urlscan.io logo urlscan.io
SecurityTrails logo

winitnow.mobi Open in urlscan Pro
82.80.211.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&fb_did=&uuid=6a172780-16ed-e6ef-6837-2509ffac5d03-159...
Effective URL: https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
Submission: On June 30 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 15 HTTP transactions. The main IP is 82.80.211.177, located in Israel and belongs to BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL. The main domain is winitnow.mobi.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 18th 2020. Valid for: 3 months.
This is the only time winitnow.mobi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.26.12.30 13335 (CLOUDFLAR...)
2 2 104.24.127.25 13335 (CLOUDFLAR...)
3 172.67.70.29 13335 (CLOUDFLAR...)
1 2 52.0.120.49 14618 (AMAZON-AES)
7 82.80.211.177 8551 (BEZEQ-INT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 6
1    104.26.12.30 (United States)

ASN13335 (CLOUDFLARENET, US)
saztirulo.com
2    104.24.127.25 (United States)

ASN13335 (CLOUDFLARENET, US)
estratius.com
3    172.67.70.29 (United States)

ASN13335 (CLOUDFLARENET, US)
jecrean.com
cdn.jecrean.com
2    52.0.120.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-120-49.compute-1.amazonaws.com
openad.pro
7    82.80.211.177 (Israel)

ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL)
PTR: mail.cellect.mobi
winitnow.mobi
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
7 winitnow.mobi openad.pro
winitnow.mobi
2 www.google-analytics.com www.googletagmanager.com
winitnow.mobi
2 openad.pro 1 redirects jecrean.com
2 jecrean.com saztirulo.com
cdn.jecrean.com
2 estratius.com 2 redirects
1 www.googletagmanager.com winitnow.mobi
1 cdn.jecrean.com jecrean.com
1 saztirulo.com
15 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
winitnow.mobi
cPanel, Inc. Certification Authority		 2020-05-18 -
2020-08-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
Frame ID: 9E45C18444317EA85D050ACFB9F63B80
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&fb_did=&uuid=6a172780-16ed-e6ef-6... Page URL
  2. http://estratius.com/0--defwegabjbios?adTagId=3365b100-1833-11e6-8dc4-0e6b810b9917&cpm=0.01&fallb... HTTP 301
    https://estratius.com/0--defwegabjbios?adTagId=3365b100-1833-11e6-8dc4-0e6b810b9917&cpm=0.01&fallb... HTTP 302
    https://jecrean.com/dyn/mai/247?clickid=e12b3501-badf-11ea-85ed-0a599d8f7967 Page URL
  3. http://jecrean.com/dyn/mai/247?clickid=e12b3501-badf-11ea-85ed-0a599d8f7967&a=1&b=1&c=false&d=t... Page URL
  4. http://openad.pro/go/216668/498903 Page URL
  5. http://openad.pro/ad/ad?p=216668&w=498903&t=3447a8f23031e511&r=aHR0cCUzQSUyRiUyRmplY3JlYW4uY29... HTTP 303
    https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

15
Requests

80 %
HTTPS

29 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

233 kB
Transfer

466 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&fb_did=&uuid=6a172780-16ed-e6ef-6837-2509ffac5d03-1593098383881 Page URL
  2. http://estratius.com/0--defwegabjbios?adTagId=3365b100-1833-11e6-8dc4-0e6b810b9917&cpm=0.01&fallbackUrl=https%3A%2F%2Fjecrean.com%2Fdyn%2Fmai%2F247&wnw=true HTTP 301
    https://estratius.com/0--defwegabjbios?adTagId=3365b100-1833-11e6-8dc4-0e6b810b9917&cpm=0.01&fallbackUrl=https%3A%2F%2Fjecrean.com%2Fdyn%2Fmai%2F247&wnw=true HTTP 302
    https://jecrean.com/dyn/mai/247?clickid=e12b3501-badf-11ea-85ed-0a599d8f7967 Page URL
  3. http://jecrean.com/dyn/mai/247?clickid=e12b3501-badf-11ea-85ed-0a599d8f7967&a=1&b=1&c=false&d=true&e=2&err=0000 Page URL
  4. http://openad.pro/go/216668/498903 Page URL
  5. http://openad.pro/ad/ad?p=216668&w=498903&t=3447a8f23031e511&r=aHR0cCUzQSUyRiUyRmplY3JlYW4uY29tJTJG&vw=1600&vh=1200 HTTP 303
    https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://estratius.com/0--defwegabjbios?adTagId=3365b100-1833-11e6-8dc4-0e6b810b9917&cpm=0.01&fallbackUrl=https%3A%2F%2Fjecrean.com%2Fdyn%2Fmai%2F247&wnw=true HTTP 301
  • https://estratius.com/0--defwegabjbios?adTagId=3365b100-1833-11e6-8dc4-0e6b810b9917&cpm=0.01&fallbackUrl=https%3A%2F%2Fjecrean.com%2Fdyn%2Fmai%2F247&wnw=true HTTP 302
  • https://jecrean.com/dyn/mai/247?clickid=e12b3501-badf-11ea-85ed-0a599d8f7967

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set file
saztirulo.com/rnd/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&fb_did=&uuid=6a172780-16ed-e6ef-6837-2509ffac5d03-1593098383881
Protocol
HTTP/1.1
Server
104.26.12.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a32241fd9794e3891b393573be2a711fef1bc1c80c333329e7d465d73d0369a8

Request headers

Host
saztirulo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Tue, 30 Jun 2020 14:42:10 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d7014a62fe783c1ccff53334fee178a761593528130; expires=Thu, 30-Jul-20 14:42:10 GMT; path=/; domain=.saztirulo.com; HttpOnly; SameSite=Lax
Referrer-Policy
origin
Cache-control
no-store, no-cache
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
cf-request-id
03a746b1d800000d3ea904d200000001
Server
cloudflare
CF-RAY
5ab8a6fc8ca80d3e-ARN
Content-Encoding
gzip
247
jecrean.com/dyn/mai/
Redirect Chain
  • http://estratius.com/0--defwegabjbios?adTagId=3365b100-1833-11e6-8dc4-0e6b810b9917&cpm=0.01&fallbackUrl=https%3A%2F%2Fjecrean.com%2Fdyn%2Fmai%2F247&wnw=true
  • https://estratius.com/0--defwegabjbios?adTagId=3365b100-1833-11e6-8dc4-0e6b810b9917&cpm=0.01&fallbackUrl=https%3A%2F%2Fjecrean.com%2Fdyn%2Fmai%2F247&wnw=true
  • https://jecrean.com/dyn/mai/247?clickid=e12b3501-badf-11ea-85ed-0a599d8f7967
1 KB
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jecrean.com/dyn/mai/247?clickid=e12b3501-badf-11ea-85ed-0a599d8f7967
Requested by
Host: saztirulo.com
URL: http://saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&fb_did=&uuid=6a172780-16ed-e6ef-6837-2509ffac5d03-1593098383881
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4639cd54d6afe38f2dcd60a205237e8fd33ef4e987d85e8d8a0dfdf82388ad65

Request headers

:method
GET
:authority
jecrean.com
:scheme
https
:path
/dyn/mai/247?clickid=e12b3501-badf-11ea-85ed-0a599d8f7967
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://saztirulo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
http://saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&fb_did=&uuid=6a172780-16ed-e6ef-6837-2509ffac5d03-1593098383881

Response headers

status
200
date
Tue, 30 Jun 2020 14:42:10 GMT
content-type
text/html;charset=ISO-8859-1
set-cookie
__cfduid=dc36b82586ebf41dcc5d9eed46928c8961593528130; expires=Thu, 30-Jul-20 14:42:10 GMT; path=/; domain=.jecrean.com; HttpOnly; SameSite=Lax
cache-control
no-store, no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
03a746b50d000076585d060200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ab8a701aa587658-ARN
content-encoding
br

Redirect headers

status
302
date
Tue, 30 Jun 2020 14:42:10 GMT
content-length
0
set-cookie
__cfduid=db2a438dd8e3b489d4afb498043e4597f1593528130; expires=Thu, 30-Jul-20 14:42:10 GMT; path=/; domain=.estratius.com; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
location
https://jecrean.com/dyn/mai/247?clickid=e12b3501-badf-11ea-85ed-0a599d8f7967
cf-cache-status
DYNAMIC
cf-request-id
03a746b36d0000ce4bde3c0200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ab8a6ff1dc3ce4b-LHR
sr6.min.js
cdn.jecrean.com/js/ 		2 KB
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jecrean.com/js/sr6.min.js
Requested by
Host: jecrean.com
URL: https://jecrean.com/dyn/mai/247?clickid=e12b3501-badf-11ea-85ed-0a599d8f7967
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cdb5a1323fabc40996793286952a46c56d23bb9608d7e78b1ee25d3f7b9f6d8

Request headers

Referer
https://jecrean.com/
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 14:42:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Jun 2020 10:21:28 GMT
server
cloudflare
age
5596
etag
W/"2380-1593512488000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5ab8a702ca987658-ARN
cf-request-id
03a746b5bf000076585d063200000001
247
jecrean.com/dyn/mai/ 		976 B
865 B 		Document
General
Check archive.org
Download Go to
Full URL
http://jecrean.com/dyn/mai/247?clickid=e12b3501-badf-11ea-85ed-0a599d8f7967&a=1&b=1&c=false&d=true&e=2&err=0000
Requested by
Host: cdn.jecrean.com
URL: https://cdn.jecrean.com/js/sr6.min.js
Protocol
HTTP/1.1
Server
172.67.70.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db42e0f44518769dc216aca2c5c792d0d4c21fbe4fc61a5e919681204a10b1b9

Request headers

Host
jecrean.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
https://jecrean.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=dc36b82586ebf41dcc5d9eed46928c8961593528130
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
https://jecrean.com/

Response headers

Date
Tue, 30 Jun 2020 14:42:11 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Cache-control
no-store, no-cache
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
cf-request-id
03a746b67a0000caec9d3dc200000001
Server
cloudflare
CF-RAY
5ab8a703fac8caec-ARN
Content-Encoding
gzip
498903
openad.pro/go/216668/ 		462 B
496 B 		Document
General
Check archive.org
Download Go to
Full URL
http://openad.pro/go/216668/498903
Requested by
Host: jecrean.com
URL: http://jecrean.com/dyn/mai/247?clickid=e12b3501-badf-11ea-85ed-0a599d8f7967&a=1&b=1&c=false&d=true&e=2&err=0000
Protocol
HTTP/1.1
Server
52.0.120.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-120-49.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cdcdcae38f8101570f0038151d1f4dba57284453e1c274bcda2c9ec91294c52d

Request headers

Host
openad.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://jecrean.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
http://jecrean.com/

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 30 Jun 2020 14:42:11 GMT
Server
nginx
Vary
Accept-Encoding
Content-Length
308
Connection
keep-alive
Primary Request /
winitnow.mobi/LP/sw/i11v2/
Redirect Chain
  • http://openad.pro/ad/ad?p=216668&w=498903&t=3447a8f23031e511&r=aHR0cCUzQSUyRiUyRmplY3JlYW4uY29tJTJG&vw=1600&vh=1200
  • https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
Requested by
Host: openad.pro
URL: http://openad.pro/go/216668/498903
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.80.211.177 , Israel, ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL),
Reverse DNS
mail.cellect.mobi
Software
nginx /
Resource Hash
b4b1994d609dfb09a766227410ba2b4cb1ff9d5caa8a68bba777147fccbb9f3d
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
winitnow.mobi
:scheme
https
:path
/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://openad.pro/go/216668/498903
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
http://openad.pro/go/216668/498903

Response headers

status
200
server
nginx
date
Tue, 30 Jun 2020 14:42:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
x-xss-protection
1; mode=block
x-nginx-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Tue, 30 Jun 2020 14:42:11 GMT
Location
https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
Server
nginx
Content-Length
122
Connection
keep-alive
custom.css
winitnow.mobi/LP/sw/i11v2/assets/css/ 		67 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winitnow.mobi/LP/sw/i11v2/assets/css/custom.css
Requested by
Host: winitnow.mobi
URL: https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.80.211.177 , Israel, ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL),
Reverse DNS
mail.cellect.mobi
Software
nginx /
Resource Hash
bbbedcb20fee343bb3f9a314bd1329b832bfe772115371bb174b3b6133e0e2d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
public
date
Tue, 30 Jun 2020 14:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
expires
Thu, 30 Jul 2020 14:42:12 GMT
i11.png
winitnow.mobi/LP/sw/i11v2/assets/img/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winitnow.mobi/LP/sw/i11v2/assets/img/i11.png
Requested by
Host: winitnow.mobi
URL: https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.80.211.177 , Israel, ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL),
Reverse DNS
mail.cellect.mobi
Software
nginx /
Resource Hash
f972214ab2c84a97c41414a63979b202df4d3fcfb5c99e951fdb497bb6e95794
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
public
date
Tue, 30 Jun 2020 14:42:12 GMT
x-content-type-options
nosniff
server
nginx
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
83006
expires
Sat, 29 Aug 2020 14:42:12 GMT
ip7.png
winitnow.mobi/LP/sw/i11v2/assets/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winitnow.mobi/LP/sw/i11v2/assets/img/ip7.png
Requested by
Host: winitnow.mobi
URL: https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.80.211.177 , Israel, ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL),
Reverse DNS
mail.cellect.mobi
Software
nginx /
Resource Hash
39aa8a32e31839f462b8d9ee33828632f5ec9a559af79dde9704304fb8a65002
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
public
date
Tue, 30 Jun 2020 14:42:13 GMT
x-content-type-options
nosniff
server
nginx
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
5032
expires
Sat, 29 Aug 2020 14:42:13 GMT
js
www.googletagmanager.com/gtag/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-41292307-3
Requested by
Host: winitnow.mobi
URL: https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9f3f0f8afba06278c92716716c3cebc443961fc19fcc500ac3d628407fbb6dd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 14:42:13 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33720
x-xss-protection
0
last-modified
Tue, 30 Jun 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jun 2020 14:42:13 GMT
jquery.min.js
winitnow.mobi/LP/sw/ 		129 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winitnow.mobi/LP/sw/jquery.min.js
Requested by
Host: winitnow.mobi
URL: https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.80.211.177 , Israel, ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL),
Reverse DNS
mail.cellect.mobi
Software
nginx /
Resource Hash
cdd2cd0aa08a5a4d2bb38bf60558f2592453a38207e3c122368daf82093c115c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
public
date
Tue, 30 Jun 2020 14:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 30 Jul 2020 14:42:13 GMT
main.js
winitnow.mobi/LP/sw/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winitnow.mobi/LP/sw/main.js?ver1
Requested by
Host: winitnow.mobi
URL: https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.80.211.177 , Israel, ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL),
Reverse DNS
mail.cellect.mobi
Software
nginx /
Resource Hash
b71c40d23aff3b6c88341406114b37ede2a76bff9d93f5b37b6b9fe3895ba0ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
public
date
Tue, 30 Jun 2020 14:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 30 Jul 2020 14:42:13 GMT
design_hero_large.jpg
winitnow.mobi/LP/sw/i11v2/assets/img/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winitnow.mobi/LP/sw/i11v2/assets/img/design_hero_large.jpg
Requested by
Host: winitnow.mobi
URL: https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
82.80.211.177 , Israel, ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL),
Reverse DNS
mail.cellect.mobi
Software
nginx /
Resource Hash
f8eecb293ad13ce887418973d78f9b9840f29ffe282661eba3467882e508e20f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winitnow.mobi/LP/sw/i11v2/assets/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
public
date
Tue, 30 Jun 2020 14:42:13 GMT
x-content-type-options
nosniff
server
nginx
content-type
image/jpeg
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
28103
expires
Sat, 29 Aug 2020 14:42:13 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41292307-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6354
date
Tue, 30 Jun 2020 12:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Tue, 30 Jun 2020 14:56:19 GMT
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1976458460&t=pageview&_s=1&dl=https%3A%2F%2Fwinitnow.mobi%2FLP%2Fsw%2Fi11v2%2F%3Faff%3D2064%26clid%3D83822789495%26pid%3D498903%26bid%3D0.00030&dr=http%3A%2F%2Fopenad.pro%2Fgo%2F216668%2F498903&ul=en-us&de=UTF-8&dt=Ta%20chansen%20och%20vinn%20iPhone%2011&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1219388104&gjid=1680130738&cid=1115800745.1593528133&tid=UA-41292307-3&_gid=1507129167.1593528133&_r=1&gtm=2ou6h1&z=1661795932
Requested by
Host: winitnow.mobi
URL: https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winitnow.mobi/LP/sw/i11v2/?aff=2064&clid=83822789495&pid=498903&bid=0.00030
User-Agent
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jun 2020 14:42:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| numberLength number| numberPrefixLen number| numberPrefix number| codeLength string| IP string| affID string| ACTUALLINK string| QUESTION string| WRONGANSWER string| WRONGPHONE string| WRONGPHONEERR string| PHONELOOKUP string| GENERALERROR string| INVALIDCODE string| SERVERERROR string| STEP3TERMSACC string| STEP3COMPLETE function| gtag object| dataLayer number| count function| change_menu object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery undefined| globalPhoneNumberVal undefined| globalPinCode object| $step2 object| $errorBox1

3 Cookies

Domain/Path Name / Value
.winitnow.mobi/ Name: _gat_gtag_UA_41292307_3
Value: 1
.winitnow.mobi/ Name: _gid
Value: GA1.2.1507129167.1593528133
.winitnow.mobi/ Name: _ga
Value: GA1.2.1115800745.1593528133