urlscan.io logo urlscan.io
SecurityTrails logo

5hewin.com Open in urlscan Pro
74.206.103.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://go.prizelogic.com/e/471601/2021-04-01/4rclq/117121061?h=1RODXP8yUVCyc1xFeHFFaah_tHxwt5Umi4C2twUNRPc
Effective URL: https://5hewin.com/
Submission: On April 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 32 HTTP transactions. The main IP is 74.206.103.221, located in Phoenix, United States and belongs to IMDC-AS12025, US. The main domain is 5hewin.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 28th 2020. Valid for: a year.
This is the only time 5hewin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.202.69.186 14618 (AMAZON-AES)
5 74.206.103.221 12025 (IMDC-AS12025)
21 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 74.206.104.174 12025 (IMDC-AS12025)
1 2606:4700::68... 13335 (CLOUDFLAR...)
32 5
1    52.202.69.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-1-ue1.aws.pardot.com
go.prizelogic.com
5    74.206.103.221 (Phoenix, United States)

ASN12025 (IMDC-AS12025, US)
5hewin.com
21    2606:4700::6812:1573 (United States)

ASN13335 (CLOUDFLARENET, US)
secure-shared2.plcontent.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    74.206.104.174 (Phoenix, United States)

ASN12025 (IMDC-AS12025, US)
bundles.prizelogic.com
1    2606:4700::6811:f349 (United States)

ASN13335 (CLOUDFLARENET, US)
hello.myfonts.net
Domain Requested by
21 secure-shared2.plcontent.com 5hewin.com
secure-shared2.plcontent.com
5 5hewin.com 5hewin.com
secure-shared2.plcontent.com
3 bundles.prizelogic.com 5hewin.com
bundles.prizelogic.com
2 connect.facebook.net 5hewin.com
connect.facebook.net
1 hello.myfonts.net 5hewin.com
1 go.prizelogic.com 1 redirects
32 6
Subject Issuer Validity Valid
*.5hewin.com
Go Daddy Secure Certificate Authority - G2		 2020-10-28 -
2021-10-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.prizelogic.com
Go Daddy Secure Certificate Authority - G2		 2019-07-22 -
2021-07-28		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://5hewin.com/
Frame ID: D935955903AF83F59953D020C9012482
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://go.prizelogic.com/e/471601/2021-04-01/4rclq/117121061?h=1RODXP8yUVCyc1xFeHFFaah_tHxwt5Umi4C2tw... HTTP 301
    https://5hewin.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

32
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

1
Countries

5296 kB
Transfer

5968 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.prizelogic.com/e/471601/2021-04-01/4rclq/117121061?h=1RODXP8yUVCyc1xFeHFFaah_tHxwt5Umi4C2twUNRPc HTTP 301
    https://5hewin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
5hewin.com/
Redirect Chain
  • https://go.prizelogic.com/e/471601/2021-04-01/4rclq/117121061?h=1RODXP8yUVCyc1xFeHFFaah_tHxwt5Umi4C2twUNRPc
  • https://5hewin.com/
52 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5hewin.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.103.221 Phoenix, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
643d311aa15c60a049f7a3fec4a1308fb35ab2ceeb9cc716f369d37e1dfc49bf
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net *.trustarc.com;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
5hewin.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
server
x-frame-options
SAMEORIGIN SAMEORIGIN
set-cookie
::Language::=en-US; expires=Fri, 02-Apr-2021 17:37:42 GMT; path=/; SameSite=None; secure ::Language::=en-US; expires=Fri, 02-Apr-2021 17:37:42 GMT; path=/; SameSite=None; secure
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin-when-cross-origin
x-xss-protection
1; mode=block
x-content-type-options
nosniff
access-control-max-age
3628800
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-credentials
true
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net *.trustarc.com;
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
date
Thu, 01 Apr 2021 17:37:42 GMT
content-length
53674

Redirect headers

Date
Thu, 01 Apr 2021 17:37:22 GMT
Set-Cookie
pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 visitor_id471601=47831353; expires=Fri, 01-Apr-2022 17:37:22 GMT; Max-Age=31536000; path=/; secure; SameSite=None visitor_id471601-hash=a62e33acbd93c2b6503c26e048d69f8b70646d6396a6d4e55048b446c430dccffbaeb3357ba622392c255627f03d222f48e80c79; expires=Fri, 01-Apr-2022 17:37:22 GMT; Max-Age=31536000; path=/; secure; SameSite=None
Location
https://5hewin.com/
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
max-age=63072000
Expires
Sat, 01 Apr 2023 17:37:22 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
98
Content-Type
text/html; charset=UTF-8
X-Pardot-Route
32427ff3465437d362f61c790f7d2406
Server
PardotServer
X-Pardot-LB
4208770abb36eec2b2f3a1c951758cc1
Connection
keep-alive
fonts.css
5hewin.com/Content/css/ 		819 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://5hewin.com/Content/css/fonts.css
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.103.221 Phoenix, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
4bb5ddc75998fa6e98cb48e6a38c32fe818662878a3ec1391fb6611bb6b4b560
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net *.trustarc.com;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
content-length
819
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 04 Dec 2020 15:35:32 GMT
server
date
Thu, 01 Apr 2021 17:37:43 GMT
access-control-max-age
3628800
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
etag
"0faeb1953cad61:0"
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net *.trustarc.com;
accept-ranges
bytes
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
access-control-allow-credentials
true
pl-layout.css
secure-shared2.plcontent.com/pl013485-iwg/Content/css/ 		339 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1c96c3922e593a48a2455ddc4e3a40bad82186e8aaa4be4740d408dcff88b12f

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Jan 2021 16:54:40 GMT
server
cloudflare
age
629
x-powered-by
ASP.NET
etag
W/"088a9cbaedd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
639395c9ac7f0601-FRA
cf-request-id
09301bf20500000601b58ae000000001
expires
Thu, 01 Apr 2021 21:37:23 GMT
prizelogic-jquery.min.js
secure-shared2.plcontent.com/pl013485-iwg/Scripts/PL/ 		123 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Scripts/PL/prizelogic-jquery.min.js
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bcc137594b43b63f233dcd281d5ccb348293449d2d48b6a38fa6f8126022ea74

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 20:38:52 GMT
server
cloudflare
age
630
x-powered-by
ASP.NET
etag
W/"056ac3daef8d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
639395c9ac800601-FRA
cf-request-id
09301bf20500000601c5145000000001
expires
Thu, 01 Apr 2021 21:37:23 GMT
foundation-all-min.js
secure-shared2.plcontent.com/pl013485-iwg/Scripts/Vendor/Zurb/ 		120 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Scripts/Vendor/Zurb/foundation-all-min.js
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7a88b6ac4550bd3fbcc26c67c6182ba46c3453585ac0d32a069525e529fa4200

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Dec 2020 15:43:38 GMT
server
cloudflare
age
629
x-powered-by
ASP.NET
etag
W/"0f1d6baafccd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
639395c9ac840601-FRA
cf-request-id
09301bf20500000601d511f000000001
expires
Thu, 01 Apr 2021 21:37:23 GMT
prizelogic.core-min.js
secure-shared2.plcontent.com/pl013485-iwg/Scripts/PL/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Scripts/PL/prizelogic.core-min.js
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d78198246c2e2a09825b40026d83a649a5a16024318a08b1cc30654d4b13fb2f

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 27 May 2020 19:37:48 GMT
server
cloudflare
age
629
x-powered-by
ASP.NET
etag
W/"04e274d5e34d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
639395c9ac850601-FRA
cf-request-id
09301bf20600000601bd90e000000001
expires
Thu, 01 Apr 2021 21:37:23 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d28b36f39d324bae5ab018d7980527c8b29cef685f738d3ccb0bd8affdf8f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
NUNtQS7Ulqun4wcriIuu3Q==
cross-origin-resource-policy
cross-origin
expires
Thu, 01 Apr 2021 17:43:50 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
MCmq5dfUSl4cCQKWR28HZXlTvAoVhcJ+ZQ0XoXJkhevieVFIbH0QVumA2rF5nvrJBkpudYCiXJJJ639OwN746w==
x-fb-trip-id
686109401
x-fb-content-md5
90a6866dcf2e462ae898703b8326fe57
date
Thu, 01 Apr 2021 17:37:23 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e1959a99bea91b7af3537c3c18216880"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
5HourLogo.png
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/5HourLogo.png
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5919e015ff4714b005a57031f4052f55bab24081159264adb7b19748db924b1c

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:23 GMT
cf-cache-status
HIT
age
629
x-powered-by
ASP.NET
content-length
61774
cf-request-id
09301bf283000006019288a000000001
last-modified
Wed, 02 Dec 2020 21:10:50 GMT
server
cloudflare
etag
"0a95b9cefc8d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395ca6df70601-FRA
expires
Thu, 01 Apr 2021 21:37:23 GMT
main_lockup.svg
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/main_lockup.svg
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63b6273b33f31879946c26715971b5b711b3f6f39d3c32bb61fb8a618379e6e0

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Dec 2020 21:10:50 GMT
server
cloudflare
age
629
x-powered-by
ASP.NET
etag
W/"0a95b9cefc8d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
639395ca8e370601-FRA
cf-request-id
09301bf29400000601c1387000000001
expires
Thu, 01 Apr 2021 21:37:23 GMT
productLine.png
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/productLine.png
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9f0e6935460ce49d980818d0f7e37d70297a687de489bf62feb65993fa405bd2

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:23 GMT
cf-cache-status
HIT
age
945
x-powered-by
ASP.NET
content-length
72501
cf-request-id
09301bf2ab00000601bd91e000000001
last-modified
Mon, 18 Jan 2021 16:54:40 GMT
server
cloudflare
etag
"088a9cbaedd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395caae720601-FRA
expires
Thu, 01 Apr 2021 21:37:23 GMT
productLineReveal.png
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		746 KB
747 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/productLineReveal.png
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a8fc838b1b9aee83e4e9177e21754aeb4629ed532eb96a5028c5f1b09980d598

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:23 GMT
cf-cache-status
HIT
age
628
x-powered-by
ASP.NET
content-length
763532
cf-request-id
09301bf2bf000006016f801000000001
last-modified
Mon, 18 Jan 2021 16:54:40 GMT
server
cloudflare
etag
"088a9cbaedd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395caceac0601-FRA
expires
Thu, 01 Apr 2021 21:37:23 GMT
allProductLineReveal.png
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		249 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/allProductLineReveal.png
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cabeb73bdbbcc9bbf3fb0660cb22d75686270aa38cbe18e18967afee48449202

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:23 GMT
cf-cache-status
HIT
age
861
x-powered-by
ASP.NET
content-length
255030
cf-request-id
09301bf36b0000060162025000000001
last-modified
Thu, 21 Jan 2021 15:08:52 GMT
server
cloudflare
etag
"05a13547f0d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395cbd88c0601-FRA
expires
Thu, 01 Apr 2021 21:37:23 GMT
slick.min.js
secure-shared2.plcontent.com/pl013485-iwg/Scripts/Vendor/SlickSlider/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Scripts/Vendor/SlickSlider/slick.min.js
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 20:38:52 GMT
server
cloudflare
age
862
x-powered-by
ASP.NET
etag
W/"056ac3daef8d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
639395ca4db50601-FRA
cf-request-id
09301bf26d00000601952f9000000001
expires
Thu, 01 Apr 2021 21:37:23 GMT
third-party-optin.min.js
bundles.prizelogic.com/gdpr/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bundles.prizelogic.com/gdpr/third-party-optin.min.js
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.104.174 Phoenix, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
5ab2ea97130e247524fa6eef1b730557d910350a827c651a28905c6692ee7c50
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:43 GMT
content-encoding
gzip
referrer-policy
strict-origin
last-modified
Tue, 27 Oct 2020 22:14:15 GMT
etag
"80957181aeacd61:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors none
strict-transport-security
max-age=31536000;includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
3790
x-content-type-options
nosniff
3cc1d4
hello.myfonts.net/count/ 		0
301 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/3cc1d4
Requested by
Host: 5hewin.com
URL: https://5hewin.com/Content/css/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f349 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:24 GMT
server
cloudflare
age
1
expect-ct
null
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
639395cd59f34a6d-FRA
content-length
0
cf-request-id
09301bf45300004a6d6e3e2000000001
expires
Fri, 01 Apr 2022 17:37:24 GMT
sdk.js
connect.facebook.net/en_US/ 		199 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8d73931df7c7a48b2584fef475a6c301&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d3a2aeecb131a3c2457637ed512dfd7c53a763b643cd68be0bcb7712ab6c45d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://5hewin.com
Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
HOhaGsT5TZe3la3hGDYGWA==
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Apr 2022 16:20:39 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
61307
x-fb-rlafr
0
x-fb-debug
2lrCmkrX5CalfLc90Ceu3zLQkGz8wbYFjIJcniheeTefbce5+28t9nm9LMEhDs1EJ4R5pnSyV4zmAhg9yCX0MQ==
x-fb-trip-id
2050670934
x-fb-content-md5
e515ad356a4e8c61dcb5f2d5cd735474
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 01 Apr 2021 17:37:24 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"c93e308f3d61c56279b9cd51197f119a"
timing-allow-origin
*
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
bg_pattern_1000x778.jpg
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/bg_pattern_1000x778.jpg
Requested by
Host: secure-shared2.plcontent.com
URL: https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1a48de88c0b26bc7a50c90b191ab460b923d55937e5f39da854c9b94ce687980

Request headers

Referer
https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:24 GMT
cf-cache-status
HIT
age
589
x-powered-by
ASP.NET
last-modified
Wed, 02 Dec 2020 21:10:50 GMT
content-length
172040
cf-request-id
09301bf49c00000601d62ce000000001
cf-bgj
h2pri
server
cloudflare
etag
"0a95b9cefc8d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395cdcc120601-FRA
expires
Thu, 01 Apr 2021 21:37:24 GMT
ticker_grape@2x.png
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/ticker_grape@2x.png
Requested by
Host: secure-shared2.plcontent.com
URL: https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
57bde410229922c105fb1fc85495e0583025d99af1d67897579bc75916c750d6

Request headers

Referer
https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:24 GMT
cf-cache-status
HIT
age
585
x-powered-by
ASP.NET
content-length
11037
cf-request-id
09301bf49c000006017813e000000001
last-modified
Wed, 02 Dec 2020 21:10:50 GMT
server
cloudflare
etag
"0a95b9cefc8d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395cdcc160601-FRA
expires
Thu, 01 Apr 2021 21:37:24 GMT
ticker_watermelon@2x.png
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/ticker_watermelon@2x.png
Requested by
Host: secure-shared2.plcontent.com
URL: https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6efec1060f4bf0ea847df8a10f9cf2b9a886e8d512a2725ef34f01362f1b7c99

Request headers

Referer
https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:24 GMT
cf-cache-status
HIT
age
728
x-powered-by
ASP.NET
content-length
11667
cf-request-id
09301bf49d000006019b27e000000001
last-modified
Wed, 02 Dec 2020 21:10:50 GMT
server
cloudflare
etag
"0a95b9cefc8d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395cdcc170601-FRA
expires
Thu, 01 Apr 2021 21:37:24 GMT
ticker_berry@2x.png
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/ticker_berry@2x.png
Requested by
Host: secure-shared2.plcontent.com
URL: https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
66adc80c9a8eb7e11d5982488a9ded7261bfffb382dd8fbe6e97b3a50b3bfcab

Request headers

Referer
https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:24 GMT
cf-cache-status
HIT
age
822
x-powered-by
ASP.NET
content-length
10822
cf-request-id
09301bf49d000006018e349000000001
last-modified
Wed, 02 Dec 2020 21:10:50 GMT
server
cloudflare
etag
"0a95b9cefc8d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395cdcc180601-FRA
expires
Thu, 01 Apr 2021 21:37:24 GMT
screw_icon.svg
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		2 KB
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/screw_icon.svg
Requested by
Host: secure-shared2.plcontent.com
URL: https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ca2c10d23e49443457b248615f25aa3160297fefd83c31a3d9e1a2a04f3eecbf

Request headers

Referer
https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Jan 2021 17:58:36 GMT
server
cloudflare
age
584
x-powered-by
ASP.NET
etag
W/"06e9a638ce3d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
639395cdcc220601-FRA
cf-request-id
09301bf49e00000601c5175000000001
expires
Thu, 01 Apr 2021 21:37:24 GMT
HelveticaNeueLTPro-HvCn.woff2
5hewin.com/Content/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://5hewin.com/Content/fonts/HelveticaNeueLTPro-HvCn.woff2
Requested by
Host: 5hewin.com
URL: https://5hewin.com/Content/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.103.221 Phoenix, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1fb543421a942c7df1e3cd4b2f159f9fa9a75c755dafc70bcc6f1569c2cd81de
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net *.trustarc.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://5hewin.com
Referer
https://5hewin.com/Content/css/fonts.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net *.trustarc.com;
x-content-type-options
nosniff
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
content-length
28004
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 04 Dec 2020 15:35:32 GMT
server
Microsoft-IIS/10.0
date
Thu, 01 Apr 2021 17:37:43 GMT
access-control-max-age
3628800
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff2
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
etag
"0faeb1953cad61:0"
accept-ranges
bytes
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
access-control-allow-credentials
true
HelveticaNeueLTPro-Roman.woff2
5hewin.com/Content/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://5hewin.com/Content/fonts/HelveticaNeueLTPro-Roman.woff2
Requested by
Host: 5hewin.com
URL: https://5hewin.com/Content/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.103.221 Phoenix, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
7bc1b2d30e8cb21af41cf523de06bbff8d3ec9c9c4e108af2dc9541142fbf86b
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net *.trustarc.com;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://5hewin.com
Referer
https://5hewin.com/Content/css/fonts.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
content-length
26340
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 04 Dec 2020 15:35:32 GMT
server
date
Thu, 01 Apr 2021 17:37:42 GMT
access-control-max-age
3628800
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff2
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
etag
"0faeb1953cad61:0"
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net *.trustarc.com;
accept-ranges
bytes
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
access-control-allow-credentials
true
5hewin.com.json
bundles.prizelogic.com/gdpr/ 		880 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bundles.prizelogic.com/gdpr/5hewin.com.json
Requested by
Host: bundles.prizelogic.com
URL: https://bundles.prizelogic.com/gdpr/third-party-optin.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.104.174 Phoenix, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
959ca447748e72c32146255ef6203e9d88105a7fa1bdba41263151eaeec89946
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:43 GMT
referrer-policy
strict-origin
last-modified
Tue, 26 Jan 2021 18:22:09 GMT
etag
"7ce8bd2810f4d61:0"
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors none
strict-transport-security
max-age=31536000;includeSubDomains
accept-ranges
bytes
content-length
880
x-content-type-options
nosniff
ajax-loader.gif
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/ajax-loader.gif
Requested by
Host: secure-shared2.plcontent.com
URL: https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

Referer
https://secure-shared2.plcontent.com/pl013485-iwg/Content/css/pl-layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:24 GMT
cf-cache-status
HIT
age
572
x-powered-by
ASP.NET
content-length
4178
cf-request-id
09301bf56000000601829f8000000001
last-modified
Thu, 12 Mar 2020 20:38:52 GMT
server
cloudflare
etag
"056ac3daef8d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395cefe200601-FRA
expires
Thu, 01 Apr 2021 21:37:24 GMT
CookieGate
5hewin.com/en-us/ 		4 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://5hewin.com/en-us/CookieGate
Requested by
Host: secure-shared2.plcontent.com
URL: https://secure-shared2.plcontent.com/pl013485-iwg/Scripts/PL/prizelogic-jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.103.221 Phoenix, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net *.trustarc.com;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://5hewin.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
p3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
content-length
4
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
x-frame-options
SAMEORIGIN
date
Thu, 01 Apr 2021 17:37:43 GMT
access-control-max-age
3628800
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf-8
cache-control
private
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net *.trustarc.com;
access-control-allow-credentials
true
access-control-allow-headers
Cookie, accept, origin, x-request, Content-Type, Accept, X-Requested-With, withCredentials
landing_bg1.png
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/landing_bg1.png
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4ba89bd1ab4075d90ac2c5bf3ea62fd83869d5c894fc3a8bdbcc2ad774994a00

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:24 GMT
cf-cache-status
HIT
age
722
x-powered-by
ASP.NET
content-length
1063296
cf-request-id
09301bf57700000601a9b68000000001
last-modified
Wed, 02 Dec 2020 21:10:50 GMT
server
cloudflare
etag
"0a95b9cefc8d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395cf2e4d0601-FRA
expires
Thu, 01 Apr 2021 21:37:24 GMT
landing_bg2.png
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		584 KB
585 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/landing_bg2.png
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bf332f78ceb4090ef7992827347bd84e3f4f1389508ee94b68e5d748af91e74d

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:24 GMT
cf-cache-status
HIT
age
829
x-powered-by
ASP.NET
content-length
598304
cf-request-id
09301bf577000006019fa0d000000001
last-modified
Wed, 02 Dec 2020 21:10:50 GMT
server
cloudflare
etag
"0a95b9cefc8d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395cf2e4e0601-FRA
expires
Thu, 01 Apr 2021 21:37:24 GMT
landing_bg3.png
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		1004 KB
1005 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/landing_bg3.png
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0e18c471617d6701204799ca97b609ee442f6d024ffade0423edfa6033fb9d01

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:24 GMT
cf-cache-status
HIT
age
582
x-powered-by
ASP.NET
content-length
1028113
cf-request-id
09301bf577000006019d00e000000001
last-modified
Wed, 02 Dec 2020 21:10:50 GMT
server
cloudflare
etag
"0a95b9cefc8d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395cf2e4f0601-FRA
expires
Thu, 01 Apr 2021 21:37:24 GMT
landing_bg4.png
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		992 KB
993 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/landing_bg4.png
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9916956be33f796a73472b7353d099709a417cd11aab31b4438d88f7ce3adf90

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:24 GMT
cf-cache-status
HIT
age
829
x-powered-by
ASP.NET
content-length
1015885
cf-request-id
09301bf5780000060168a42000000001
last-modified
Wed, 02 Dec 2020 21:10:50 GMT
server
cloudflare
etag
"0a95b9cefc8d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395cf2e500601-FRA
expires
Thu, 01 Apr 2021 21:37:24 GMT
main_5HourLogo.png
secure-shared2.plcontent.com/pl013485-iwg/Content/images/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-shared2.plcontent.com/pl013485-iwg/Content/images/main_5HourLogo.png
Requested by
Host: 5hewin.com
URL: https://5hewin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ec23612c92a03679b9ce962eb8bb175307a5976deb6d61b91dc747c5eeab73d6

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:24 GMT
cf-cache-status
HIT
age
581
x-powered-by
ASP.NET
content-length
48243
cf-request-id
09301bf578000006016d05e000000001
last-modified
Mon, 07 Dec 2020 15:43:38 GMT
server
cloudflare
etag
"0f1d6baafccd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
639395cf2e510601-FRA
expires
Thu, 01 Apr 2021 21:37:24 GMT
default-styles.css
bundles.prizelogic.com/gdpr/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bundles.prizelogic.com/gdpr/default-styles.css
Requested by
Host: bundles.prizelogic.com
URL: https://bundles.prizelogic.com/gdpr/third-party-optin.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.206.104.174 Phoenix, United States, ASN12025 (IMDC-AS12025, US),
Reverse DNS
Software
/
Resource Hash
2623d3bcfc9b9dbf28037fca80a1848268f3ffb6df6b06ce98b0e57535c3bd6c
Security Headers
Name Value
Content-Security-Policy frame-ancestors none
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://5hewin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:37:44 GMT
referrer-policy
strict-origin
last-modified
Wed, 18 Dec 2019 20:35:46 GMT
etag
"c5a1ccb9e2b5d51:0"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
x-xss-protection
1;mode=block
content-security-policy
frame-ancestors none
strict-transport-security
max-age=31536000;includeSubDomains
accept-ranges
bytes
content-length
1377
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| $pl object| __FOUNDATION_EXTERNAL__ object| Foundation object| jQuery111102664403664672561 function| createCookie function| readCookie function| eraseCookie function| getElemValue function| getModelIDPrefix function| isCompositeActive object| formSubmit function| openModal function| wrapAsterisks function| wrapParenthesis function| pop function| GetQueryParamValues function| Tab function| onOptinDialogMount function| Class boolean| fbApiInit function| fbEnsureInit function| fbAsyncInit object| FB undefined| queryString function| GetParameterValues function| getQueryVariable undefined| showModal string| servercookieName string| clientcookieName function| cookies_enabled function| cookies_checked string| browserBypassedCookieName function| browsercheck_bypassed function| getBrowserInfo function| parseContentLinks function| initOptinDialog function| createGTMInitializer function| createAdobeAnalyticsInitializer function| initGTMOptinDialog function| initAdobeAnalyticsOptinDialog object| options function| init

2 Cookies

Domain/Path Name / Value
5hewin.com/ Name: ::ClientCookie::
Value: test
5hewin.com/ Name: ::Language::
Value: en-US

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: wss: *.plcontent.com 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'none'; frame-src 'self' *.facebook.com *.googletagmanager.com *.demdex.net *.trustarc.com;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5hewin.com
bundles.prizelogic.com
connect.facebook.net
go.prizelogic.com
hello.myfonts.net
secure-shared2.plcontent.com
2606:4700::6811:f349
2606:4700::6812:1573
2a03:2880:f01c:8012:face:b00c:0:3
52.202.69.186
74.206.103.221
74.206.104.174
0e18c471617d6701204799ca97b609ee442f6d024ffade0423edfa6033fb9d01
1a48de88c0b26bc7a50c90b191ab460b923d55937e5f39da854c9b94ce687980
1c96c3922e593a48a2455ddc4e3a40bad82186e8aaa4be4740d408dcff88b12f
1fb543421a942c7df1e3cd4b2f159f9fa9a75c755dafc70bcc6f1569c2cd81de
2623d3bcfc9b9dbf28037fca80a1848268f3ffb6df6b06ce98b0e57535c3bd6c
4ba89bd1ab4075d90ac2c5bf3ea62fd83869d5c894fc3a8bdbcc2ad774994a00
4bb5ddc75998fa6e98cb48e6a38c32fe818662878a3ec1391fb6611bb6b4b560
57bde410229922c105fb1fc85495e0583025d99af1d67897579bc75916c750d6
5919e015ff4714b005a57031f4052f55bab24081159264adb7b19748db924b1c
5ab2ea97130e247524fa6eef1b730557d910350a827c651a28905c6692ee7c50
63b6273b33f31879946c26715971b5b711b3f6f39d3c32bb61fb8a618379e6e0
643d311aa15c60a049f7a3fec4a1308fb35ab2ceeb9cc716f369d37e1dfc49bf
66adc80c9a8eb7e11d5982488a9ded7261bfffb382dd8fbe6e97b3a50b3bfcab
6efec1060f4bf0ea847df8a10f9cf2b9a886e8d512a2725ef34f01362f1b7c99
7a88b6ac4550bd3fbcc26c67c6182ba46c3453585ac0d32a069525e529fa4200
7bc1b2d30e8cb21af41cf523de06bbff8d3ec9c9c4e108af2dc9541142fbf86b
8d28b36f39d324bae5ab018d7980527c8b29cef685f738d3ccb0bd8affdf8f18
959ca447748e72c32146255ef6203e9d88105a7fa1bdba41263151eaeec89946
9916956be33f796a73472b7353d099709a417cd11aab31b4438d88f7ce3adf90
9f0e6935460ce49d980818d0f7e37d70297a687de489bf62feb65993fa405bd2
a8fc838b1b9aee83e4e9177e21754aeb4629ed532eb96a5028c5f1b09980d598
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bcc137594b43b63f233dcd281d5ccb348293449d2d48b6a38fa6f8126022ea74
bf332f78ceb4090ef7992827347bd84e3f4f1389508ee94b68e5d748af91e74d
ca2c10d23e49443457b248615f25aa3160297fefd83c31a3d9e1a2a04f3eecbf
cabeb73bdbbcc9bbf3fb0660cb22d75686270aa38cbe18e18967afee48449202
d3a2aeecb131a3c2457637ed512dfd7c53a763b643cd68be0bcb7712ab6c45d6
d78198246c2e2a09825b40026d83a649a5a16024318a08b1cc30654d4b13fb2f
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ec23612c92a03679b9ce962eb8bb175307a5976deb6d61b91dc747c5eeab73d6