urlscan.io logo urlscan.io
SecurityTrails logo

www.ritiroimmediato.com Open in urlscan Pro
2606:4700:3033::ac43:a5ad  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ritiroimmediato.com/
Effective URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl
Submission: On August 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3033::ac43:a5ad, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ritiroimmediato.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2020. Valid for: a year.
This is the only time www.ritiroimmediato.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
26 4
Domain Requested by
21 www.ritiroimmediato.com 1 redirects www.ritiroimmediato.com
3 eu.winnernotification.net www.ritiroimmediato.com
eu.winnernotification.net
2 www.google.com www.ritiroimmediato.com
www.gstatic.com
1 www.gstatic.com www.google.com
26 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-17 -
2021-07-17		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
winnernotification.net
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.ritiroimmediato.com/cgi-bin/wingame.pl
Frame ID: 73025F74F5F261F54F7151961120019C
Requests: 24 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfvi4cUAAAAAG9KEALaSK9o9_tKD_RVK2a93fvU&co=aHR0cHM6Ly93d3cucml0aXJvaW1tZWRpYXRvLmNvbTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&size=invisible&cb=rqx5h2fni03n
Frame ID: 04C04D554E78043E89878C975435AAE9
Requests: 1 HTTP requests in this frame

Frame: https://eu.winnernotification.net/pushweb/assets/m_main.html
Frame ID: F418FF61769F66D8F521B5A633874FE1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.ritiroimmediato.com/ HTTP 302
    https://www.ritiroimmediato.com/cgi-bin/wingame.pl Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

26
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

544 kB
Transfer

1143 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ritiroimmediato.com/ HTTP 302
    https://www.ritiroimmediato.com/cgi-bin/wingame.pl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wingame.pl
www.ritiroimmediato.com/cgi-bin/
Redirect Chain
  • http://www.ritiroimmediato.com/
  • https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
45 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
804fe3fa05697564c41163afc188a1ef21d461ca0405c770e588ca35be6b3a63

Request headers

:method
GET
:authority
www.ritiroimmediato.com
:scheme
https
:path
/cgi-bin/wingame.pl?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d72688600fc339ef926a55c0e8eee1cd91597233969
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 12 Aug 2020 12:06:09 GMT
content-type
text/html;charset=ISO-8859-1
x-firstpage
0
x-page
reg_half
x-map-context
it
x-served-by
a-03
cf-cache-status
DYNAMIC
cf-request-id
048429507d000064bbc4950200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5c1a1193fd9e64bb-FRA
content-encoding
br

Redirect headers

Date
Wed, 12 Aug 2020 12:06:09 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d72688600fc339ef926a55c0e8eee1cd91597233969; expires=Fri, 11-Sep-20 12:06:09 GMT; path=/; domain=.ritiroimmediato.com; HttpOnly; SameSite=Lax
Location
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
URI
<https://www.ritiroimmediato.com/cgi-bin/wingame.pl?>
X-Map-Context
it
X-Served-By
a-01
CF-Cache-Status
DYNAMIC
cf-request-id
0484294fc10000c2c738822200000001
Server
cloudflare
CF-RAY
5c1a1192cce7c2c7-FRA
tl_report.min.js
www.ritiroimmediato.com/_global/js/ 		20 B
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_global/js/tl_report.min.js?2020-08-12.9
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab00214620a8a0deedc6fe0cc66e9f674a76b89dfaa222d49dc22f79f4754de1

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
cf-cache-status
MISS
status
200
content-length
20
cf-request-id
048429521a000064bbc497e200000001
x-served-by
a-04
last-modified
Thu, 09 Jul 2020 13:19:04 GMT
server
cloudflare
x-map-context
it
etag
"5f071948-14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
5c1a11969fab64bb-FRA
expires
Thu, 13 Aug 2020 12:06:09 GMT
font-awesome.min.css
www.ritiroimmediato.com/_global/fonts/font-awesome-4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_global/fonts/font-awesome-4.7.0/css/font-awesome.min.css?2020-08-12.9
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
0484295219000064bbc497a200000001
x-served-by
a-01
last-modified
Fri, 30 Aug 2019 10:38:20 GMT
server
cloudflare
x-map-context
it
etag
W/"5d68fc9c-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
5c1a11968fa464bb-FRA
expires
Thu, 13 Aug 2020 12:06:09 GMT
foundation-custom.css
www.ritiroimmediato.com/_global/wingame/default/css/foundation-xy-grid/ 		62 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_global/wingame/default/css/foundation-xy-grid/foundation-custom.css?2020-08-12.9
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a924d7f2a1eafc3f7e535154e30b0f49ec294c016a1effb178aef5187cbb1ec

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
0484295219000064bbc497b200000001
x-served-by
a-02
last-modified
Mon, 27 Jan 2020 11:07:18 GMT
server
cloudflare
x-map-context
it
etag
W/"5e2ec466-f93c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
5c1a11968fa564bb-FRA
expires
Thu, 13 Aug 2020 12:06:09 GMT
series.css
www.ritiroimmediato.com/_global/wingame/76/css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_global/wingame/76/css/series.css?2020-08-12.9
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68f96139b6b09a6c14dc798c0af783eba4b00e18f62a8346d57123f4218e659a

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
0484295219000064bbc497c200000001
x-served-by
a-04
last-modified
Mon, 03 Aug 2020 08:50:31 GMT
server
cloudflare
x-map-context
it
etag
W/"5f27cfd7-4867"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
5c1a11968fa664bb-FRA
expires
Thu, 13 Aug 2020 12:06:09 GMT
sweepstake.css
www.ritiroimmediato.com/wingame/62/css/ 		2 KB
777 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/wingame/62/css/sweepstake.css?2020-08-12.9
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69b83ceec577252cb2d4eb593b043d438d0caecccf7943166b27e2af74aa282b

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
048429521a000064bbc497d200000001
x-served-by
a-02
last-modified
Thu, 02 Jul 2020 13:14:43 GMT
server
cloudflare
x-map-context
it
etag
W/"5efdddc3-75e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
5c1a11969fa764bb-FRA
expires
Thu, 13 Aug 2020 12:06:09 GMT
MooTools-Core-1.6.0-compressed.js
www.ritiroimmediato.com/_global/js/framework/ 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2020-08-12.9
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
048429521a000064bbc497f200000001
x-served-by
a-01
last-modified
Fri, 10 Nov 2017 11:48:17 GMT
server
cloudflare
x-map-context
it
etag
W/"5a059201-15e64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
5c1a11969fac64bb-FRA
expires
Thu, 13 Aug 2020 12:06:09 GMT
moolidator.js
www.ritiroimmediato.com/_global/js/ 		43 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_global/js/moolidator.js?2020-08-12.9
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43e7a58b43464b2a609b9c8de11c70280749591d10dd82dd016481d36d3d1a28

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
048429521a000064bbc4980200000001
x-served-by
a-04
last-modified
Wed, 06 May 2020 10:20:06 GMT
server
cloudflare
x-map-context
it
etag
W/"5eb28f56-ab89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
5c1a11969fad64bb-FRA
expires
Thu, 13 Aug 2020 12:06:09 GMT
moolidator_rules.js
www.ritiroimmediato.com/_global/js/ 		27 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_global/js/moolidator_rules.js?2020-08-12.9
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e8ce5039a449ed47fc1a1ba893bf94487738c079562e40014b25a404d48f1dc

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
048429521a000064bbc4981200000001
x-served-by
a-01
last-modified
Wed, 15 Jul 2020 08:09:18 GMT
server
cloudflare
x-map-context
it
etag
W/"5f0eb9ae-6b92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
5c1a11969fae64bb-FRA
expires
Thu, 13 Aug 2020 12:06:09 GMT
scripts.js
www.ritiroimmediato.com/_global/js/ 		55 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_global/js/scripts.js?2020-08-12.9
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f39a46c83dca723cedc27047b394652bb30566e25f2b676ebe185666f9b3dcb2

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
048429521a000064bbc4982200000001
x-served-by
a-02
last-modified
Mon, 10 Aug 2020 11:50:32 GMT
server
cloudflare
x-map-context
it
etag
W/"5f313488-dbf0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
5c1a11969fb064bb-FRA
expires
Thu, 13 Aug 2020 12:06:09 GMT
global.js
www.ritiroimmediato.com/wingame/global/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/wingame/global/js/global.js?2020-08-12.9
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0588de2328d61fb38d030acaf29d5afdf160fb1bd7333af02aea4d0a48d68f5

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
048429521a000064bbc4983200000001
x-served-by
a-03
last-modified
Fri, 01 May 2020 13:12:05 GMT
server
cloudflare
x-map-context
it
etag
W/"5eac2025-10f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
5c1a11969fb264bb-FRA
expires
Thu, 13 Aug 2020 12:06:09 GMT
series.js
www.ritiroimmediato.com/_global/wingame/76/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_global/wingame/76/js/series.js?2020-08-12.9
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63b93ce6ea02afbc6e0903c0161e37f66370c4f4a286600f8ac9c0c00389bc31

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
048429521a000064bbc4984200000001
x-served-by
a-04
last-modified
Thu, 26 Mar 2020 08:57:19 GMT
server
cloudflare
x-map-context
it
etag
W/"5e7c6e6f-21e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
5c1a11969fb364bb-FRA
expires
Thu, 13 Aug 2020 12:06:09 GMT
sweepstake.js
www.ritiroimmediato.com/wingame/62/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/wingame/62/js/sweepstake.js?2020-08-12.9
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b898572194d8cdddf44e06b143e7e29e48c3560cb758c3e24eb8cdd316228cb

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
048429521a000064bbc4985200000001
x-served-by
a-01
last-modified
Fri, 01 May 2020 13:12:05 GMT
server
cloudflare
x-map-context
it
etag
W/"5eac2025-1082"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
5c1a11969fb464bb-FRA
expires
Thu, 13 Aug 2020 12:06:09 GMT
img-samsungs10-phone-it.png
www.ritiroimmediato.com/_static/_global/_supload/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ritiroimmediato.com/_static/_global/_supload/images/img-samsungs10-phone-it.png
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
223bfab8c31375cc7486295a849549bd287d900a79cbc4eb2f71421945acf791

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
cf-cache-status
MISS
last-modified
Mon, 09 Dec 2019 14:17:54 GMT
server
cloudflare
etag
"2248375941"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
5c1a1197a8c964bb-FRA
content-length
25748
cf-request-id
04842952cc000064bbc4998200000001
expires
Thu, 13 Aug 2020 12:06:09 GMT
img-samsungs10-shadow-02.png
www.ritiroimmediato.com/_static/_global/_supload/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ritiroimmediato.com/_static/_global/_supload/images/img-samsungs10-shadow-02.png
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0a132d40dbc7a0a880e5d786e1254bcc0a9b3caf3e28eef807c1c521ed8e746

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Nov 2019 09:02:23 GMT
server
cloudflare
etag
"2962316203"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
5c1a1197d90464bb-FRA
content-length
29857
cf-request-id
04842952e9000064bbc4999200000001
expires
Thu, 13 Aug 2020 12:06:09 GMT
api.js
www.google.com/recaptcha/ 		708 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lfvi4cUAAAAAG9KEALaSK9o9_tKD_RVK2a93fvU
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c0a5168f307319bc543e1c7350ff48790112ae3ae5e29b199d24696b997aa011
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476
x-xss-protection
1; mode=block
expires
Wed, 12 Aug 2020 12:06:09 GMT
bg-samsunss10_2.jpg
www.ritiroimmediato.com/_static/_global/_supload/images/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ritiroimmediato.com/_static/_global/_supload/images/bg-samsunss10_2.jpg
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac14307a8892da62ac661c5f44dfe4ca0f2f447ba38532e91ff24d2ef167dea1

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:09 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Nov 2019 08:18:06 GMT
server
cloudflare
etag
"2197502932"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
5c1a1198597164bb-FRA
content-length
96642
cf-request-id
048429533a000064bbc49a1200000001
expires
Thu, 13 Aug 2020 12:06:09 GMT
Poppins-Regular.woff2
www.ritiroimmediato.com/_static/_global/_supload/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_static/_global/_supload/fonts/Poppins-Regular.woff2
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bedc39ba6f7f98efeb0b5a5c5a195b1f3421829ffcaf83174a1c7e86f5002a61

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Origin
https://www.ritiroimmediato.com

Response headers

date
Wed, 12 Aug 2020 12:06:10 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Jan 2019 11:10:40 GMT
server
cloudflare
etag
"414078382"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
5c1a1198697a64bb-FRA
content-length
49444
cf-request-id
0484295341000064bbc49a2200000001
expires
Thu, 13 Aug 2020 12:06:09 GMT
Poppins-Bold.woff2
www.ritiroimmediato.com/_static/_global/_supload/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_static/_global/_supload/fonts/Poppins-Bold.woff2
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecb7adbcdd74acc91408e512b2f28849b844bced8df055f5bc16bb1fde6eb53b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Origin
https://www.ritiroimmediato.com

Response headers

date
Wed, 12 Aug 2020 12:06:10 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Jan 2019 11:10:41 GMT
server
cloudflare
etag
"2351420195"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
5c1a1198799064bb-FRA
content-length
49128
cf-request-id
0484295346000064bbc49a3200000001
expires
Thu, 13 Aug 2020 12:06:10 GMT
Poppins-SemiBold.woff2
www.ritiroimmediato.com/_static/_global/_supload/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_static/_global/_supload/fonts/Poppins-SemiBold.woff2
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6603613bef7d3b2ecbebf589ba781a91065804ecfec937a82dd51f38a575a9d5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Origin
https://www.ritiroimmediato.com

Response headers

date
Wed, 12 Aug 2020 12:06:10 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Jan 2019 11:10:40 GMT
server
cloudflare
etag
"2606190979"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
5c1a1198799464bb-FRA
content-length
48892
cf-request-id
0484295346000064bbc49a4200000001
expires
Thu, 13 Aug 2020 12:06:10 GMT
init.js
eu.winnernotification.net/pushweb/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.winnernotification.net/pushweb/assets/init.js
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:abe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb9d5f486cfba7c1bdd1850b839e54689e918aa727065f754ff2faf75e67fc94

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:10 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1336
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status
200
cf-request-id
04842953b2000005b341959200000001
access-control-allow-origin
*
server
cloudflare
etag
W/"6da-uZQyggfoYDMoXRmtIgOub/dpsEk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/javascript; charset=utf-8
via
1.1 google
cache-control
max-age=1800
cf-ray
5c1a11991f6d05b3-FRA
access-control-allow-headers
Content-Type, Authorization, Accengage-Time, Accengage-Signature
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/ 		331 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lfvi4cUAAAAAG9KEALaSK9o9_tKD_RVK2a93fvU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e42f7806fd699d172d728f73f966a5d173cad2f4091aeed75cdb6ef611b4396e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 16:50:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 10 Aug 2020 04:05:32 GMT
server
sffe
age
155764
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133738
x-xss-protection
0
expires
Tue, 10 Aug 2021 16:50:06 GMT
s5-bfp.js
www.ritiroimmediato.com/_global/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ritiroimmediato.com/_global/js/s5-bfp.js?3121116721
Requested by
Host: www.ritiroimmediato.com
URL: https://www.ritiroimmediato.com/_global/js/scripts.js?2020-08-12.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82e17635bd84d9c2f72b3d9ae284d3e84d9d4c990faf27b3ddb4169229f0bcd1

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:10 GMT
content-encoding
br
cf-cache-status
MISS
status
200
cf-request-id
048429537b000064bbc49a7200000001
x-served-by
a-04
last-modified
Thu, 12 Mar 2020 13:46:39 GMT
server
cloudflare
x-map-context
it
etag
W/"5e6a3d3f-2e71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
5c1a1198c9dc64bb-FRA
expires
Thu, 13 Aug 2020 12:06:10 GMT
anchor
www.google.com/recaptcha/api2/ Frame 04C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfvi4cUAAAAAG9KEALaSK9o9_tKD_RVK2a93fvU&co=aHR0cHM6Ly93d3cucml0aXJvaW1tZWRpYXRvLmNvbTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&size=invisible&cb=rqx5h2fni03n
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TPiWapjoyMdQOtxLT9_b4n2W/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZqI72bDT64gFW3ItFGfCyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lfvi4cUAAAAAG9KEALaSK9o9_tKD_RVK2a93fvU&co=aHR0cHM6Ly93d3cucml0aXJvaW1tZWRpYXRvLmNvbTo0NDM.&hl=en&v=TPiWapjoyMdQOtxLT9_b4n2W&size=invisible&cb=rqx5h2fni03n
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 12 Aug 2020 12:06:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZqI72bDT64gFW3ItFGfCyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9812
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
t_main.js
eu.winnernotification.net/pushweb/assets/ 		118 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.winnernotification.net/pushweb/assets/t_main.js?
Requested by
Host: eu.winnernotification.net
URL: https://eu.winnernotification.net/pushweb/assets/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:abe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2b5d8a691cd43b3f695a605d57397fbddd789f053711bdb79d4beee7755fd4

Request headers

Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 12:06:10 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1436
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status
200
cf-request-id
048429543e000005b341964200000001
access-control-allow-origin
*
server
cloudflare
etag
W/"1d8ce-w+YLSoHXVP9XF2+Fg1qiEhtq6tY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/javascript; charset=utf-8
via
1.1 google
cache-control
max-age=1800
cf-ray
5c1a1199f9bd05b3-FRA
access-control-allow-headers
Content-Type, Authorization, Accengage-Time, Accengage-Signature
m_main.html
eu.winnernotification.net/pushweb/assets/ Frame F418 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu.winnernotification.net/pushweb/assets/m_main.html?
Requested by
Host: eu.winnernotification.net
URL: https://eu.winnernotification.net/pushweb/assets/t_main.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:abe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
eu.winnernotification.net
:scheme
https
:path
/pushweb/assets/m_main.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ritiroimmediato.com/cgi-bin/wingame.pl?

Response headers

status
200
date
Wed, 12 Aug 2020 12:06:10 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dc9f78ad8103e10192853ad426e74e7491597233970; expires=Fri, 11-Sep-20 12:06:10 GMT; path=/; domain=.winnernotification.net; HttpOnly; SameSite=Lax
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-headers
Content-Type, Authorization, Accengage-Time, Accengage-Signature
cache-control
max-age=1800
vary
Accept-Encoding
via
1.1 google
cf-cache-status
HIT
age
938
cf-request-id
048429547b000005b341966200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5c1a119a5aef05b3-FRA
content-encoding
gzip

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| rS string| rI string| pI function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| DOMEvent function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx string| user_device_type function| Moolidator_Lite object| moolidator_lite_rules object| mooli object| moolidator_lite_countries object| Maxlength_on_number_fields function| get_parameter function| popunder_on_submit function| should_value_localstorage boolean| popmaster function| localStorage_is_supported function| openWindow function| enableFields function| log_misc function| get_enc_type function| isIE object| scroll_into_view function| Blink_items function| field_jumper function| backwards_button undefined| trackEvent function| goToNextPageByGoButton function| appendScript function| checkPerformanceEntries object| ab object| log object| control_form boolean| page_submitted undefined| field_validator string| current_page undefined| scroll_position_x function| iframe_selector function| open_iframe function| open_layer function| initialize_quiz function| initialize_selectedPrize function| add_pop_iframe_closer_events function| setFilledClass function| agb_error_handling function| check_agb_errors object| POPUNDER string| context function| iframeLoaded function| Sponsorlist_sweepstake function| Optin_layer object| ACC object| sws_acc function| update_AC_data function| setIdentSessionName function| setLogMiscForStep function| setValByUpdateDeviceInfo object| AccengageWebSDKObject object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client number| create_token_interval function| token_generator undefined| dccBts string| slickid function| p function| w object| m object| y object| e object| b object| z string| n boolean| A object| x function| forge_sha256 string| canvasData number| c2 number| c1 object| recaptcha object| closure_lm_361945 function| _toConsumableArray function| _defineProperty function| _slicedToArray

1 Cookies

Domain/Path Name / Value
.ritiroimmediato.com/ Name: __cfduid
Value: d72688600fc339ef926a55c0e8eee1cd91597233969

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eu.winnernotification.net
www.google.com
www.gstatic.com
www.ritiroimmediato.com
2606:4700:10::ac43:abe
2606:4700:3033::ac43:a5ad
2a00:1450:4001:800::2004
2a00:1450:4001:81d::2003
0e8ce5039a449ed47fc1a1ba893bf94487738c079562e40014b25a404d48f1dc
0f2b5d8a691cd43b3f695a605d57397fbddd789f053711bdb79d4beee7755fd4
223bfab8c31375cc7486295a849549bd287d900a79cbc4eb2f71421945acf791
43e7a58b43464b2a609b9c8de11c70280749591d10dd82dd016481d36d3d1a28
63b93ce6ea02afbc6e0903c0161e37f66370c4f4a286600f8ac9c0c00389bc31
6603613bef7d3b2ecbebf589ba781a91065804ecfec937a82dd51f38a575a9d5
68f96139b6b09a6c14dc798c0af783eba4b00e18f62a8346d57123f4218e659a
69b83ceec577252cb2d4eb593b043d438d0caecccf7943166b27e2af74aa282b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b898572194d8cdddf44e06b143e7e29e48c3560cb758c3e24eb8cdd316228cb
804fe3fa05697564c41163afc188a1ef21d461ca0405c770e588ca35be6b3a63
82e17635bd84d9c2f72b3d9ae284d3e84d9d4c990faf27b3ddb4169229f0bcd1
8a924d7f2a1eafc3f7e535154e30b0f49ec294c016a1effb178aef5187cbb1ec
ab00214620a8a0deedc6fe0cc66e9f674a76b89dfaa222d49dc22f79f4754de1
ac14307a8892da62ac661c5f44dfe4ca0f2f447ba38532e91ff24d2ef167dea1
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
bedc39ba6f7f98efeb0b5a5c5a195b1f3421829ffcaf83174a1c7e86f5002a61
c0588de2328d61fb38d030acaf29d5afdf160fb1bd7333af02aea4d0a48d68f5
c0a132d40dbc7a0a880e5d786e1254bcc0a9b3caf3e28eef807c1c521ed8e746
c0a5168f307319bc543e1c7350ff48790112ae3ae5e29b199d24696b997aa011
e42f7806fd699d172d728f73f966a5d173cad2f4091aeed75cdb6ef611b4396e
eb9d5f486cfba7c1bdd1850b839e54689e918aa727065f754ff2faf75e67fc94
ecb7adbcdd74acc91408e512b2f28849b844bced8df055f5bc16bb1fde6eb53b
f39a46c83dca723cedc27047b394652bb30566e25f2b676ebe185666f9b3dcb2