chooseandwinit.com Open in urlscan Pro
13.225.78.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ww2.capitalonebanknj.com/
Effective URL:
https://chooseandwinit.com/
Submission: On September 05 via api (September 5th 2020, 10:41:48 am UTC) from US

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 7 countries across 15 domains to perform 37 HTTP transactions. The main IP is 13.225.78.105, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is chooseandwinit.com.
TLS certificate: Issued by Amazon on February 7th 2020. Valid for: a year.

This is the only time chooseandwinit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	212.32.237.101 212.32.237.101	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
1 1	136.244.114.164 136.244.114.164	20473 (AS-CHOOPA) (AS-CHOOPA)
1	31.170.100.125 31.170.100.125	201942 (SOLTIA) (SOLTIA)
1 1	46.137.70.201 46.137.70.201	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.66.152 35.190.66.152	15169 (GOOGLE) (GOOGLE)
22	13.225.78.105 13.225.78.105	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2606:4700::68... 2606:4700::6811:4e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
37	11

1 212.32.237.101 (Hoofddorp, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ww2.capitalonebanknj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.192.101.24 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p185689.infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.244.114.164 (Aubervilliers, France) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 136.244.114.164.vultr.com

puatrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.170.100.125 (Spain)

ASN201942 (SOLTIA, ES)

mobi.billiwa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.70.201 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-70-201.eu-west-1.compute.amazonaws.com

malyla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.66.152 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 152.66.190.35.bc.googleusercontent.com

www.gmmsafeads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 13.225.78.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-105.fra2.r.cloudfront.net

chooseandwinit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	chooseandwinit.com chooseandwinit.com	1 MB
3	gstatic.com fonts.gstatic.com	28 KB
3	cloudflare.com cdnjs.cloudflare.com	69 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	fontawesome.com use.fontawesome.com	27 KB
2	infopicked.com 2 redirects infopicked.com p185689.infopicked.com	2 KB
1	facebook.com www.facebook.com	375 B
1	doubleclick.net stats.g.doubleclick.net	85 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com	15 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	gmmsafeads.com 1 redirects www.gmmsafeads.com	457 B
1	malyla.com 1 redirects malyla.com	768 B
1	billiwa.com mobi.billiwa.com	409 B
1	puatrainimg.com 1 redirects puatrainimg.com	485 B
1	capitalonebanknj.com 1 redirects ww2.capitalonebanknj.com	2 KB
37	15

	Domain	Requested by
22	chooseandwinit.com	chooseandwinit.com
3	fonts.gstatic.com	fonts.googleapis.com
3	cdnjs.cloudflare.com	chooseandwinit.com
2	www.google-analytics.com	chooseandwinit.com www.google-analytics.com
2	use.fontawesome.com	chooseandwinit.com use.fontawesome.com
1	www.facebook.com	chooseandwinit.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	stackpath.bootstrapcdn.com	chooseandwinit.com
1	fonts.googleapis.com	chooseandwinit.com
1	www.gmmsafeads.com	1 redirects
1	malyla.com	1 redirects
1	mobi.billiwa.com
1	puatrainimg.com	1 redirects
1	p185689.infopicked.com	1 redirects
1	infopicked.com	1 redirects
1	ww2.capitalonebanknj.com	1 redirects
37	16

This site contains no links.

Subject Issuer	Validity	Valid
ads.conscier.com Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
keto-cleanse.net Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://chooseandwinit.com/
Frame ID: E99E6BD5407292CF308B903E7D08FD18
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ww2.capitalonebanknj.com/ HTTP 302
http://infopicked.com/aS/feedclick?s=u6geJV4sLGvOuUueunBjLI8uDhK_8R6jr97-LtCoVkpIjfBFc0LlGS9wp3zLH... HTTP 302
http://p185689.infopicked.com/adServe/domainClick?ai=WrTZl0BhsBb9UD5pjtoD9kLPhgVVyPA-ytz9ER7MCH1GB40NoqGYW... HTTP 302
http://puatrainimg.com/click.php?c=5&key=6f926k9jas89udm3wiepqlbj&source=405477054 HTTP 302
https://mobi.billiwa.com/ofc/f2324cf9-af0ae866-b39f0ed7-3a9e-b1c3/32aba183-958484d5-606d0f4b-f078-e51... Page URL
https://chooseandwinit.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

37
Requests

100 %
HTTPS

50 %
IPv6

15
Domains

16
Subdomains

11
IPs

7
Countries

1272 kB
Transfer

2102 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ww2.capitalonebanknj.com/ HTTP 302
http://infopicked.com/aS/feedclick?s=u6geJV4sLGvOuUueunBjLI8uDhK_8R6jr97-LtCoVkpIjfBFc0LlGS9wp3zLHG-QT77-fedzUaupbTnNK1c9Rwa8tw24WWMweEiMFl0NUscrEh-i-XFtPABQrzv8wYASqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU2Y38RFmVAcdq4kr_2LA-GUI_JcVm53_IP53rf89dmry0KUEqmACU1y5BPMGv0lGStsainsD89mhLTrGoNy4lKT9X_4fzCIZK30T39FU4DyXXI0GeMlIorjNP0Ife2Ly7CADEFumPsbmyPUi6T0yP_ov7HSVQ-dBDcoRuqCDjwRyG8dKogGgbskVgOx7HkkXcQtdJM26gSFArdDX8kx_BG6eXMRdASkSDpky_A3oscB96A-Sh8zFSF5y36T1o8v7j-2ALAPdlPbNmVAak4C_D3Q9OOSomOsHbMEgIKI8txhNDumcqVfO7Jr0h-dVrXSIDP45B3WAxgqpNy3bliDUptGU1hu6kkC0XWia_iPu8zVsGoV4lvZAilST6qQhsbHGYRf0HB3f36b9G0CNYi0b2biPTUH2IPk6zHoNiYd6UTexsV0iYoT9eEbokFV1AabnQZZ-UESwxHfP0I5tUmsDxzmWnaJm8wZeJbFYkmdyeiIc1wSqdUe-79w67LEGTHnujSJsOO_eZzMDhTtDTjDXMLU7S6wmW6p6oHzkv0aXIF_-82LwVRZL0Q_inOY584aHe8qki_O94JLO7CgU9ej79z9eQ_0ArMc78w6z5XMZozKF-5oirHiUf6kcErkPQ8M9hbIeHivhPZkAzkRVnBVvAr70RlIi3p40zw6wImslhGbxvp1d44McddGZv8gwrtuX5LqujEfN8kzStyMVsAt9rn9qdbYzYRGB1-9r8CA8_kJRAUorOloLPD16pvjJSd9twqdnaG7WAi8gSJVKdqNfjurrtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJC2fnSXp7Np_xHf4t_mLY3Mm36RcdXX6VZSsFv6dpMvEAti7_z9EW6bn7GUZ7QQ6lTzQvziWiq64HLS0FIDEU0ZuZJo7tpmAmx3zhLWgISthiNlfWWA59_cfNGXOLCch8DMWDEcIrEsluFClVyyFIA6tqCJWlIXuPiXimj-ytXsIJhccXI35do1o0ZQWr8yGfTnmBlX7ANpPVQM-JOdTVRi3l5zC8FPJmi2L-4COsWdTlIP5ptT_pYiqviLmPDB-mfpZUyfkI0KMVOMrXf4u6g4ReUI6mfbQ5xbrkiDN5yt8w2bKWfLl_Fu7jMpuj5WHbjvTeu6uimlXuASMbZJpDyeqX8RbVCqXXBQTtb1Vp_izW5XMFUScrOZ3ztTnUVmD0mA6WwZQCkcx-llTJ-QjQo2gCMvK_tMXLekntYE_IAqFingtw_af89ltunOTh58CnuFrm4Vc43JH0NatE1cnb9Q5RUDuR6cw87-RZ2We7oo7mh6y2RNxf5w HTTP 302
http://p185689.infopicked.com/adServe/domainClick?ai=WrTZl0BhsBb9UD5pjtoD9kLPhgVVyPA-ytz9ER7MCH1GB40NoqGYWvrDIQavpWNPckAhzK_8ZjLwDhTsoWfjyQPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UODF_j-5BgQxZPx7mdDCZ_3i36LSvu1TjMndT0rcbhtKjIQ6n-5BK5pgOlsGUApHMfpZUyfkI0KPvIGvAxPWgTOD57pxnXG9my-yHaCTQNmmvCXUWqvNkEFxhBIuZvoGPvsB0iuJvaA4l_jIE1GWrF0-cSEhrDbOxEkcnN0O_o7n7N9RLydVTTh8VzEnRK1KGnazT_fgIBNS4dnN5JBOCTIW_9plALkDivgUM53Dzny0iZs55fPbhlVFjRcsj7Dbq1aOuLzwF6DpmidZ79W2X0a0UsLykwuxQDlFQO5HpzDzv5FnZZ7uijrha5uFXONyRcfv9rkpXfEQ&ui=u6geJV4sLGvOuUueunBjLPbWwvziNp_1eX1o6BG7hvQZNgmdy9AuvlHtznhgt0tbMNmylny5fxbu4zKbo-Vh24703ruroppV7gEjG2SaQ8kmnYs89qZIbg&si=1&oref=29f997d77d86e3efa167f68dace82b9d&rb=wfz2OqcJEQk&rr=4&isco=t HTTP 302
http://puatrainimg.com/click.php?c=5&key=6f926k9jas89udm3wiepqlbj&source=405477054 HTTP 302
https://mobi.billiwa.com/ofc/f2324cf9-af0ae866-b39f0ed7-3a9e-b1c3/32aba183-958484d5-606d0f4b-f078-e511?Subid=405477054&sub_pubid=&externalid=11520836 Page URL
https://chooseandwinit.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ww2.capitalonebanknj.com/ HTTP 302
http://infopicked.com/aS/feedclick?s=u6geJV4sLGvOuUueunBjLI8uDhK_8R6jr97-LtCoVkpIjfBFc0LlGS9wp3zLHG-QT77-fedzUaupbTnNK1c9Rwa8tw24WWMweEiMFl0NUscrEh-i-XFtPABQrzv8wYASqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU2Y38RFmVAcdq4kr_2LA-GUI_JcVm53_IP53rf89dmry0KUEqmACU1y5BPMGv0lGStsainsD89mhLTrGoNy4lKT9X_4fzCIZK30T39FU4DyXXI0GeMlIorjNP0Ife2Ly7CADEFumPsbmyPUi6T0yP_ov7HSVQ-dBDcoRuqCDjwRyG8dKogGgbskVgOx7HkkXcQtdJM26gSFArdDX8kx_BG6eXMRdASkSDpky_A3oscB96A-Sh8zFSF5y36T1o8v7j-2ALAPdlPbNmVAak4C_D3Q9OOSomOsHbMEgIKI8txhNDumcqVfO7Jr0h-dVrXSIDP45B3WAxgqpNy3bliDUptGU1hu6kkC0XWia_iPu8zVsGoV4lvZAilST6qQhsbHGYRf0HB3f36b9G0CNYi0b2biPTUH2IPk6zHoNiYd6UTexsV0iYoT9eEbokFV1AabnQZZ-UESwxHfP0I5tUmsDxzmWnaJm8wZeJbFYkmdyeiIc1wSqdUe-79w67LEGTHnujSJsOO_eZzMDhTtDTjDXMLU7S6wmW6p6oHzkv0aXIF_-82LwVRZL0Q_inOY584aHe8qki_O94JLO7CgU9ej79z9eQ_0ArMc78w6z5XMZozKF-5oirHiUf6kcErkPQ8M9hbIeHivhPZkAzkRVnBVvAr70RlIi3p40zw6wImslhGbxvp1d44McddGZv8gwrtuX5LqujEfN8kzStyMVsAt9rn9qdbYzYRGB1-9r8CA8_kJRAUorOloLPD16pvjJSd9twqdnaG7WAi8gSJVKdqNfjurrtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJC2fnSXp7Np_xHf4t_mLY3Mm36RcdXX6VZSsFv6dpMvEAti7_z9EW6bn7GUZ7QQ6lTzQvziWiq64HLS0FIDEU0ZuZJo7tpmAmx3zhLWgISthiNlfWWA59_cfNGXOLCch8DMWDEcIrEsluFClVyyFIA6tqCJWlIXuPiXimj-ytXsIJhccXI35do1o0ZQWr8yGfTnmBlX7ANpPVQM-JOdTVRi3l5zC8FPJmi2L-4COsWdTlIP5ptT_pYiqviLmPDB-mfpZUyfkI0KMVOMrXf4u6g4ReUI6mfbQ5xbrkiDN5yt8w2bKWfLl_Fu7jMpuj5WHbjvTeu6uimlXuASMbZJpDyeqX8RbVCqXXBQTtb1Vp_izW5XMFUScrOZ3ztTnUVmD0mA6WwZQCkcx-llTJ-QjQo2gCMvK_tMXLekntYE_IAqFingtw_af89ltunOTh58CnuFrm4Vc43JH0NatE1cnb9Q5RUDuR6cw87-RZ2We7oo7mh6y2RNxf5w HTTP 302
http://p185689.infopicked.com/adServe/domainClick?ai=WrTZl0BhsBb9UD5pjtoD9kLPhgVVyPA-ytz9ER7MCH1GB40NoqGYWvrDIQavpWNPckAhzK_8ZjLwDhTsoWfjyQPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UODF_j-5BgQxZPx7mdDCZ_3i36LSvu1TjMndT0rcbhtKjIQ6n-5BK5pgOlsGUApHMfpZUyfkI0KPvIGvAxPWgTOD57pxnXG9my-yHaCTQNmmvCXUWqvNkEFxhBIuZvoGPvsB0iuJvaA4l_jIE1GWrF0-cSEhrDbOxEkcnN0O_o7n7N9RLydVTTh8VzEnRK1KGnazT_fgIBNS4dnN5JBOCTIW_9plALkDivgUM53Dzny0iZs55fPbhlVFjRcsj7Dbq1aOuLzwF6DpmidZ79W2X0a0UsLykwuxQDlFQO5HpzDzv5FnZZ7uijrha5uFXONyRcfv9rkpXfEQ&ui=u6geJV4sLGvOuUueunBjLPbWwvziNp_1eX1o6BG7hvQZNgmdy9AuvlHtznhgt0tbMNmylny5fxbu4zKbo-Vh24703ruroppV7gEjG2SaQ8kmnYs89qZIbg&si=1&oref=29f997d77d86e3efa167f68dace82b9d&rb=wfz2OqcJEQk&rr=4&isco=t HTTP 302
http://puatrainimg.com/click.php?c=5&key=6f926k9jas89udm3wiepqlbj&source=405477054 HTTP 302
https://mobi.billiwa.com/ofc/f2324cf9-af0ae866-b39f0ed7-3a9e-b1c3/32aba183-958484d5-606d0f4b-f078-e511?Subid=405477054&sub_pubid=&externalid=11520836

Request Chain 1

https://malyla.com/?a=5711&c=25843&s4=405477054&s2=M2020090510-2574ee2dea86f5b86dab79851852013b HTTP 302
https://www.gmmsafeads.com/63CFP/6JHXF/?uid=605&sub1=5711&sub2=&sub3=24927-558032275&sub4=&sub5= HTTP 302
https://chooseandwinit.com/o/520E4675?clickid=faf7759d8c944346906a2e3df0f898c0&subid=5711&sourceid=&data=199.48.45.382.102.18.2511.164.22.1846646254.1599302485.1586856147

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

32aba183-958484d5-606d0f4b-f078-e511
mobi.billiwa.com/ofc/f2324cf9-af0ae866-b39f0ed7-3a9e-b1c3/
Redirect Chain

http://ww2.capitalonebanknj.com/
http://infopicked.com/aS/feedclick?s=u6geJV4sLGvOuUueunBjLI8uDhK_8R6jr97-LtCoVkpIjfBFc0LlGS9wp3zLHG-QT77-fedzUaupbTnNK1c9Rwa8tw24WWMweEiMFl0NUscrEh-i-XFtPABQrzv8wYASqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bj...
http://p185689.infopicked.com/adServe/domainClick?ai=WrTZl0BhsBb9UD5pjtoD9kLPhgVVyPA-ytz9ER7MCH1GB40NoqGYWvrDIQavpWNPckAhzK_8ZjLwDhTsoWfjyQPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UODF_j-5BgQxZPx7m...
http://puatrainimg.com/click.php?c=5&key=6f926k9jas89udm3wiepqlbj&source=405477054
https://mobi.billiwa.com/ofc/f2324cf9-af0ae866-b39f0ed7-3a9e-b1c3/32aba183-958484d5-606d0f4b-f078-e511?Subid=405477054&sub_pubid=&externalid=11520836

184 B
409 B

372ms
141ms

Document
text/html

31.170.100.125
SOLTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://mobi.billiwa.com/ofc/f2324cf9-af0ae866-b39f0ed7-3a9e-b1c3/32aba183-958484d5-606d0f4b-f078-e511?Subid=405477054&sub_pubid=&externalid=11520836
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.170.100.125 , Spain, ASN201942 (SOLTIA, ES),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: mobi.billiwa.com
:scheme: https
:path: /ofc/f2324cf9-af0ae866-b39f0ed7-3a9e-b1c3/32aba183-958484d5-606d0f4b-f078-e511?Subid=405477054&sub_pubid=&externalid=11520836
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Sat, 05 Sep 2020 10:41:24 GMT
content-type: text/html; charset=UTF-8
content-length: 162
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: no-cache, private
content-encoding: gzip
x-device: desktop
accept-ranges: bytes
age: 0
tp-cache: MISS
vary: Accept-Encoding

Redirect headers

Server: nginx
Date: Sat, 05 Sep 2020 10:41:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.30
Set-Cookie: IMT1599302484586=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=puatrainimg.com
Location: https://mobi.billiwa.com/ofc/f2324cf9-af0ae866-b39f0ed7-3a9e-b1c3/32aba183-958484d5-606d0f4b-f078-e511?Subid=405477054&sub_pubid=&externalid=11520836

GET
H2

200

520E4675
chooseandwinit.com/o/
Redirect Chain

https://malyla.com/?a=5711&c=25843&s4=405477054&s2=M2020090510-2574ee2dea86f5b86dab79851852013b
https://www.gmmsafeads.com/63CFP/6JHXF/?uid=605&sub1=5711&sub2=&sub3=24927-558032275&sub4=&sub5=
https://chooseandwinit.com/o/520E4675?clickid=faf7759d8c944346906a2e3df0f898c0&subid=5711&sourceid=&data=199.48.45.382.102.18.2511.164.22.1846646254.1599302485.1586856147

0
531 B

494ms
430ms

Document
text/html

13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chooseandwinit.com/o/520E4675?clickid=faf7759d8c944346906a2e3df0f898c0&subid=5711&sourceid=&data=199.48.45.382.102.18.2511.164.22.1846646254.1599302485.1586856147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: chooseandwinit.com
:scheme: https
:path: /o/520E4675?clickid=faf7759d8c944346906a2e3df0f898c0&subid=5711&sourceid=&data=199.48.45.382.102.18.2511.164.22.1846646254.1599302485.1586856147
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mobi.billiwa.com/ofc/f2324cf9-af0ae866-b39f0ed7-3a9e-b1c3/32aba183-958484d5-606d0f4b-f078-e511?Subid=405477054&sub_pubid=&externalid=11520836

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 05 Sep 2020 10:41:25 GMT
server: nginx
vary: Accept-Encoding
set-cookie: PHPSESSID=7p4fqko6kuenie0j7ruot9vdfa; path=/; secure; HttpOnly; SameSite=lax
refresh: 0;url=/
cache-control: max-age=0, must-revalidate, private
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: l3nT3kNY6uXd_PGc4EcuVeasO1y6o9DT29pK6BoIqBSc7Eg4DioYjw==

Redirect headers

status: 302
server: nginx
date: Sat, 05 Sep 2020 10:41:25 GMT
content-type: text/html; charset=utf-8
content-length: 205
location: https://chooseandwinit.com/o/520E4675?clickid=faf7759d8c944346906a2e3df0f898c0&subid=5711&sourceid=&data=199.48.45.382.102.18.2511.164.22.1846646254.1599302485.1586856147
set-cookie: uniqueClick_6JHXF=52023565-73ec-4e37-aafe-52509708c126:1599302485; Path=/; Expires=Tue, 08 Sep 2020 10:41:25 GMT; Secure; SameSite=None transaction_id=faf7759d8c944346906a2e3df0f898c0; Path=/; Expires=Fri, 04 Dec 2020 10:41:25 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: ebd06be8-f712-40d7-a2d0-7682960f0eec
via: 1.1 google
alt-svc: clear

GET
H2 200 Primary Request / Show response
chooseandwinit.com/ 23 KB
6 KB 231ms
230ms Document
text/html 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f9d09c5b5baed9f808a57765f3d58c9b85e3c7ad84a00c2576e6ff5a55689de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: chooseandwinit.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://chooseandwinit.com/o/520E4675?clickid=faf7759d8c944346906a2e3df0f898c0&subid=5711&sourceid=&data=199.48.45.382.102.18.2511.164.22.1846646254.1599302485.1586856147
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=7p4fqko6kuenie0j7ruot9vdfa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://chooseandwinit.com/o/520E4675?clickid=faf7759d8c944346906a2e3df0f898c0&subid=5711&sourceid=&data=199.48.45.382.102.18.2511.164.22.1846646254.1599302485.1586856147

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 05 Sep 2020 10:41:26 GMT
server: nginx
vary: Accept-Encoding
cache-control: max-age=0, must-revalidate, private
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: eHPgdgMzdMLZ04OkGxVD4f6yI4EKIhtXBJWGxG2AKRM11EvHtO090w==

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 17ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ed570df04bb0639007539cc52b76dea504995f8c2fe98b3ac367f88ee90128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Sep 2020 10:41:26 GMT
server: ESF
date: Sat, 05 Sep 2020 10:41:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Sep 2020 10:41:26 GMT

GET
H2 200 global_custom_styles2.css
chooseandwinit.com/lp/_global/css/ 41 KB
7 KB 30ms
28ms Stylesheet
text/css 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chooseandwinit.com/lp/_global/css/global_custom_styles2.css?1599302486

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

3457e28382f91b725e2274ef5007cef9dc30199f09161469d883fe97e780c1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68771
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Feb 2020 09:59:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5e4d0712-a586"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: tZn-rY-H6Ul2cCIz1WAIRT1AfIz9Z4iwy5JooW_nkgjA0CzEzmvLuQ==

GET
H2 200 main.css
chooseandwinit.com/lp/s20.src/ 77 KB
12 KB 33ms
32ms Stylesheet
text/css 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chooseandwinit.com/lp/s20.src/main.css?1599302486

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

96ca4ef27ef94ace66dfde3bbc337ad7df29e54660d0bf849333c851476a1d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5e4514b2-1342c"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: aHXiSkoqbIBFIczJBy6tKfvE_7hCiQSIo9nW74vky_zrEfsu5cXrIw==

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
14 KB 45ms
14ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: chooseandwinit.com
URL: https://chooseandwinit.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Origin: https://chooseandwinit.com
Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 10:41:26 GMT
content-encoding: gzip
last-modified: Thu, 21 Mar 2019 21:31:35 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 23ms
23ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 10:41:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":31536000,"success_fraction":0.01,"include_subdomains":true,"response_headers":["cf-ray"]}
age: 213542
cf-ray: 5cdf567a5fa405c8-FRA
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04ff74607b000005c8aebf0200000001
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
etag: W/"5eb03ec4-14938"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":31536000,"endpoints":[{"url":"https://www.cloudflare.com/cdn-cgi/beacon/nel-inserter-prod?req_id=pseudo-uid&lkg-colo=fra&lkg-time=1599302486&lkg-ip=2a01:4f8:121:131a::2","weight":90},{"url":"https://gcp.nel.cloudflare.com/report?lkg-colo=fra&lkg-time=1599302486&lkg-ip=2a01:4f8:121:131a::2","weight":10}],"include_subdomains":true}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
timing-allow-origin: *
expires: Thu, 26 Aug 2021 10:41:26 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 31ms
17ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Origin: https://chooseandwinit.com
Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 10:41:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 212753
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
cf-request-id: 04ff7460970000c2867cb3d200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5cdf567a880ec286-FRA
expires: Thu, 26 Aug 2021 10:41:26 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
15 KB 663ms
11ms Script
text/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://chooseandwinit.com
Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 10:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:40:57 GMT
status: 200
etag: "1550076057"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 15434

GET
H2 200 plugins.js Show response
chooseandwinit.com/lp/_global/js/ 355 KB
66 KB 35ms
30ms Script
application/javascript 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chooseandwinit.com/lp/_global/js/plugins.js

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

577d2e280b479b1c17a3f7644dd35848997ed2129b6d66f219ac5df389b20ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68770
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Sep 2020 15:34:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5f525e8d-58d94"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: application/javascript
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: aZ7RjugLqRBfsVj0eyVpzIfWbNmOKm-eLxV7nq6xS1xjbEOp7_e8JQ==

GET
H2 200 validate.js Show response
chooseandwinit.com/lp/_global/js/ 8 KB
2 KB 51ms
47ms Script
application/javascript 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chooseandwinit.com/lp/_global/js/validate.js

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1ed24992b5a443f34adc16400df494c2643881e81847a89113b951d9345ca2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68753
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Mar 2020 14:06:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5e7e084d-1f0b"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: application/javascript
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ncEeBViy1rImSWsuKCHMaWj2YVeIlHxMvfKxsEtDtyKbzF5REmtSdw==

GET
H2 200 payform-full.js Show response
chooseandwinit.com/lp/_global/js/ 97 KB
19 KB 55ms
50ms Script
application/javascript 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chooseandwinit.com/lp/_global/js/payform-full.js

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

33ce7c2eb124ab6d36d265cddad4ce595c62721c7c762306478aabf69079796c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68753
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Sep 2020 12:07:16 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5f4e3974-18430"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: application/javascript
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: JexHNaPgfvTi5TgBOzUDBZrQvRVIlBM5gAS3yr1VLjYAuqYVIBV8Ow==

GET
H2 200 main.js Show response
chooseandwinit.com/lp/_global/js/ 9 KB
3 KB 51ms
47ms Script
application/javascript 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chooseandwinit.com/lp/_global/js/main.js?1599302486

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

bc7d7fdfc12042b465e85bae53d971896a60dca56db4baad6cb3b3739fd15205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68770
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Sep 2020 10:45:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5f4f77e6-25ad"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: application/javascript
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: vRGqY9XFhlyUKg-bJgTD18W6lNVi8E9wyzCu5R51a_h1hEORJWAvlQ==

GET
H2 200 index.js Show response
chooseandwinit.com/lp/s20.src/ 90 KB
16 KB 88ms
84ms Script
application/javascript 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chooseandwinit.com/lp/s20.src/index.js?1599302486

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

41c7868460c27952feb6c93ed6563cf8a36c53fa7b1ad20c0842a78e74a749b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5e4514b2-16793"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: application/javascript
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: majyrEmnAyfHI_Dl09tPinKHvDX0YPcMP8JcyGdgpX72J8Vjp65L9Q==

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ 113 KB
33 KB 13ms
13ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 10:41:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 209365
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33534
cf-request-id: 04ff746059000005c8aebee200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
etag: "5eb03e71-1c274"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5cdf567a2f1905c8-FRA
expires: Thu, 26 Aug 2021 10:41:26 GMT

GET
H2 200 img-s20-blue-front.png
chooseandwinit.com/lp/s20.src/img/dist/ 115 KB
116 KB 58ms
54ms Image
image/png 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/s20.src/img/dist/img-s20-blue-front.png

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ae8f3444e44989fb489a8d8a65318509a2d814b9d3ef3af901a88430adffa55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
content-length: 117982
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e4514b2-1ccde"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: mY-O6_ql0saSG-Nz-3AE3UcSXPWwKxzAy_z-58rcRi7XFONfEnL_Bw==

GET
H2 200 img-s20-pink-front.png
chooseandwinit.com/lp/s20.src/img/dist/ 119 KB
119 KB 72ms
68ms Image
image/png 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/s20.src/img/dist/img-s20-pink-front.png

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

615df4f71340758c37525bb07df33843d94e4fe6349de8f6e00e1b816227027c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
content-length: 121766
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e4514b2-1dba6"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: -OooBXInE_uVfdsQ2bPOVthhhksATP7WqNok6UOZp2_HcmTGM-QlfQ==

GET
H2 200 img-s20-grey-front.png
chooseandwinit.com/lp/s20.src/img/dist/ 118 KB
119 KB 82ms
78ms Image
image/png 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/s20.src/img/dist/img-s20-grey-front.png

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d2932dfb9340efee5320babaad438e35280bf1e27169dc0708edccf78a1129f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
content-length: 121047
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e4514b2-1d8d7"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: dyKuqSbvqEgYCUasq9azim9Ufd3uUdn9GjGf1jhTTkchgsdUsjhtJA==

GET
H2 200 img-s20-blue-back.png
chooseandwinit.com/lp/s20.src/img/dist/ 73 KB
74 KB 99ms
96ms Image
image/png 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/s20.src/img/dist/img-s20-blue-back.png

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

3b5232909c6d640ab494ac4ad5df9860b2098cabc0b6b874b65c90f1296d5ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
content-length: 74967
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e4514b2-124d7"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: HN2XxGFdnNCGCGBRKl2UNxX27mGNo_wIAoWJbiPR3qlodwMTe2jGnw==

GET
H2 200 img-s20-pink-back.png
chooseandwinit.com/lp/s20.src/img/dist/ 70 KB
70 KB 78ms
76ms Image
image/png 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/s20.src/img/dist/img-s20-pink-back.png

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ac529e9f86f715c10af8f1aef6eab31844520c0f95c54edc93aa041eb8905b38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
content-length: 71470
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e4514b2-1172e"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Skbva1bv1_KVeS5UX4sotlKfe_mpmfqOCKZ1k4QhfeqruQtoORcgMw==

GET
H2 200 img-s20-grey-back.png
chooseandwinit.com/lp/s20.src/img/dist/ 65 KB
65 KB 88ms
85ms Image
image/png 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/s20.src/img/dist/img-s20-grey-back.png

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

cc51604719129c70a852640967241293021dd2e1154c650d8d60df5f1daa6169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
content-length: 66271
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e4514b2-102df"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: AM5RgCr4puS5eGxLciiCs5h5OYU8lMrPhJyooXkkaS_dwtKuz9nrZQ==

GET
H2 200 moto-one-zoom.png
chooseandwinit.com/lp/s20.src/img/dist/ 98 KB
99 KB 93ms
91ms Image
image/png 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/s20.src/img/dist/moto-one-zoom.png

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b8a909ec51df9d03afbdfdeaae13cf468af89fcc1168e729b074482be18a98bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
content-length: 100462
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e4514b2-1886e"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: E81-dVOQn1VYmAn5rhbRDCVaPRZ06l7CumhJ984GdxjsxQF3ccv4Ew==

GET
H2 200 bg-blurred-shape.jpg
chooseandwinit.com/lp/s20.src/img/dist/ 146 KB
147 KB 95ms
93ms Image
image/jpeg 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/s20.src/img/dist/bg-blurred-shape.jpg

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ca5bbbb5b73c7917bde4aa4c020e22d8b824a81c33893b521dd58760bedfd2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
content-length: 149754
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e4514b2-248fa"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: hDpKyAqo21EiqtIAXPb_wu-kYQEOyVzv_0wX-aDxlivi2cHDboE5ow==

GET
H2 200 paycards.png
chooseandwinit.com/lp/_global/img/ 38 KB
39 KB 91ms
88ms Image
image/png 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/_global/img/paycards.png

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

bcbba6b1642f8d581cca594275c19501804c452b19376f27ffada1d5141c8389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:08 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68778
x-cache: Hit from cloudfront
status: 200
content-length: 39249
x-xss-protection: 1; mode=block
last-modified: Wed, 20 May 2020 07:51:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5ec4e16a-9951"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: FO-2HBtVd7lY0ZZhSPVccP6WEDz1MppCIqBZxF6byoSxNbcZzMXL6A==

GET
H2 200 bg-girl-01.jpg
chooseandwinit.com/lp/s20.src/img/dist/ 103 KB
104 KB 96ms
96ms Image
image/jpeg 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/s20.src/img/dist/bg-girl-01.jpg

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/lp/s20.src/main.css?1599302486

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

0e06fab0a951b98eb2bbba58b7adc0c8ff16480da239d227d6f0515bec173ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/lp/s20.src/main.css?1599302486
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
content-length: 105489
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e4514b2-19c11"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: uwOfqHAlkArj-8oYaXrCiorW375br14s5G9RZwWCxS-GWAS48_BNhg==

GET
H2 200 badge_bg1.png
chooseandwinit.com/lp/s20.src/img/dist/ 6 KB
7 KB 88ms
87ms Image
image/png 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/s20.src/img/dist/badge_bg1.png

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/lp/s20.src/main.css?1599302486

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

c41e3cf59d2bd2dccfed759ae0a72736faa553a14d2c267cd4a5f7fbf104613a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/lp/s20.src/main.css?1599302486
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
content-length: 6427
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e4514b2-191b"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: R_OV6FUdnI_OkkptKuOR95_RBQP52gQ5g9RyVYBjcq9XyY52PTv65A==

GET
H2 200 bg-pattern-dot.png
chooseandwinit.com/lp/s20.src/img/dist/ 129 B
556 B 86ms
86ms Image
image/png 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/s20.src/img/dist/bg-pattern-dot.png

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/lp/s20.src/main.css?1599302486

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d06c4f288ac5cffe9c5cd371b05c4971ce1d31ef448a11db125f9ad53e62b5b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/lp/s20.src/main.css?1599302486
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
content-length: 129
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Feb 2020 09:19:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e4514b2-81"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: YiXh5DgXZJ2_uN5Ks_VC4CLE4vuJMUyfVOFeEj4IIXVMMU9Jr5e-4Q==

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://chooseandwinit.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 09:06:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:02 GMT
server: sffe
age: 437674
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9728
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:06:52 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://chooseandwinit.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 09:03:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 437852
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:03:54 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://chooseandwinit.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 09:03:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 437854
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:03:52 GMT

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 13 KB
14 KB 19ms
18ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f

Request headers

Origin: https://chooseandwinit.com
Referer: https://use.fontawesome.com/releases/v5.8.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 10:41:26 GMT
last-modified: Thu, 21 Mar 2019 21:32:15 GMT
server: NetDNA-cache/2.2
status: 200
etag: "e6257a726a0cf6ec8c6fec22821c055f"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 13552

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
4ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 5146
date: Sat, 05 Sep 2020 09:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Sat, 05 Sep 2020 11:15:40 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=294410183&t=pageview&_s=1&dl=https%3A%2F%2Fchooseandwinit.com%2F&ul=en-us&de=UTF-8&dt=Samsung%20S20&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1746292780&gjid=1447814495&cid=493884247.1599302486&tid=UA-103066933-1&_gid=1869657409.1599302486&_r=1&z=1395944664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Sep 2020 10:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://chooseandwinit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-103066933-1&cid=493884247.1599302486&jid=1746292780&gjid=1447814495&_gid=1869657409.1599302486&_u=IEBAAEAAAAAAAC~&z=878487828

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 05 Sep 2020 10:41:26 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://chooseandwinit.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 44 B
375 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=&ev=PageView&noscript=1

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://chooseandwinit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 10:41:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 05 Sep 2020 10:41:26 GMT

GET
H2 200 flags.png
chooseandwinit.com/lp/_global/img/ 22 KB
23 KB 25ms
24ms Image
image/png 13.225.78.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chooseandwinit.com/lp/_global/img/flags.png

Requested by

Host: chooseandwinit.com
URL: https://chooseandwinit.com/lp/_global/css/global_custom_styles2.css?1599302486

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.105 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-105.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

bf910b387df8729b95fbaaba6991affef9ffbb682e227c875db3854b1a698657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chooseandwinit.com/lp/_global/css/global_custom_styles2.css?1599302486
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 15:35:34 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68752
x-cache: Hit from cloudfront
status: 200
content-length: 22791
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Feb 2019 12:24:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5c768172-5907"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: _GFTvIu7xp_7ip7FP3hLk2KS73y3CsJwt41XLibplhTNup6mmhQjDg==

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.chooseandwinit.com/	1970-01-19 12:15:02	Name: _gat Value: 1
.chooseandwinit.com/	1970-01-19 12:16:28	Name: _gid Value: GA1.2.1869657409.1599302486
.chooseandwinit.com/	1970-01-20 05:46:14	Name: _ga Value: GA1.2.493884247.1599302486
chooseandwinit.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7p4fqko6kuenie0j7ruot9vdfa

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
chooseandwinit.com
fonts.googleapis.com
fonts.gstatic.com
infopicked.com
malyla.com
mobi.billiwa.com
p185689.infopicked.com
puatrainimg.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
use.fontawesome.com
ww2.capitalonebanknj.com
www.facebook.com
www.gmmsafeads.com
www.google-analytics.com
13.225.78.105
136.244.114.164
173.192.101.24
2001:4de0:ac19::1:b:3b
212.32.237.101
23.111.9.35
2606:4700::6811:4e6b
2606:4700::6811:4f6b
2a00:1450:4001:800::200e
2a00:1450:4001:809::2003
2a00:1450:4001:81c::200a
2a00:1450:400c:c0c::9c
2a03:2880:f11c:8183:face:b00c:0:25de
31.170.100.125
35.190.66.152
46.137.70.201
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0e06fab0a951b98eb2bbba58b7adc0c8ff16480da239d227d6f0515bec173ec0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ed24992b5a443f34adc16400df494c2643881e81847a89113b951d9345ca2fd
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
33ce7c2eb124ab6d36d265cddad4ce595c62721c7c762306478aabf69079796c
3457e28382f91b725e2274ef5007cef9dc30199f09161469d883fe97e780c1fa
3b5232909c6d640ab494ac4ad5df9860b2098cabc0b6b874b65c90f1296d5ada
41c7868460c27952feb6c93ed6563cf8a36c53fa7b1ad20c0842a78e74a749b2
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
577d2e280b479b1c17a3f7644dd35848997ed2129b6d66f219ac5df389b20ca2
615df4f71340758c37525bb07df33843d94e4fe6349de8f6e00e1b816227027c
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ed570df04bb0639007539cc52b76dea504995f8c2fe98b3ac367f88ee90128f
96ca4ef27ef94ace66dfde3bbc337ad7df29e54660d0bf849333c851476a1d30
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
ac529e9f86f715c10af8f1aef6eab31844520c0f95c54edc93aa041eb8905b38
ae8f3444e44989fb489a8d8a65318509a2d814b9d3ef3af901a88430adffa55e
b8a909ec51df9d03afbdfdeaae13cf468af89fcc1168e729b074482be18a98bb
bc7d7fdfc12042b465e85bae53d971896a60dca56db4baad6cb3b3739fd15205
bcbba6b1642f8d581cca594275c19501804c452b19376f27ffada1d5141c8389
bf910b387df8729b95fbaaba6991affef9ffbb682e227c875db3854b1a698657
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079
c41e3cf59d2bd2dccfed759ae0a72736faa553a14d2c267cd4a5f7fbf104613a
ca5bbbb5b73c7917bde4aa4c020e22d8b824a81c33893b521dd58760bedfd2f2
cc51604719129c70a852640967241293021dd2e1154c650d8d60df5f1daa6169
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
d06c4f288ac5cffe9c5cd371b05c4971ce1d31ef448a11db125f9ad53e62b5b4
d2932dfb9340efee5320babaad438e35280bf1e27169dc0708edccf78a1129f9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f9d09c5b5baed9f808a57765f3d58c9b85e3c7ad84a00c2576e6ff5a55689de2
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

chooseandwinit.com Open in urlscan Pro 13.225.78.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

50 %IPv6

15 Domains

16 Subdomains

11 IPs

7 Countries

1272 kBTransfer

2102 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chooseandwinit.com Open in urlscan Pro
13.225.78.105 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

50 %
IPv6

15
Domains

16
Subdomains

11
IPs

7
Countries

1272 kB
Transfer

2102 kB
Size

4
Cookies

37 HTTP transactions
0 data transactions