wintoday2021.com Open in urlscan Pro
66.228.63.84 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hfamk96ola.me/daepn
Effective URL:
http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529
Submission: On June 29 via api (June 29th 2021, 7:50:43 am UTC) from US

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 9 domains to perform 7 HTTP transactions. The main IP is 66.228.63.84, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is wintoday2021.com.

This is the only time wintoday2021.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.114.197.131 167.114.197.131	16276 (OVH) (OVH)
2	3.126.48.135 3.126.48.135	16509 (AMAZON-02) (AMAZON-02)
2 2	216.189.51.65 216.189.51.65	6921 (ARACHNITEC) (ARACHNITEC)
3 3	172.245.240.87 172.245.240.87	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1 1	45.79.244.11 45.79.244.11	63949 (LINODE-AP...) (LINODE-AP Linode)
1	66.228.63.84 66.228.63.84	63949 (LINODE-AP...) (LINODE-AP Linode)
3	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
7	4

1 167.114.197.131 (Montreal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip131.ip-167-114-197.net

hfamk96ola.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.48.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com

gazitmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.189.51.65 (United States) 2 redirects

ASN6921 (ARACHNITEC, US)

go.cyndaldesper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.245.240.87 (Elk Grove Village, United States) 3 redirects

ASN36352 (AS-COLOCROSSING, US)
PTR: 172-245-240-87-host.colocrossing.com

kq6.dedicationlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icus3.dedicationlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icus3.zqbdrjam3t.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.244.11 (Atlanta, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-11.atlanta.nodebalancer.linode.com

offers-haka.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.228.63.84 (Atlanta, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-66-228-63-84.atlanta.nodebalancer.linode.com

wintoday2021.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

1673333600.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cdn77.org 1673333600.rsc.cdn77.org	54 KB
2	dedicationlinks.com 2 redirects kq6.dedicationlinks.com icus3.dedicationlinks.com	2 KB
2	cyndaldesper.com 2 redirects go.cyndaldesper.com	467 B
2	gazitmedia.com gazitmedia.com	4 KB
1	jquery.com code.jquery.com	30 KB
1	wintoday2021.com wintoday2021.com	3 KB
1	offers-haka.com 1 redirects offers-haka.com	217 B
1	zqbdrjam3t.com 1 redirects icus3.zqbdrjam3t.com	1 KB
1	hfamk96ola.me 1 redirects hfamk96ola.me	369 B
7	9

	Domain	Requested by
3	1673333600.rsc.cdn77.org	wintoday2021.com code.jquery.com
2	go.cyndaldesper.com	2 redirects
2	gazitmedia.com
1	code.jquery.com	wintoday2021.com
1	wintoday2021.com
1	offers-haka.com	1 redirects
1	icus3.zqbdrjam3t.com	1 redirects
1	icus3.dedicationlinks.com	1 redirects
1	kq6.dedicationlinks.com	1 redirects
1	hfamk96ola.me	1 redirects
7	10

This site contains no links.

Subject Issuer	Validity	Valid
gazitmedia.com R3	`2021-05-26` - `2021-08-24`	3 months	crt.sh
www.cdn77.com R3	`2021-05-03` - `2021-08-01`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529
Frame ID: F200398B0235798066B35A5FD3B13FED
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hfamk96ola.me/daepn HTTP 301
https://gazitmedia.com/click?trvid=10253&eid=71193373&subid1=VK2506&v1=me&v2=p_17698&v3=360&v4=1&v5... Page URL
https://gazitmedia.com/double?t=2&d=eyJVUkwiOiJodHRwOi8vZ28uY3luZGFsZGVzcGVyLmNvbS90czU2MzUtc21zLW9... Page URL
http://go.cyndaldesper.com/ts5635-sms-owwlm-1-us?subid=6uxa27p9x4pm&tid={tid}&thru=VK2506 HTTP 302
http://go.cyndaldesper.com/ts5635-sms-owwlm-1-us-rev HTTP 302
http://kq6.dedicationlinks.com/?kw=ts5635-sms-owwlm-1-us-rev&s1=ts5635-sms-owwlm-1-us-rev&s2=1624953023.85-... HTTP 301
https://icus3.dedicationlinks.com/ HTTP 302
https://icus3.zqbdrjam3t.com/o/HZJFAMRO/aa7fc154-d8ae-11eb-827a-9d715a4f6134 HTTP 302
http://offers-haka.com/click?hash=28529&pid=2420&aid=89056&keyword=ab4d8f1c-d8ae-11eb-94ba-d3a83fea... HTTP 302
http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

7
Requests

86 %
HTTPS

25 %
IPv6

9
Domains

10
Subdomains

4
IPs

4
Countries

92 kB
Transfer

149 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hfamk96ola.me/daepn HTTP 301
https://gazitmedia.com/click?trvid=10253&eid=71193373&subid1=VK2506&v1=me&v2=p_17698&v3=360&v4=1&v5=2906&v6=7405902337&v7=glwharton@gmail.com&v8=Gary Page URL
https://gazitmedia.com/double?t=2&d=eyJVUkwiOiJodHRwOi8vZ28uY3luZGFsZGVzcGVyLmNvbS90czU2MzUtc21zLW93d2xtLTEtdXM_c3ViaWQ9NnV4YTI3cDl4NHBtXHUwMDI2dGlkPXt0aWR9XHUwMDI2dGhydT1WSzI1MDYiLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjI1OTZ9 Page URL
http://go.cyndaldesper.com/ts5635-sms-owwlm-1-us?subid=6uxa27p9x4pm&tid={tid}&thru=VK2506 HTTP 302
http://go.cyndaldesper.com/ts5635-sms-owwlm-1-us-rev HTTP 302
http://kq6.dedicationlinks.com/?kw=ts5635-sms-owwlm-1-us-rev&s1=ts5635-sms-owwlm-1-us-rev&s2=1624953023.85-190697147-0-&s3=&fallback=18 HTTP 301
https://icus3.dedicationlinks.com/ HTTP 302
https://icus3.zqbdrjam3t.com/o/HZJFAMRO/aa7fc154-d8ae-11eb-827a-9d715a4f6134 HTTP 302
http://offers-haka.com/click?hash=28529&pid=2420&aid=89056&keyword=ab4d8f1c-d8ae-11eb-94ba-d3a83fea0da1 HTTP 302
http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hfamk96ola.me/daepn HTTP 301
https://gazitmedia.com/click?trvid=10253&eid=71193373&subid1=VK2506&v1=me&v2=p_17698&v3=360&v4=1&v5=2906&v6=7405902337&v7=glwharton@gmail.com&v8=Gary

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	click Show response gazitmedia.com/ Redirect Chain http://hfamk96ola.me/daepn https://gazitmedia.com/click?trvid=10253&eid=71193373&subid1=VK2506&v1=me&v2=p_17698&v3=360&v4=1&v5=2906&v6=7405902337&v7=glwharton@gmail.com&v8=Gary	1 KB 3 KB	477ms 390ms	Document text/html	3.126.48.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gazitmedia.com/click?trvid=10253&eid=71193373&subid1=VK2506&v1=me&v2=p_17698&v3=360&v4=1&v5=2906&v6=7405902337&v7=glwharton@gmail.com&v8=Gary Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.126.48.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-48-135.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash `d792ebb041e827d0fcc2381af0b4d9cef4b7ca887fdcdb093abffefb2f8aba60` Request headers :method GET :authority gazitmedia.com :scheme https :path /click?trvid=10253&eid=71193373&subid1=VK2506&v1=me&v2=p_17698&v3=360&v4=1&v5=2906&v6=7405902337&v7=glwharton@gmail.com&v8=Gary pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1 Response headers server nginx date Tue, 29 Jun 2021 07:50:22 GMT content-type text/html; charset=utf-8 content-length 1330 cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 expires Thu, 01 Jan 1970 00:00:00 UTC pragma no-cache set-cookie ClickDataNG=H4sIAAAAAAAA_2xU72_bNhD9V4T71AKKLOqXLQ5Cl3lDOyReDLjphmJAQYtnm4hECkdKiZvmfx8oqU4-7Nvdu6P47vienmFAsspo4MCiOIohBHfuEHgcgu33n3_GtdEDkkMJ_CAaiyHUjaof_pTAoeifRLLsyqesayEEKRwCZ0WSlXkaJ0kItWg7oY7ad7M4ydMQlF1vr4E76jEEMk44ZcZ6kq1CoL5Bn8QhEEpFWLsNupORwPMQrOmpHusshEZoqfRx7p6ze2qAA4RgDgeksbMoyxD2JHR9mnvH2tR5cq7ji8XRRPVZS9FItB1SVJt24WxepPmVbe2VeXxs2it21dsPtt8rWb0d_N8-jpPCKVk9OyVf5vREffXlJsnjAvwOrZtnGlD302I7cTa9h6NkprTuiVDXZ-Bwv_sdQuhJzRytJym-K9eiVGLkNz7DB0eDktW42-lmVLJaMlam6XJGRspsZjNBA6tanMOk6r6xZVGu5jyt0iKe46xic5RXSXk5XVTLLM7LOEnT5Qwtq2PzeBLkjP712ArVeI5zbVV9FHSGEFR3LSWhtV50ZRqVEWNJlKTF21oxPWBvka6PqB1w2JjvqmnEIo_i4J3anozGX4L19j6Y4uBuF7D0Wx406gGDjag98M_74LrrGvwb9zfKLYo4j1jE8uDdzafPm9tw6v2I9YN5H6xJ3e0WqzSKo4zFabRaBRuzVw0uWP4Hy1bBThwEqUURZxED_4wHJKSJqMRB1Tj5hYVg_HDqbuc1aL-8eiyN8tFkezKPdjy7PpFp8fKF30hob6qR9QXdGIleqNOkF_gv0eJ0fT3dDGtDnSHvQO-xzm8tyZbBrZOjAHvtyAtr_XXkf5xYrb_--PGpEYNWQYvWmWBL4iT8AeXOc31L4tj7r3aCULu1l93sMVJHpW-7N5Ajoa2oJ09b4LpvmhDq3jrTAn8GfHJIWjTj7-OnTCGEIQYOF78MDDiMqxkS4DDr06cpcEgLv8ch81v1QQ4cvDh97MXzqk2PLIHD_0jTl1bAYVTmy8t_AQAA__8UYFaoDwUAAA==; Expires=Thu, 29 Jul 2021 07:50:22 GMT; SameSite=None; Secure ClickDataNgFall=H4sIAAAAAAAA_2xU72_bNhD9V4T71AKKLOqXLQ5Cl3lDOyReDLjphmJAQYtnm4hECkdKiZvmfx8oqU4-7Nvdu6P47vienmFAsspo4MCiOIohBHfuEHgcgu33n3_GtdEDkkMJ_CAaiyHUjaof_pTAoeifRLLsyqesayEEKRwCZ0WSlXkaJ0kItWg7oY7ad7M4ydMQlF1vr4E76jEEMk44ZcZ6kq1CoL5Bn8QhEEpFWLsNupORwPMQrOmpHusshEZoqfRx7p6ze2qAA4RgDgeksbMoyxD2JHR9mnvH2tR5cq7ji8XRRPVZS9FItB1SVJt24WxepPmVbe2VeXxs2it21dsPtt8rWb0d_N8-jpPCKVk9OyVf5vREffXlJsnjAvwOrZtnGlD302I7cTa9h6NkprTuiVDXZ-Bwv_sdQuhJzRytJym-K9eiVGLkNz7DB0eDktW42-lmVLJaMlam6XJGRspsZjNBA6tanMOk6r6xZVGu5jyt0iKe46xic5RXSXk5XVTLLM7LOEnT5Qwtq2PzeBLkjP712ArVeI5zbVV9FHSGEFR3LSWhtV50ZRqVEWNJlKTF21oxPWBvka6PqB1w2JjvqmnEIo_i4J3anozGX4L19j6Y4uBuF7D0Wx406gGDjag98M_74LrrGvwb9zfKLYo4j1jE8uDdzafPm9tw6v2I9YN5H6xJ3e0WqzSKo4zFabRaBRuzVw0uWP4Hy1bBThwEqUURZxED_4wHJKSJqMRB1Tj5hYVg_HDqbuc1aL-8eiyN8tFkezKPdjy7PpFp8fKF30hob6qR9QXdGIleqNOkF_gv0eJ0fT3dDGtDnSHvQO-xzm8tyZbBrZOjAHvtyAtr_XXkf5xYrb_--PGpEYNWQYvWmWBL4iT8AeXOc31L4tj7r3aCULu1l93sMVJHpW-7N5Ajoa2oJ09b4LpvmhDq3jrTAn8GfHJIWjTj7-OnTCGEIQYOF78MDDiMqxkS4DDr06cpcEgLv8ch81v1QQ4cvDh97MXzqk2PLIHD_0jTl1bAYVTmy8t_AQAA__8UYFaoDwUAAA==; Expires=Thu, 29 Jul 2021 07:50:22 GMT Redirect headers Server nginx Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Date Tue, 29 Jun 2021 07:52:17 GMT Location https://gazitmedia.com/click?trvid=10253&eid=71193373&subid1=VK2506&v1=me&v2=p_17698&v3=360&v4=1&v5=2906&v6=7405902337&v7=glwharton@gmail.com&v8=Gary Referrer-Policy no-referrer
GET H2	200	double Show response gazitmedia.com/	777 B 957 B	33ms 33ms	Document text/html	3.126.48.135 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gazitmedia.com/double?t=2&d=eyJVUkwiOiJodHRwOi8vZ28uY3luZGFsZGVzcGVyLmNvbS90czU2MzUtc21zLW93d2xtLTEtdXM_c3ViaWQ9NnV4YTI3cDl4NHBtXHUwMDI2dGlkPXt0aWR9XHUwMDI2dGhydT1WSzI1MDYiLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjI1OTZ9 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.126.48.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-48-135.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash `7c7bde257307c9dc772b1f2b3f1dfbdfc098d15e9ce078e1584ea109fdb8e4b5` Request headers :method GET :authority gazitmedia.com :scheme https :path /double?t=2&d=eyJVUkwiOiJodHRwOi8vZ28uY3luZGFsZGVzcGVyLmNvbS90czU2MzUtc21zLW93d2xtLTEtdXM_c3ViaWQ9NnV4YTI3cDl4NHBtXHUwMDI2dGlkPXt0aWR9XHUwMDI2dGhydT1WSzI1MDYiLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjI1OTZ9 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie ClickDataNG=H4sIAAAAAAAA_2xU72_bNhD9V4T71AKKLOqXLQ5Cl3lDOyReDLjphmJAQYtnm4hECkdKiZvmfx8oqU4-7Nvdu6P47vienmFAsspo4MCiOIohBHfuEHgcgu33n3_GtdEDkkMJ_CAaiyHUjaof_pTAoeifRLLsyqesayEEKRwCZ0WSlXkaJ0kItWg7oY7ad7M4ydMQlF1vr4E76jEEMk44ZcZ6kq1CoL5Bn8QhEEpFWLsNupORwPMQrOmpHusshEZoqfRx7p6ze2qAA4RgDgeksbMoyxD2JHR9mnvH2tR5cq7ji8XRRPVZS9FItB1SVJt24WxepPmVbe2VeXxs2it21dsPtt8rWb0d_N8-jpPCKVk9OyVf5vREffXlJsnjAvwOrZtnGlD302I7cTa9h6NkprTuiVDXZ-Bwv_sdQuhJzRytJym-K9eiVGLkNz7DB0eDktW42-lmVLJaMlam6XJGRspsZjNBA6tanMOk6r6xZVGu5jyt0iKe46xic5RXSXk5XVTLLM7LOEnT5Qwtq2PzeBLkjP712ArVeI5zbVV9FHSGEFR3LSWhtV50ZRqVEWNJlKTF21oxPWBvka6PqB1w2JjvqmnEIo_i4J3anozGX4L19j6Y4uBuF7D0Wx406gGDjag98M_74LrrGvwb9zfKLYo4j1jE8uDdzafPm9tw6v2I9YN5H6xJ3e0WqzSKo4zFabRaBRuzVw0uWP4Hy1bBThwEqUURZxED_4wHJKSJqMRB1Tj5hYVg_HDqbuc1aL-8eiyN8tFkezKPdjy7PpFp8fKF30hob6qR9QXdGIleqNOkF_gv0eJ0fT3dDGtDnSHvQO-xzm8tyZbBrZOjAHvtyAtr_XXkf5xYrb_--PGpEYNWQYvWmWBL4iT8AeXOc31L4tj7r3aCULu1l93sMVJHpW-7N5Ajoa2oJ09b4LpvmhDq3jrTAn8GfHJIWjTj7-OnTCGEIQYOF78MDDiMqxkS4DDr06cpcEgLv8ch81v1QQ4cvDh97MXzqk2PLIHD_0jTl1bAYVTmy8t_AQAA__8UYFaoDwUAAA==; ClickDataNgFall=H4sIAAAAAAAA_2xU72_bNhD9V4T71AKKLOqXLQ5Cl3lDOyReDLjphmJAQYtnm4hECkdKiZvmfx8oqU4-7Nvdu6P47vienmFAsspo4MCiOIohBHfuEHgcgu33n3_GtdEDkkMJ_CAaiyHUjaof_pTAoeifRLLsyqesayEEKRwCZ0WSlXkaJ0kItWg7oY7ad7M4ydMQlF1vr4E76jEEMk44ZcZ6kq1CoL5Bn8QhEEpFWLsNupORwPMQrOmpHusshEZoqfRx7p6ze2qAA4RgDgeksbMoyxD2JHR9mnvH2tR5cq7ji8XRRPVZS9FItB1SVJt24WxepPmVbe2VeXxs2it21dsPtt8rWb0d_N8-jpPCKVk9OyVf5vREffXlJsnjAvwOrZtnGlD302I7cTa9h6NkprTuiVDXZ-Bwv_sdQuhJzRytJym-K9eiVGLkNz7DB0eDktW42-lmVLJaMlam6XJGRspsZjNBA6tanMOk6r6xZVGu5jyt0iKe46xic5RXSXk5XVTLLM7LOEnT5Qwtq2PzeBLkjP712ArVeI5zbVV9FHSGEFR3LSWhtV50ZRqVEWNJlKTF21oxPWBvka6PqB1w2JjvqmnEIo_i4J3anozGX4L19j6Y4uBuF7D0Wx406gGDjag98M_74LrrGvwb9zfKLYo4j1jE8uDdzafPm9tw6v2I9YN5H6xJ3e0WqzSKo4zFabRaBRuzVw0uWP4Hy1bBThwEqUURZxED_4wHJKSJqMRB1Tj5hYVg_HDqbuc1aL-8eiyN8tFkezKPdjy7PpFp8fKF30hob6qR9QXdGIleqNOkF_gv0eJ0fT3dDGtDnSHvQO-xzm8tyZbBrZOjAHvtyAtr_XXkf5xYrb_--PGpEYNWQYvWmWBL4iT8AeXOc31L4tj7r3aCULu1l93sMVJHpW-7N5Ajoa2oJ09b4LpvmhDq3jrTAn8GfHJIWjTj7-OnTCGEIQYOF78MDDiMqxkS4DDr06cpcEgLv8ch81v1QQ4cvDh97MXzqk2PLIHD_0jTl1bAYVTmy8t_AQAA__8UYFaoDwUAAA== Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1 Response headers server nginx date Tue, 29 Jun 2021 07:50:22 GMT content-type text/html; charset=utf-8 content-length 777 cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 expires Thu, 01 Jan 1970 00:00:00 UTC pragma no-cache
GET H/1.1	200 OK	Primary Request 1682 Show response wintoday2021.com/ Redirect Chain http://go.cyndaldesper.com/ts5635-sms-owwlm-1-us?subid=6uxa27p9x4pm&tid={tid}&thru=VK2506 http://go.cyndaldesper.com/ts5635-sms-owwlm-1-us-rev http://kq6.dedicationlinks.com/?kw=ts5635-sms-owwlm-1-us-rev&s1=ts5635-sms-owwlm-1-us-rev&s2=1624953023.85-190697147-0-&s3=&fallback=18 https://icus3.dedicationlinks.com/ https://icus3.zqbdrjam3t.com/o/HZJFAMRO/aa7fc154-d8ae-11eb-827a-9d715a4f6134 http://offers-haka.com/click?hash=28529&pid=2420&aid=89056&keyword=ab4d8f1c-d8ae-11eb-94ba-d3a83fea0da1 http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529	8 KB 3 KB	334ms 294ms	Document text/html	66.228.63.84 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529 Protocol HTTP/1.1 Server 66.228.63.84 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS nb-66-228-63-84.atlanta.nodebalancer.linode.com Software / Express Resource Hash `7685b4143cd4571fecdfe56a650f5dabd029d1b64d2df9399aac8a4d8913f7f9` Request headers Host wintoday2021.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1 Referer https://gazitmedia.com/double?t=2&d=eyJVUkwiOiJodHRwOi8vZ28uY3luZGFsZGVzcGVyLmNvbS90czU2MzUtc21zLW93d2xtLTEtdXM_c3ViaWQ9NnV4YTI3cDl4NHBtXHUwMDI2dGlkPXt0aWR9XHUwMDI2dGhydT1WSzI1MDYiLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjI1OTZ9 Response headers x-powered-by Express content-type text/html; charset=utf-8 etag W/"20ba-ygkoI7gpWCeSEbPclj7Pb9zqV9I" vary Accept-Encoding content-encoding gzip date Tue, 29 Jun 2021 07:50:28 GMT transfer-encoding chunked connection close Redirect headers x-powered-by Express location http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529 date Tue, 29 Jun 2021 07:50:27 GMT transfer-encoding chunked connection close
GET H2	200	iphone11.png 1673333600.rsc.cdn77.org/images/	18 KB 18 KB	47ms 10ms	Image image/png	2a02:6ea0:c700::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1673333600.rsc.cdn77.org/images/iphone11.png Requested by Host: wintoday2021.com URL: http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `193039069db3d2a46e189023de371cc848ec2cdcfc8166ce5ccf3c1b911955a0` Request headers Referer http://wintoday2021.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1 Response headers x-77-nzt AcO1ryzsvF3vtIQLAA== x-accel-expires @1625234960 date Tue, 29 Jun 2021 07:50:28 GMT etag "5ee73050-4819" last-modified Mon, 15 Jun 2020 08:24:48 GMT server CDN77-Turbo x-77-nzt-ray +7o99PUXzeU= x-77-cache HIT content-type image/png access-control-allow-origin * x-cache HIT x-age 754868 accept-ranges bytes x-77-pop frankfurtDE content-length 18457
GET H2	200	band.png 1673333600.rsc.cdn77.org/images/	17 KB 17 KB	48ms 11ms	Image image/png	2a02:6ea0:c700::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1673333600.rsc.cdn77.org/images/band.png Requested by Host: wintoday2021.com URL: http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `f3bebd9375f356332b5c6bd0f3cfcb67597de118b2c24a506985f2936da4d6ea` Request headers Referer http://wintoday2021.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1 Response headers x-77-nzt AcO1ryyT4TLvs4QLAA== x-accel-expires @1625234961 date Tue, 29 Jun 2021 07:50:28 GMT etag "5ee72ff8-4465" last-modified Mon, 15 Jun 2020 08:23:20 GMT server CDN77-Turbo x-77-nzt-ray RsX3cLzeiqI= x-77-cache HIT content-type image/png access-control-allow-origin * x-cache HIT x-age 754867 accept-ranges bytes x-77-pop frankfurtDE content-length 17509
GET H2	200	jquery-3.4.1.min.js Show response code.jquery.com/	86 KB 30 KB	40ms 8ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.min.js Requested by Host: wintoday2021.com URL: http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers Origin http://wintoday2021.com Referer http://wintoday2021.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1 Response headers date Tue, 29 Jun 2021 07:50:28 GMT content-encoding gzip last-modified Wed, 01 May 2019 21:14:27 GMT server nginx etag W/"5cca0c33-15851" vary Accept-Encoding x-hw 1624953028.dop230.fr8.t,1624953028.cds221.fr8.hc,1624953028.cds236.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30638
GET H2	200	iphone11.png 1673333600.rsc.cdn77.org/images/	18 KB 18 KB	8ms 8ms	Image image/png	2a02:6ea0:c700::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://1673333600.rsc.cdn77.org/images/iphone11.png Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.4.1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `193039069db3d2a46e189023de371cc848ec2cdcfc8166ce5ccf3c1b911955a0` Request headers Referer http://wintoday2021.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1 Response headers x-77-nzt AcO1rywrLazvtIQLAA== x-accel-expires @1625234960 date Tue, 29 Jun 2021 07:50:28 GMT etag "5ee73050-4819" last-modified Mon, 15 Jun 2020 08:24:48 GMT server CDN77-Turbo x-77-nzt-ray w+p+x+HvRTY= x-77-cache HIT content-type image/png access-control-allow-origin * x-cache HIT x-age 754868 accept-ranges bytes x-77-pop frankfurtDE content-length 18457

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1673333600.rsc.cdn77.org
code.jquery.com
gazitmedia.com
go.cyndaldesper.com
hfamk96ola.me
icus3.dedicationlinks.com
icus3.zqbdrjam3t.com
kq6.dedicationlinks.com
offers-haka.com
wintoday2021.com
167.114.197.131
172.245.240.87
2001:4de0:ac18::1:a:1b
216.189.51.65
2a02:6ea0:c700::1
3.126.48.135
45.79.244.11
66.228.63.84
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
193039069db3d2a46e189023de371cc848ec2cdcfc8166ce5ccf3c1b911955a0
7685b4143cd4571fecdfe56a650f5dabd029d1b64d2df9399aac8a4d8913f7f9
7c7bde257307c9dc772b1f2b3f1dfbdfc098d15e9ce078e1584ea109fdb8e4b5
d792ebb041e827d0fcc2381af0b4d9cef4b7ca887fdcdb093abffefb2f8aba60
f3bebd9375f356332b5c6bd0f3cfcb67597de118b2c24a506985f2936da4d6ea

wintoday2021.com Open in urlscan Pro 66.228.63.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

86 %HTTPS

25 %IPv6

9 Domains

10 Subdomains

4 IPs

4 Countries

92 kBTransfer

149 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

0 Cookies

Indicators

wintoday2021.com Open in urlscan Pro
66.228.63.84 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

25 %
IPv6

9
Domains

10
Subdomains

4
IPs

4
Countries

92 kB
Transfer

149 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions