urlscan.io logo urlscan.io
SecurityTrails logo

www.tradewins.com Open in urlscan Pro
67.227.208.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.tradingwithmanny.com/u/click?_t=22910c22682842989d32bf798bc31bde&_m=7455764c7c23478cb6a2bfb099090f1d&_e=T5r3DEp9ew112...
Effective URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Submission: On January 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 26 HTTP transactions. The main IP is 67.227.208.221, located in United States and belongs to LIQUIDWEB, US. The main domain is www.tradewins.com. The Cisco Umbrella rank of the primary domain is 578158.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on November 29th 2023. Valid for: a year.
This is the only time www.tradewins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 50.97.212.250 36351 (SOFTLAYER)
12 67.227.208.221 32244 (LIQUIDWEB)
2 34.107.203.240 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
2 35.192.151.63 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
26 8
2    2606:4700:3032::6815:18a5 (United States)

ASN13335 (CLOUDFLARENET, US)
links.tradingwithmanny.com
track.tradingwithmanny.com
1    50.97.212.250 (San Jose, United States)

ASN36351 (SOFTLAYER, US)
PTR: fa.d4.6132.ip4.static.sl-reverse.com
www.clkmg.com
12    67.227.208.221 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: dean.ctw1dns.com
www.tradewins.com
2    34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com
static.leadpages.net
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
js.center.io
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 tradewins.com
www.tradewins.com — Cisco Umbrella Rank: 578158
148 KB
4 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 46
51 KB
2 gstatic.com
fonts.gstatic.com
80 KB
2 leadpages.io
api.leadpages.io — Cisco Umbrella Rank: 40531
1 KB
2 center.io
js.center.io — Cisco Umbrella Rank: 47100
8 KB
2 leadpages.net
static.leadpages.net — Cisco Umbrella Rank: 46777
93 KB
2 tradingwithmanny.com
links.tradingwithmanny.com
track.tradingwithmanny.com
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
32 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
1 clkmg.com
www.clkmg.com — Cisco Umbrella Rank: 264575
954 B
26 10
Domain Requested by
12 www.tradewins.com www.tradewins.com
4 lh3.googleusercontent.com www.tradewins.com
2 fonts.gstatic.com fonts.googleapis.com
2 api.leadpages.io js.center.io
2 js.center.io www.tradewins.com
js.center.io
2 static.leadpages.net www.tradewins.com
static.leadpages.net
1 code.jquery.com www.tradewins.com
1 fonts.googleapis.com www.tradewins.com
1 www.clkmg.com 1 redirects
1 track.tradingwithmanny.com 1 redirects
1 links.tradingwithmanny.com 1 redirects
26 11

This site contains links to these domains. Also see Links.

Domain
tradewins.com
www.sec.gov
Subject Issuer Validity Valid
www.tradewins.com
AlphaSSL CA - SHA256 - G4		 2023-11-29 -
2024-12-30		 a year crt.sh
static.leadpages.net
GTS CA 1D4		 2023-12-14 -
2024-03-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
js.center.io
GTS CA 1D4		 2024-01-04 -
2024-04-03		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.leadpages.io
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Frame ID: 63282AEF4B49726C97D2D39972EA1752
Requests: 25 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 2D83CB21E3595C8817E3E31C5607C5C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chuck Hughes Trade of the Day

Page URL History Show full URLs

  1. https://links.tradingwithmanny.com/u/click?_t=22910c22682842989d32bf798bc31bde&_m=7455764c7c23478cb6a2bfb099090... HTTP 303
    https://track.tradingwithmanny.com/Fal-TW-TWM-0124-V1 HTTP 302
    https://www.clkmg.com/Tradingtips/Fal-TW-TWM-0124-V1 HTTP 302
    https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

8
IPs

2
Countries

416 kB
Transfer

606 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.tradingwithmanny.com/u/click?_t=22910c22682842989d32bf798bc31bde&_m=7455764c7c23478cb6a2bfb099090f1d&_e=T5r3DEp9ew112OAwMLg0Jz64sxlJ2vsLngff6jUTbmZLbKE615sURiqyqULPTsvsXk7_4PRv9IZspqHFXxH3Jg9JuXxwQZWTUJ9oCwdQy7FiewFBMZNhF-m8e_Q46QVYRJH-_92MaiU4pdG4v0Q9fKRIGi7kSflKuMBEPGRTDFg7yADqrNmP20JCMLjJm9T5eIz8ZRPlMjN-zrdmXb0hlSBdl-05q6GG-5swFwZikFUCLQoasTK3o5jQGHupPXnF HTTP 303
    https://track.tradingwithmanny.com/Fal-TW-TWM-0124-V1 HTTP 302
    https://www.clkmg.com/Tradingtips/Fal-TW-TWM-0124-V1 HTTP 302
    https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request optin2.html
www.tradewins.com/Funnel/OTME2022/
Redirect Chain
  • https://links.tradingwithmanny.com/u/click?_t=22910c22682842989d32bf798bc31bde&_m=7455764c7c23478cb6a2bfb099090f1d&_e=T5r3DEp9ew112OAwMLg0Jz64sxlJ2vsLngff6jUTbmZLbKE615sURiqyqULPTsvsXk7_4PRv9IZspqH...
  • https://track.tradingwithmanny.com/Fal-TW-TWM-0124-V1
  • https://www.clkmg.com/Tradingtips/Fal-TW-TWM-0124-V1
  • https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
117 KB
117 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.208.221 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dean.ctw1dns.com
Software
Apache /
Resource Hash
8fd6c468a3307c1090e09a68e9e8da316bd733e118a5aa94fe18e26cf8e0fbe5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
119758
Content-Type
text/html
Date
Thu, 18 Jan 2024 18:42:53 GMT
Keep-Alive
timeout=5, max=200
Last-Modified
Wed, 22 Feb 2023 20:48:50 GMT
Server
Apache

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
undefined-origin
Access-Control-Max-Age
300
Connection
keep-alive
Content-Length
248
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 18 Jan 2024 18:42:52 GMT
Location
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
P3P
CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Server
nginx
X-CM-FE
httpfe-01.clickmagick.com
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 		58 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 03:10:12 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
487961
etag
"MP3rjQ"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
7add10fe35731792b21979ba227490a6
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14628
expires
Sun, 12 Jan 2025 03:10:12 GMT
css
fonts.googleapis.com/ 		29 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Open+Sans:300,400,500,700
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
312bc2961d97074a491324854942b89f645e391287e15c3db481dc2bc7a44f2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Jan 2024 18:42:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 18:42:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Jan 2024 18:42:53 GMT
center.js
js.center.io/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:38:05 GMT
content-encoding
gzip
server
Google Frontend
age
288
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
c0f26c0d4c4106a3d166b7c10735b35c;o=1
cache-control
public, max-age=300
content-length
5417
expires
Thu, 18 Jan 2024 18:43:05 GMT
colorbox.css
www.tradewins.com/affiliate/assets/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tradewins.com/affiliate/assets/colorbox.css
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.208.221 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dean.ctw1dns.com
Software
Apache /
Resource Hash
269e2520c9ca8c7802db4cd679135a629ec36c5f7092c7e49afcdc77166e54c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform
Connection
Keep-Alive
Accept-Ranges
bytes
x-robots-tag
noindex
Keep-Alive
timeout=5, max=199
Content-Length
1191
Expires
Fri, 21 Dec 2020 00:00:00 GMT
jquery-1.10.2.min.js
code.jquery.com/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.10.2.min.js
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:42:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5561017
x-cache
HIT, HIT
content-length
32788
x-served-by
cache-lga13622-LGA, cache-fra-eddf8230048-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1705603374.665851,VS0,VE0
etag
W/"28feccc0-16bb3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
1, 71710
jquery.validate.min.js
www.tradewins.com/Promo%20Emails/WIN_AFF/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tradewins.com/Promo%20Emails/WIN_AFF/js/jquery.validate.min.js
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.208.221 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dean.ctw1dns.com
Software
Apache /
Resource Hash
7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform
Connection
Keep-Alive
Accept-Ranges
bytes
x-robots-tag
noindex
Keep-Alive
timeout=5, max=198
Content-Length
6362
Expires
Fri, 21 Dec 2020 00:00:00 GMT
jquery.tooltipster.min.js
www.tradewins.com/Promo%20Emails/WIN_AFF/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tradewins.com/Promo%20Emails/WIN_AFF/js/jquery.tooltipster.min.js
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.208.221 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dean.ctw1dns.com
Software
Apache /
Resource Hash
35d07fdc17b8580efd4cb97b36f64d1e0af1c5d74c73671ada69ce33f78eaad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform
Connection
Keep-Alive
Accept-Ranges
bytes
x-robots-tag
noindex
Keep-Alive
timeout=5, max=200
Content-Length
4713
Expires
Fri, 21 Dec 2020 00:00:00 GMT
placeholders.min.js
www.tradewins.com/Promo%20Emails/WIN_AFF/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tradewins.com/Promo%20Emails/WIN_AFF/js/placeholders.min.js
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.208.221 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dean.ctw1dns.com
Software
Apache /
Resource Hash
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform
Connection
Keep-Alive
Accept-Ranges
bytes
x-robots-tag
noindex
Keep-Alive
timeout=5, max=200
Content-Length
1633
Expires
Fri, 21 Dec 2020 00:00:00 GMT
spin.min.js
www.tradewins.com/Promo%20Emails/WIN_AFF/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tradewins.com/Promo%20Emails/WIN_AFF/js/spin.min.js
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.208.221 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dean.ctw1dns.com
Software
Apache /
Resource Hash
1c43ca73e4517a4cf15a24adeeb063722409714b8baa1eb213640ea6838cee45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform
Connection
Keep-Alive
Accept-Ranges
bytes
x-robots-tag
noindex
Keep-Alive
timeout=5, max=200
Content-Length
2046
Expires
Fri, 21 Dec 2020 00:00:00 GMT
cookies.js
www.tradewins.com/Promo%20Emails/WIN_AFF/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tradewins.com/Promo%20Emails/WIN_AFF/js/cookies.js
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.208.221 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dean.ctw1dns.com
Software
Apache /
Resource Hash
065d565ddc01dc6df364ff21355c628d92ac3c8c604f2dcc39bb4f86221b979b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform
Connection
Keep-Alive
Accept-Ranges
bytes
x-robots-tag
noindex
Keep-Alive
timeout=5, max=199
Content-Length
3531
Expires
Fri, 21 Dec 2020 00:00:00 GMT
functions.js
www.tradewins.com/Promo%20Emails/GROW_Funnel/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tradewins.com/Promo%20Emails/GROW_Funnel/functions.js
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.208.221 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dean.ctw1dns.com
Software
Apache /
Resource Hash
bf940c721e9479f00513c7ec98ced2fd8cf454a1ed5a408d691de46d33eaee86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform
Connection
Keep-Alive
Accept-Ranges
bytes
x-robots-tag
noindex
Keep-Alive
timeout=5, max=197
Content-Length
1017
Expires
Fri, 21 Dec 2020 00:00:00 GMT
newsletters.js
www.tradewins.com/affiliate/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tradewins.com/affiliate/js/newsletters.js
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.208.221 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dean.ctw1dns.com
Software
Apache /
Resource Hash
b51117473486b01ce5e0d97ac3639f1975a6471b8131855599e1b431633595d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform
Connection
Keep-Alive
Accept-Ranges
bytes
x-robots-tag
noindex
Keep-Alive
timeout=5, max=199
Content-Length
1431
Expires
Fri, 21 Dec 2020 00:00:00 GMT
jquery.colorbox-min.js
www.tradewins.com/affiliate/assets/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tradewins.com/affiliate/assets/jquery.colorbox-min.js
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.208.221 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dean.ctw1dns.com
Software
Apache /
Resource Hash
05bddd15c0564e9600b264f57c1e29d000c8dff4f98a64c3c1de34bee385a077

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform
Connection
Keep-Alive
Accept-Ranges
bytes
x-robots-tag
noindex
Keep-Alive
timeout=5, max=199
Content-Length
4469
Expires
Fri, 21 Dec 2020 00:00:00 GMT
exit_intent.css
www.tradewins.com/Promo%20Emails/OTME/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tradewins.com/Promo%20Emails/OTME/exit_intent.css
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.208.221 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dean.ctw1dns.com
Software
Apache /
Resource Hash
63a554c9285d6ee433cf67d81bd3a97013e49ee07a3b856c2308165ec1002ea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform
Connection
Keep-Alive
Accept-Ranges
bytes
x-robots-tag
noindex
Keep-Alive
timeout=5, max=200
Content-Length
687
Expires
Fri, 21 Dec 2020 00:00:00 GMT
Fx9IPKZpi9Bg0s7Cij_vahbwVr2DmV199B6GeV72lAdaKymeSMiQRV_nkqOIObHdKZlf9XpYFwMq_Has3k2yEVs=w16
lh3.googleusercontent.com/ 		486 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Fx9IPKZpi9Bg0s7Cij_vahbwVr2DmV199B6GeV72lAdaKymeSMiQRV_nkqOIObHdKZlf9XpYFwMq_Has3k2yEVs=w16
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fc1e2cd033a6cf3005627baab6afe2090d98301b1dda49a15cbec0fc048e129a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:42:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
486
x-xss-protection
0
expires
Fri, 19 Jan 2024 18:42:53 GMT
ad-VjExsAFXjH0ewr3ZV_K4GvPEkvGnnLmneVATQZ_H8-50aXWWP85GC_suwi7O45ToTIwplaE8EfxFE0m2d=w16
lh3.googleusercontent.com/ 		486 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/ad-VjExsAFXjH0ewr3ZV_K4GvPEkvGnnLmneVATQZ_H8-50aXWWP85GC_suwi7O45ToTIwplaE8EfxFE0m2d=w16
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8b67a9a7101befe7a58ee53144ed3f149d4a8eb377b3290aea18dba26246e489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:42:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
486
x-xss-protection
0
expires
Fri, 19 Jan 2024 18:42:53 GMT
identify.html
js.center.io/ Frame 2D83 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer
https://www.tradewins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
212
cache-control
public, max-age=300
content-encoding
gzip
content-length
2016
content-type
text/html
date
Thu, 18 Jan 2024 18:39:21 GMT
etag
"OMWYXg"
expires
Thu, 18 Jan 2024 18:44:21 GMT
server
Google Frontend
x-cloud-trace-context
a84f0c70e30c09b8f6a14350189a4ee5
c.php
www.tradewins.com/affiliate/js/ 		695 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tradewins.com/affiliate/js/c.php
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.208.221 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dean.ctw1dns.com
Software
Apache / PHP/5.4.45
Resource Hash
025ff6930b19e8dc4c29f22f5e734a6321bab9294e9edc591aa5162352736a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:53 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/5.4.45
Keep-Alive
timeout=5, max=199
Transfer-Encoding
chunked
Content-Type
image/jpg
capture
api.leadpages.io/analytics/v1/events/ 		35 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=8wg3iR6hzrMaC69Vs2TJ7X&v=&e=&st=&lc=en-US&pid=kZ6PgwGcYzXceEKnHhqqCP-default-prop&uid=h2wgefPE4PYrdbRUueqGA6&sid=c8WapT8yusgGhaaE65rgbd&cid=lp-8wg3iR6hzrMaC69Vs2TJ7X&uri=https%3A%2F%2Fwww.tradewins.com%2FFunnel%2FOTME2022%2Foptin2.html%3FSID%3D201579&rf=&rx=1600&ry=1200&tz=%2B01%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:54 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://www.tradewins.com
X-Forwarded-For
37.58.58.245
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00q83driqkbvlnpng3kg
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tradewins.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 11:02:10 GMT
x-content-type-options
nosniff
age
114044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 11:02:10 GMT
fa-solid-900.woff2
static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
Requested by
Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer
https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Origin
https://www.tradewins.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:31:14 GMT
via
1.1 google
server
Google Frontend
age
648700
etag
"MP3rjQ"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-cloud-trace-context
b3649929f849004b48ca06ee7f2b9cf3
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80148
expires
Fri, 10 Jan 2025 06:31:14 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tradewins.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 06:47:56 GMT
x-content-type-options
nosniff
age
129298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 06:47:56 GMT
Fx9IPKZpi9Bg0s7Cij_vahbwVr2DmV199B6GeV72lAdaKymeSMiQRV_nkqOIObHdKZlf9XpYFwMq_Has3k2yEVs=w105
lh3.googleusercontent.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Fx9IPKZpi9Bg0s7Cij_vahbwVr2DmV199B6GeV72lAdaKymeSMiQRV_nkqOIObHdKZlf9XpYFwMq_Has3k2yEVs=w105
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d8f66349c2e4e15c7c16ff0d95919be32a7f863ea8080e69ea2cb3bca9f95f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:42:54 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4967
x-xss-protection
0
expires
Fri, 19 Jan 2024 18:42:54 GMT
ad-VjExsAFXjH0ewr3ZV_K4GvPEkvGnnLmneVATQZ_H8-50aXWWP85GC_suwi7O45ToTIwplaE8EfxFE0m2d=w504
lh3.googleusercontent.com/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/ad-VjExsAFXjH0ewr3ZV_K4GvPEkvGnnLmneVATQZ_H8-50aXWWP85GC_suwi7O45ToTIwplaE8EfxFE0m2d=w504
Requested by
Host: www.tradewins.com
URL: https://www.tradewins.com/Funnel/OTME2022/optin2.html?SID=201579
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ad6f7c8b1c9f3a99fe07fe507535089362e02922ae9b8d5549f23cb18a233e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:42:54 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46129
x-xss-protection
0
expires
Fri, 19 Jan 2024 18:42:54 GMT
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=BsrXAwW2GdjYDbofbB8bzk&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=73.40000057220459,40.60000038146973,1,425
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tradewins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 18:42:58 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://www.tradewins.com
X-Forwarded-For
37.58.58.245
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00q83ervet2qtjt1k6vg

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| LeadPagesCenterObject function| center function| $ function| jQuery object| Placeholders function| Spinner function| setCookie function| setCookieWithTime function| getCookie function| checkCookies function| updateFields function| replaceBetween function| formHijacker function| deleteCookie function| detHTML5 function| removeVideo function| restartVideo function| inIframe function| checkForStaying boolean| staying function| appendMPID function| appendXYZ function| appendimsclid function| appendimsclid2 function| getMPID function| getXYZ function| getimsclid function| getimsclid2 object| noExitPops object| sup function| ChangeCountryAndStateLabel object| self_anchor boolean| showColorbox

12 Cookies

Domain/Path Name / Value
.api.leadpages.io/analytics/v1/events/capture Name: view.kZ6PgwGcYzXceEKnHhqqCP-default-prop.8wg3iR6hzrMaC69Vs2TJ7X
Value: 1705603374000
.tradingwithmanny.com/ Name: iterableEmailCampaignId
Value: 8782536
.tradingwithmanny.com/ Name: iterableTemplateId
Value: 11628181
.tradingwithmanny.com/ Name: iterableMessageId
Value: 7455764c7c23478cb6a2bfb099090f1d
.tradingwithmanny.com/ Name: iterableEndUserId
Value: shogle%40americanbus.com
links.tradingwithmanny.com/ Name: XSRF-TOKEN
Value: c3e314ee168ca6b4393bbb79902107478d68cff0-1705603371231-af330c45cd8b13a0a4bf1bab
.clkmg.com/ Name: vid
Value: 951279448
js.center.io/ Name: centerVisitorId
Value: h2wgefPE4PYrdbRUueqGA6
.tradewins.com/ Name: AFID
Value: undefined
.tradewins.com/ Name: date
Value: 1705603374119
.tradewins.com/ Name: MPID
Value: 201579
.tradewins.com/ Name: pixel
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
js.center.io
lh3.googleusercontent.com
links.tradingwithmanny.com
static.leadpages.net
track.tradingwithmanny.com
www.clkmg.com
www.tradewins.com
2001:4860:4802:36::15
2606:4700:3032::6815:18a5
2a00:1450:4001:811::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a04:4e42:600::649
34.107.203.240
35.192.151.63
50.97.212.250
67.227.208.221
025ff6930b19e8dc4c29f22f5e734a6321bab9294e9edc591aa5162352736a11
05bddd15c0564e9600b264f57c1e29d000c8dff4f98a64c3c1de34bee385a077
065d565ddc01dc6df364ff21355c628d92ac3c8c604f2dcc39bb4f86221b979b
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1c43ca73e4517a4cf15a24adeeb063722409714b8baa1eb213640ea6838cee45
269e2520c9ca8c7802db4cd679135a629ec36c5f7092c7e49afcdc77166e54c0
312bc2961d97074a491324854942b89f645e391287e15c3db481dc2bc7a44f2e
35d07fdc17b8580efd4cb97b36f64d1e0af1c5d74c73671ada69ce33f78eaad0
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
63a554c9285d6ee433cf67d81bd3a97013e49ee07a3b856c2308165ec1002ea6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6
8b67a9a7101befe7a58ee53144ed3f149d4a8eb377b3290aea18dba26246e489
8fd6c468a3307c1090e09a68e9e8da316bd733e118a5aa94fe18e26cf8e0fbe5
ad6f7c8b1c9f3a99fe07fe507535089362e02922ae9b8d5549f23cb18a233e7e
b51117473486b01ce5e0d97ac3639f1975a6471b8131855599e1b431633595d2
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bf940c721e9479f00513c7ec98ced2fd8cf454a1ed5a408d691de46d33eaee86
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d8f66349c2e4e15c7c16ff0d95919be32a7f863ea8080e69ea2cb3bca9f95f70
fc1e2cd033a6cf3005627baab6afe2090d98301b1dda49a15cbec0fc048e129a