urlscan.io logo urlscan.io
SecurityTrails logo

bewinto.com Open in urlscan Pro
185.13.5.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://theigrok.esthandler.com/click/D2h1ddw8yv/B8A591m/aHR0cDovL2Jld2ludG8uY29tL3BheS5odG1s/d7ccafde0d78392d80488a7118861fc5bf...
Effective URL: https://bewinto.com/pay.html
Submission: On October 16 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 35 HTTP transactions. The main IP is 185.13.5.59, located in Ukraine and belongs to FREEHOST, UA. The main domain is bewinto.com.
TLS certificate: Issued by R3 on September 3rd 2023. Valid for: 3 months.
This is the only time bewinto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.101.181.234 198068 (PAGM-AS)
1 19 185.13.5.59 42331 (FREEHOST)
1 151.101.194.137 54113 (FASTLY)
2 172.253.63.97 15169 (GOOGLE)
1 104.18.22.52 13335 (CLOUDFLAR...)
1 172.253.115.95 15169 (GOOGLE)
4 172.64.131.9 13335 (CLOUDFLAR...)
5 142.251.163.94 15169 (GOOGLE)
3 142.251.163.138 15169 (GOOGLE)
35 8
1    5.101.181.234 (Jõhvi, Estonia)

ASN198068 (PAGM-AS, EE)
PTR: s30a88819.fastvps-server.com
theigrok.esthandler.com
19    185.13.5.59 (Ukraine)

ASN42331 (FREEHOST, UA)
PTR: s59.freehost.com.ua
bewinto.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
1    104.18.22.52 (None, )

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net
fonts.googleapis.com
4    172.64.131.9 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
5    142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net
fonts.gstatic.com
3    142.251.163.138 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f138.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
19 bewinto.com
bewinto.com
195 KB
5 gstatic.com
fonts.gstatic.com
93 KB
5 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1848
ka-f.fontawesome.com — Cisco Umbrella Rank: 3656
99 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
156 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 925
33 KB
1 esthandler.com
theigrok.esthandler.com
1 KB
35 8
Domain Requested by
19 bewinto.com 1 redirects bewinto.com
5 fonts.gstatic.com bewinto.com
fonts.googleapis.com
4 ka-f.fontawesome.com kit.fontawesome.com
bewinto.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com bewinto.com
www.googletagmanager.com
1 fonts.googleapis.com bewinto.com
1 kit.fontawesome.com bewinto.com
1 code.jquery.com bewinto.com
1 theigrok.esthandler.com 1 redirects
35 9

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
t.me
www.youtube.com
Subject Issuer Validity Valid
bewinto.com
R3		 2023-09-03 -
2023-12-02		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2023-09-10 -
2023-12-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bewinto.com/pay.html
Frame ID: 0BAE69FA048BEE40892BF483B2441E96
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Оплата информации и выигрыш благодаря нашим спортивным прогнозам | Bewinto.com

Page URL History Show full URLs

  1. http://theigrok.esthandler.com/click/D2h1ddw8yv/B8A591m/aHR0cDovL2Jld2ludG8uY29tL3BheS5odG1s/d7ccafde0d7839... HTTP 302
    http://bewinto.com/pay.html HTTP 301
    https://bewinto.com/pay.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

597 kB
Transfer

1289 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://theigrok.esthandler.com/click/D2h1ddw8yv/B8A591m/aHR0cDovL2Jld2ludG8uY29tL3BheS5odG1s/d7ccafde0d78392d80488a7118861fc5bf8afce1 HTTP 302
    http://bewinto.com/pay.html HTTP 301
    https://bewinto.com/pay.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pay.html
bewinto.com/
Redirect Chain
  • http://theigrok.esthandler.com/click/D2h1ddw8yv/B8A591m/aHR0cDovL2Jld2ludG8uY29tL3BheS5odG1s/d7ccafde0d78392d80488a7118861fc5bf8afce1
  • http://bewinto.com/pay.html
  • https://bewinto.com/pay.html
18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx / PHP/7.4.5
Resource Hash
bfaabcb1ae118d6dcd9df208c987a7564c1a5ba67cc02eacfc21c9799a403cad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 17:50:35 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.5

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Mon, 16 Oct 2023 17:50:35 GMT
Location
https://bewinto.com/pay.html
Server
nginx
style.css
bewinto.com/files/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bewinto.com/files/style.css
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
2ad2d60957d762dc7e346fb6647b073dc42ee62bb9a1636576b607d185973f68

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:35 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 09:40:47 GMT
server
nginx
etag
W/"62de651f-19ac"
vary
Accept-Encoding
content-type
text/css
font-awesome.min.css
bewinto.com/files/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bewinto.com/files/font-awesome.min.css
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
74a07b8e24e9ade8f92e5d5d159ab97e45528836bd364667958ee2106825a770

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:35 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 09:40:45 GMT
server
nginx
etag
W/"62de651d-71a0"
vary
Accept-Encoding
content-type
text/css
bootstrap.min.css
bewinto.com/files/ 		100 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bewinto.com/files/bootstrap.min.css
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
a2700e0f88eedbb0c8cf65d45fe8457aaaf632058ff84ff1cd2f7446edd21f71

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:35 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 09:40:44 GMT
server
nginx
etag
W/"62de651c-18ed3"
vary
Accept-Encoding
content-type
text/css
css_style_1.css
bewinto.com/files/ 		110 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bewinto.com/files/css_style_1.css
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
6be4e1d97f843bbeac5903cbf575e6907e21b781087ac425e059997460ed3651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:35 GMT
content-encoding
gzip
last-modified
Sun, 24 Sep 2023 12:44:07 GMT
server
nginx
etag
W/"65102f17-1b94c"
vary
Accept-Encoding
content-type
text/css
css_style_2.css
bewinto.com/files/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bewinto.com/files/css_style_2.css
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
a60592c93462755449db5a56d69e805af1f82ae4281be97aab99e95b35a06a00

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:35 GMT
content-encoding
gzip
last-modified
Fri, 22 Sep 2023 07:33:48 GMT
server
nginx
etag
W/"650d435c-8c15"
vary
Accept-Encoding
content-type
text/css
jquery.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery.min.js
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2676435
x-cache
HIT, HIT
content-length
33226
x-served-by
cache-lga13621-LGA, cache-yyz4560-YYZ
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1697478636.803279,VS0,VE0
etag
W/"28feccc0-1764d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
16, 1006
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-87183511-1
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
2fc48c2f56bd567623af7f99a4c6c23c4c579aac99a61831a23fca83240852b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68249
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 17:50:36 GMT
954b10b664.js
kit.fontawesome.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/954b10b664.js
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2229e28fb8e923eb4af17ab6f5f0d5684a5e6568e229b6080b2d8fd05a6cbfd2

Request headers

Referer
https://bewinto.com/
Origin
https://bewinto.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:35 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
81722521cbad3a00-YYZ
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F46n017ZDEyEDuiuY21i
logo_min.png
bewinto.com/files/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewinto.com/files/logo_min.png
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
63cc2dba69f2e57fb1c31fdfb2ec57a375054361fbcc7998ab72ed8f25f1464b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:35 GMT
last-modified
Mon, 25 Jul 2022 09:40:45 GMT
server
nginx
accept-ranges
bytes
etag
"62de651d-1c2a"
content-length
7210
content-type
image/png
ukraine.png
bewinto.com/files/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewinto.com/files/ukraine.png
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
bc247444793e4ac38a379560f9cdf588d6ad0182a136c3268df347b04cb9debe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:35 GMT
last-modified
Mon, 25 Jul 2022 09:40:47 GMT
server
nginx
accept-ranges
bytes
etag
"62de651f-465"
content-length
1125
content-type
image/png
kazahstan.png
bewinto.com/files/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewinto.com/files/kazahstan.png
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
1f64eb6b6b149258f3a7099882f677bc91e5599a1ce65148e9ab632427c5066c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
last-modified
Mon, 25 Jul 2022 09:40:45 GMT
server
nginx
accept-ranges
bytes
etag
"62de651d-2346"
content-length
9030
content-type
image/png
sberbank.png
bewinto.com/files/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewinto.com/files/sberbank.png
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
ae60326212aef0275043dde602bcde6ea90b571365f56cc9acc963ddacc9d7cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
last-modified
Mon, 25 Jul 2022 09:40:46 GMT
server
nginx
accept-ranges
bytes
etag
"62de651e-2c2c"
content-length
11308
content-type
image/png
qiwi.png
bewinto.com/files/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewinto.com/files/qiwi.png
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
b2d2759fab68453def41924ee0bdc73ac8958e2fe8b93ce909452c2608e0406a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
last-modified
Mon, 25 Jul 2022 09:40:46 GMT
server
nginx
accept-ranges
bytes
etag
"62de651e-1994"
content-length
6548
content-type
image/png
webmoney.png
bewinto.com/files/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewinto.com/files/webmoney.png
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
db1c0c3238c96911da260bfd7a17ddd03faef77b2541a5456d48a6aa9ff86d4a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
last-modified
Mon, 25 Jul 2022 09:40:47 GMT
server
nginx
accept-ranges
bytes
etag
"62de651f-3dca"
content-length
15818
content-type
image/png
paypal.png
bewinto.com/files/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewinto.com/files/paypal.png
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
8893b59134f0f5a4db7e583fdd8e07d6955704cfdc5996c72a7e96ffc9f814f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
last-modified
Mon, 25 Jul 2022 09:40:45 GMT
server
nginx
accept-ranges
bytes
etag
"62de651d-154f"
content-length
5455
content-type
image/png
scrill.png
bewinto.com/files/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewinto.com/files/scrill.png
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
9ce6933548e0092ff1d748bf786d13861d76de277f886b35d89730c7c4e18cc1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
last-modified
Mon, 25 Jul 2022 09:40:46 GMT
server
nginx
accept-ranges
bytes
etag
"62de651e-149c"
content-length
5276
content-type
image/png
crypto.png
bewinto.com/files/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewinto.com/files/crypto.png
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
37f9e99b329b3de0cf647bd589ac50214748455120b9057bcb7549844ff04285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
last-modified
Thu, 03 Nov 2022 15:00:31 GMT
server
nginx
accept-ranges
bytes
etag
"6363d78f-30dc"
content-length
12508
content-type
image/png
wu.png
bewinto.com/files/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewinto.com/files/wu.png
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
fa3a95775844257a243cae6b3357bcff8aa07e0ac866be56209c2ae576d91360

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
last-modified
Mon, 25 Jul 2022 09:40:48 GMT
server
nginx
accept-ranges
bytes
etag
"62de6520-3ced"
content-length
15597
content-type
image/png
logo_white.png
bewinto.com/files/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewinto.com/files/logo_white.png
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
e346e88a125611e912ae0303329b69f519f3f3816061e3cd5dbcec7deffa578b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
last-modified
Mon, 25 Jul 2022 09:40:45 GMT
server
nginx
accept-ranges
bytes
etag
"62de651d-1a85"
content-length
6789
content-type
image/png
bootstrap.min.js
bewinto.com/files/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewinto.com/files/bootstrap.min.js
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.13.5.59 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS
s59.freehost.com.ua
Software
nginx /
Resource Hash
13d9e9ce4061c6b648768b09a36d000a7bfba969d4570cf329f938ede6a8f393

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/pay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 09:40:44 GMT
server
nginx
etag
W/"62de651c-6c64"
vary
Accept-Encoding
content-type
application/javascript
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,100,700&subset=latin,cyrillic
Requested by
Host: bewinto.com
URL: https://bewinto.com/files/css_style_1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
afa331f567660b45a494e28bb3782f7394f9f5af26e81fa0dddf9a1059bb6b17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 17:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 17:50:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 17:50:36 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=954b10b664
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/954b10b664.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.131.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
via
1.1 cea4663e4864185add284e6e883e90f2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G26r1s72JWVDbeHoO4jd824nCFjFinJWLJKLSTfDg3aAFX90TWfqJVItKqFHwm1mOhsxEZdUQ2P97Nsr4y4UlRcwQA9o23KLxMHZy0iBUupNQQ7yh%2Fi7pMBkC5DCjme%2Bgc60Uk%2BXvA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
817225254d6d1931-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
wHIaaKqNLCPgquJOJL3pkHJtqWj9UD-rtlMmIRabSRVjDB_JXMNzVA==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=954b10b664
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/954b10b664.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.131.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
via
1.1 1d0c8380d9f12c4c559633dbe9e5eeca.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJy8g2vKO%2F%2Fo6qOKyC5zx9IUEfEBimrr%2B%2Fqs18hRIc7feaKjEeg5AFua6gIb08BNBdYggi%2F8srdG1XXCy5FgkxBAkf3hKE9%2FYumuZ3PEOsAiEuxLNLKqoxUOWduaUqfrsvCsIkiGkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
817225254d6c1931-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
23CI00x4v7hZGbyIV-bUUa4fcQzw8NJVpZ0FrYMg4pjqng8hDqASyw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=954b10b664
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/954b10b664.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.131.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puvwATvB7zC4h7dLcWNrTXJv93vyUb1COxNky%2FCqXcJZNMR72mdYL%2Fve3xz8YcM8ZYvg%2BDUROHB3KVv9qIH3hFbTXp1nDLJG5gPJU0W1MxU6zAyAVm77CKfwmP%2BOZXZmUr7p6fYSzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
817225254d691931-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
pINyTj5-oqCnhde88S3VfUB4iE216PZT7ZGNOFjJkxLsaOTY8LTDtg==
ZvqiGg27-1PW7JHPGOnJEBTbgVql8nDJpwnrE27mub0.woff2
fonts.gstatic.com/s/exo2/v3/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v3/ZvqiGg27-1PW7JHPGOnJEBTbgVql8nDJpwnrE27mub0.woff2
Requested by
Host: bewinto.com
URL: https://bewinto.com/files/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
1175d4a09eb675a4780d70ccf0ed0f1fe57c90a20949a5adf512acb2e5dd621e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bewinto.com/
Origin
https://bewinto.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10504
x-xss-protection
0
last-modified
Wed, 27 Aug 2014 14:56:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Oct 2024 17:50:36 GMT
TZlHHgxEfHXA7uKM1eaCjfesZW2xOQ-xsNqO47m55DA.woff2
fonts.gstatic.com/s/exo2/v3/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v3/TZlHHgxEfHXA7uKM1eaCjfesZW2xOQ-xsNqO47m55DA.woff2
Requested by
Host: bewinto.com
URL: https://bewinto.com/files/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
19db8485aa86357daa3f9d9a0f62ec0b93c07c7920293bdd0cada32a5362ded3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bewinto.com/
Origin
https://bewinto.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 13:42:45 GMT
x-content-type-options
nosniff
age
14871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19120
x-xss-protection
0
last-modified
Wed, 27 Aug 2014 15:23:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Oct 2024 13:42:45 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v33/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v33/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,100,700&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bewinto.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:33:10 GMT
x-content-type-options
nosniff
age
343046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:33:10 GMT
-A4eIjQkAwKL411pgtQ4VA.woff2
fonts.gstatic.com/s/exo2/v3/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v3/-A4eIjQkAwKL411pgtQ4VA.woff2
Requested by
Host: bewinto.com
URL: https://bewinto.com/files/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
25706f2aee8b387e4ce26b4cbcf4a6b79d385c1415f21baa41706fc7ed4520ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bewinto.com/
Origin
https://bewinto.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:10:22 GMT
x-content-type-options
nosniff
age
344414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19516
x-xss-protection
0
last-modified
Wed, 27 Aug 2014 15:24:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:10:22 GMT
pEbpp8gu02JrI5SDG9jj6g.woff2
fonts.gstatic.com/s/exo2/v3/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v3/pEbpp8gu02JrI5SDG9jj6g.woff2
Requested by
Host: bewinto.com
URL: https://bewinto.com/files/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
7e6f9e9df8c0b416e1baec0d31dee5ef45742066c4398e13dbe640d5fce803f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bewinto.com/
Origin
https://bewinto.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10496
x-xss-protection
0
last-modified
Wed, 27 Aug 2014 14:56:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Oct 2024 17:50:36 GMT
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by
Host: bewinto.com
URL: https://bewinto.com/pay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.131.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer
https://bewinto.com/
Origin
https://bewinto.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
via
1.1 c05b7ff061569d914bb28a2bfaa77d34.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
76736
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yulfx3SEEu76sOek1rNW42bmA4Xc63AQQZAm%2FKy8NXBNBKXDxrq1HBUgWpJbBkoBKGW6YBkLO5%2F97%2FOOQOlYiXZNiw1na9IYcFtGITo%2BKSJioYiJ7mJH9oEM385qIAkeX13zTap9ug%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
81722525cde91931-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
tWMMT03SHAKhCmpZCi-bAZOLnQvx0qSED__sdgi2qXVVCNOoZLt4hg==
js
www.googletagmanager.com/gtag/ 		265 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KX123ETEGM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87183511-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
dca5949f4c183d6f4a8f4c8cc4538921eab0deca6b95feec17dde0311d2c1f0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:50:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90593
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 17:50:36 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87183511-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 17:46:05 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
271
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 16 Oct 2023 19:46:05 GMT
collect
www.google-analytics.com/g/ 		0
159 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-KX123ETEGM&gtm=45je3ab0&_p=370945918&cid=1857520481.1697478637&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1697478636&sct=1&seg=0&dl=https%3A%2F%2Fbewinto.com%2Fpay.html&dt=%D0%9E%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%B8%20%D0%B8%20%D0%B2%D1%8B%D0%B8%D0%B3%D1%80%D1%8B%D1%88%20%D0%B1%D0%BB%D0%B0%D0%B3%D0%BE%D0%B4%D0%B0%D1%80%D1%8F%20%D0%BD%D0%B0%D1%88%D0%B8%D0%BC%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%BC%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%D0%B0%D0%BC%20%7C%20Bewinto.com&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KX123ETEGM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bewinto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 17:50:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bewinto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=370945918&t=pageview&_s=1&dl=https%3A%2F%2Fbewinto.com%2Fpay.html&ul=en-us&de=UTF-8&dt=%D0%9E%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%B8%20%D0%B8%20%D0%B2%D1%8B%D0%B8%D0%B3%D1%80%D1%8B%D1%88%20%D0%B1%D0%BB%D0%B0%D0%B3%D0%BE%D0%B4%D0%B0%D1%80%D1%8F%20%D0%BD%D0%B0%D1%88%D0%B8%D0%BC%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%BC%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%D0%B0%D0%BC%20%7C%20Bewinto.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2005134733&gjid=1938006341&cid=1857520481.1697478637&tid=UA-87183511-1&_gid=686098051.1697478637&_r=1&gtm=457e3ab0&jsscut=1&z=1315935130
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bewinto.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 17:50:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bewinto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| gtag object| dataLayer object| FontAwesomeKitConfig object| jQuery111103280200351969613 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

6 Cookies

Domain/Path Name / Value
theigrok.esthandler.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjJWNmhBTmVsdzNwYU5MaS81RG03ZXc9PSIsInZhbHVlIjoiNFZ3WDBvWklBR2VKaThINGtyS2dzbmt5ZkJCTkxKNmxXZ0VTMnJSWVlad1hmMldQTTJLeGFnNW9aZ0RRY1NJS0pkTHVpdG5FQ2JTNzliUXlLdkNNTUtaTklRZ1hBYkdmaURxL3J3ODFxaS9Sc1J1clY2eTV2VC9QejRNS042YVAiLCJtYWMiOiJlODg1MGQ1ZGVhZGQwYzE0ODJlYmQyNzY0MDU5OWMxNWI4N2RkNDE4ZDViOGMwMzgzMDY4MjE1MjlmM2YwMjA1In0%3D
theigrok.esthandler.com/ Name: laravel_session
Value: eyJpdiI6IlJOVmZBYWhRaEJYYzdwZ2NkV3VZdWc9PSIsInZhbHVlIjoiSVFqVEJ1SEpFOXRYMFovdUpwWGY2ZU03RU1Ib1FFYllqOGZHdmJXUUYvNHRrazZIVFVBUEhBM2RXMTE3b0hYSWdSVVh6TlNmTGlmYTE0YjdEQ0syTkJxTXpkbExHYjhYa1NMWmk0RzVBV2lZYmNIajJpSWlaWldXYVd1MFY5NTEiLCJtYWMiOiJiZDFlYTc5MmQ4MjRhZDM4MGFjMjU0NDVlMjdmZjEyMTA1ZDg1OTFiMWQwMDQ1NmJhNjMyMmQwOTFmZDhjN2ExIn0%3D
.bewinto.com/ Name: _ga_KX123ETEGM
Value: GS1.1.1697478636.1.0.1697478636.0.0.0
.bewinto.com/ Name: _ga
Value: GA1.2.1857520481.1697478637
.bewinto.com/ Name: _gid
Value: GA1.2.686098051.1697478637
.bewinto.com/ Name: _gat_gtag_UA_87183511_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bewinto.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
theigrok.esthandler.com
www.google-analytics.com
www.googletagmanager.com
104.18.22.52
142.251.163.138
142.251.163.94
151.101.194.137
172.253.115.95
172.253.63.97
172.64.131.9
185.13.5.59
5.101.181.234
1175d4a09eb675a4780d70ccf0ed0f1fe57c90a20949a5adf512acb2e5dd621e
13d9e9ce4061c6b648768b09a36d000a7bfba969d4570cf329f938ede6a8f393
19db8485aa86357daa3f9d9a0f62ec0b93c07c7920293bdd0cada32a5362ded3
1f64eb6b6b149258f3a7099882f677bc91e5599a1ce65148e9ab632427c5066c
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
2229e28fb8e923eb4af17ab6f5f0d5684a5e6568e229b6080b2d8fd05a6cbfd2
25706f2aee8b387e4ce26b4cbcf4a6b79d385c1415f21baa41706fc7ed4520ea
2ad2d60957d762dc7e346fb6647b073dc42ee62bb9a1636576b607d185973f68
2fc48c2f56bd567623af7f99a4c6c23c4c579aac99a61831a23fca83240852b7
37f9e99b329b3de0cf647bd589ac50214748455120b9057bcb7549844ff04285
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376
63cc2dba69f2e57fb1c31fdfb2ec57a375054361fbcc7998ab72ed8f25f1464b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be4e1d97f843bbeac5903cbf575e6907e21b781087ac425e059997460ed3651
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
74a07b8e24e9ade8f92e5d5d159ab97e45528836bd364667958ee2106825a770
7e6f9e9df8c0b416e1baec0d31dee5ef45742066c4398e13dbe640d5fce803f7
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8893b59134f0f5a4db7e583fdd8e07d6955704cfdc5996c72a7e96ffc9f814f4
9ce6933548e0092ff1d748bf786d13861d76de277f886b35d89730c7c4e18cc1
a2700e0f88eedbb0c8cf65d45fe8457aaaf632058ff84ff1cd2f7446edd21f71
a60592c93462755449db5a56d69e805af1f82ae4281be97aab99e95b35a06a00
ae60326212aef0275043dde602bcde6ea90b571365f56cc9acc963ddacc9d7cf
afa331f567660b45a494e28bb3782f7394f9f5af26e81fa0dddf9a1059bb6b17
b2d2759fab68453def41924ee0bdc73ac8958e2fe8b93ce909452c2608e0406a
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
bc247444793e4ac38a379560f9cdf588d6ad0182a136c3268df347b04cb9debe
bfaabcb1ae118d6dcd9df208c987a7564c1a5ba67cc02eacfc21c9799a403cad
db1c0c3238c96911da260bfd7a17ddd03faef77b2541a5456d48a6aa9ff86d4a
dca5949f4c183d6f4a8f4c8cc4538921eab0deca6b95feec17dde0311d2c1f0e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e346e88a125611e912ae0303329b69f519f3f3816061e3cd5dbcec7deffa578b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa3a95775844257a243cae6b3357bcff8aa07e0ac866be56209c2ae576d91360
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda