
0 98ms
35ms Stylesheet
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=Arima+Madurai:wght@100200300400500700800900&display=swap
Requested by: Host: thewinnersfr.online
URL: https://thewinnersfr.online/lp/giftcard-inter-marche.src/index.css?1654553578
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 101ms
27ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: thewinnersfr.online
URL: https://thewinnersfr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2292
date: Mon, 06 Jun 2022 21:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Jun 2022 23:34:46 GMT

GET
H2 200 bg.jpeg
thewinnersfr.online/lp/giftcard-inter-marche.src/img/ 58 KB
58 KB 54ms
54ms Image
image/jpeg 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinnersfr.online/lp/giftcard-inter-marche.src/img/bg.jpeg

Requested by

Host: thewinnersfr.online
URL: https://thewinnersfr.online/lp/giftcard-inter-marche.src/index.css?1654553578

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-103.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e6bbcc485e89931568aa6653b55136a2c99cfabd8eeb5b1dbea5116716a304e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/lp/giftcard-inter-marche.src/index.css?1654553578
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 22:12:58 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 10 May 2022 14:32:10 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "627a776a-e7f8"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/jpeg
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
content-length: 59384
x-xss-protection: 1; mode=block
x-amz-cf-id: tYamgK3IzWIsZphRQF0b_nYfDu-W2R3svDdgfGnuNnJ9_oAfHmvp0Q==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 93ms
34ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thewinnersfr.online
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 35780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 12:16:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 83ms
26ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thewinnersfr.online
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 19:11:08 GMT
x-content-type-options: nosniff
age: 356510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Jun 2023 19:11:08 GMT

GET
H2 200 fr.svg
flagcdn.com/ 194 B
765 B 88ms
35ms Image
image/svg+xml 2606:4700:3035::6815:3e94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flagcdn.com/fr.svg

Requested by

Host: thewinnersfr.online
URL: https://thewinnersfr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3e94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

562a4c9c6601bfbd1c4a3209c47f2b840650a431041f6616b8af9a0eaa888489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 22:12:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576675
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 Nov 2020 12:03:17 GMT
server: cloudflare
etag: W/"5fb65f05-c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0A7FllxiOP0q7waWSyPYaKYR8om2SeXcK%2FxzjD5NF1CnYwfb%2B4FopdfQ7LkeL%2FV0VJ1ir0KFCxHVcSAfW15QCG6UJwYfzGCKMb9UGCwCiqxSkfmheljmU2JUfvBu4ubzzB85FkEm81CxcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-maxage=2678400
cf-ray: 71747e1bbca640ab-CDG

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 13 KB
14 KB 53ms
28ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f

Request headers

Referer: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin: https://thewinnersfr.online
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 22:12:58 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 560239
cf-ray: 71747e1b8d934087-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13552
x-amz-id-2: cpJ/e5+TEBYDgY3SR2y2TrBwuDc+I36JkVzB41Z/dEoZXRXgAwTNB03BkXXfZsQMJntnJGDQd9E=
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
server: cloudflare
etag: "e6257a726a0cf6ec8c6fec22821c055f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBLoXxv%2F8ilwUVyzv3cXMzhC%2BHo7DH9zRVWtuIdR3j5aPmDgy9W%2BuHECL%2B3yaZOu6FKwjD7Ea%2Fh4LZxa2ZeBiz6RwU3DoTEGsblf8%2FCm8fgQ2nidtHArW%2FFp5ja1sNPLVMFb4n1grjlMiYKCipiG2kqz"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 5S7NNZK3Y1KQ3GB7
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 tr
www.facebook.com/ 44 B
297 B 80ms
24ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=&ev=PageView&noscript=1

Requested by

Host: thewinnersfr.online
URL: https://thewinnersfr.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinnersfr.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 22:12:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 06 Jun 2022 22:12:58 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 87ms
33ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1033809723&t=pageview&_s=1&dl=https%3A%2F%2Fthewinnersfr.online%2F&ul=en-us&de=UTF-8&dt=Carte%20cadeau%20InterMarch%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=712337817&gjid=1124627881&cid=1911509361.1654553579&tid=UA-103066933-1&_gid=1368546930.1654553579&_r=1&_slc=1&z=932501095

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thewinnersfr.online/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 22:12:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thewinnersfr.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 72ms
24ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-103066933-1&cid=1911509361.1654553579&jid=712337817&gjid=1124627881&_gid=1368546930.1654553579&_u=IEBAAEAAAAAAAC~&z=141929410

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thewinnersfr.online/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 06 Jun 2022 22:12:59 GMT
content-type: text/plain
access-control-allow-origin: https://thewinnersfr.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.hypertr4ffic.com/	1970-01-20 03:37:19	Name: uniqueClick_B9GDQ9P Value: ebfe52e2-180c-4255-8957-0279d5da41ae:1654553577
www.hypertr4ffic.com/	1970-01-20 05:45:29	Name: transaction_id Value: b205db6e9b06455e895458d00ea37b16
www.ldcrixtrack.com/	1970-01-20 03:45:22	Name: uniqueClick_3DM5ZT5 Value: 37870b33-2bd9-4836-be70-13f048f2340c:1654553577
www.ldcrixtrack.com/	1970-01-20 05:45:29	Name: transaction_id Value: 5366e068d08f414da7393a0981f8a7a8
www.smart8digital.com/	1970-01-20 03:40:12	Name: uniqueClick_6JHXF Value: c4894056-fcc2-4a1e-a2ff-e4907ce3db01:1654553577
www.smart8digital.com/	1970-01-20 05:45:29	Name: transaction_id Value: f26d006f3cd04d46b3ac9054e0640ef3
thewinnersfr.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: ptpu3onsg9d2thd1gir1ubeugo
.thewinnersfr.online/	1970-01-20 21:07:05	Name: _ga Value: GA1.2.1911509361.1654553579
.thewinnersfr.online/	1970-01-20 03:37:19	Name: _gid Value: GA1.2.1368546930.1654553579
.thewinnersfr.online/	1970-01-20 03:35:53	Name: _gat Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css2?family=Arima+Madurai:wght@100200300400500700800900&display=swap Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

flagcdn.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
stone.jgassoc.com
thewinnersfr.online
use.fontawesome.com
www.affordableserve.com
www.facebook.com
www.google-analytics.com
www.hypertr4ffic.com
www.ldcrixtrack.com
www.smart8digital.com
143.204.98.103
185.95.85.91
212.192.8.197
2606:4700:3035::6815:3e94
2a00:1450:4001:800::200e
2a00:1450:4001:803::2003
2a00:1450:4001:809::200a
2a00:1450:400c:c08::9a
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::3
34.117.79.165
35.190.66.152
35.241.31.206
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15c55b700a8d338a5982fb2b3bbb2585daa6e152c3c84a3a0bedaaee222125ba
23ac5486ff5140bb689a3fea726d12052769e355542338a0974af5048d8d1128
41416cef448cf05eb5153ab73103fd7eafe5f1ef57e2d805c8a2548057bba2af
562a4c9c6601bfbd1c4a3209c47f2b840650a431041f6616b8af9a0eaa888489
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b170efed95e08fe6470bb45ff2d2aefee0608784417de4b92486929bfa4c619b
bcbba6b1642f8d581cca594275c19501804c452b19376f27ffada1d5141c8389
c2fef0b8d9dad01f8786935ceb80ba704df2d28f1e8540618f7126b465f4c684
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
e23315ee3eb3c4da5cd9c1d991235bc766f4d88efccf811a466cec522ed88aa2
e6bbcc485e89931568aa6653b55136a2c99cfabd8eeb5b1dbea5116716a304e1
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

thewinnersfr.online Open in urlscan Pro 143.204.98.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

54 %IPv6

13 Domains

13 Subdomains

8 IPs

5 Countries

303 kBTransfer

614 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

10 Cookies

1 Console Messages

Security Headers

Indicators

thewinnersfr.online Open in urlscan Pro
143.204.98.103 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

54 %
IPv6

13
Domains

13
Subdomains

8
IPs

5
Countries

303 kB
Transfer

614 kB
Size

10
Cookies

19 HTTP transactions
0 data transactions