![](/screenshots/986601e3-8341-4289-af02-430c3d15871e.png)
wintoday2021.com
Open in
urlscan Pro
66.228.63.84
Public Scan
Effective URL: http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529
Submission: On June 29 via api from US
Summary
This is the only time wintoday2021.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.114.197.131 167.114.197.131 | 16276 (OVH) (OVH) | |
2 | 3.126.48.135 3.126.48.135 | 16509 (AMAZON-02) (AMAZON-02) | |
2 2 | 216.189.51.65 216.189.51.65 | 6921 (ARACHNITEC) (ARACHNITEC) | |
3 3 | 172.245.240.87 172.245.240.87 | 36352 (AS-COLOCR...) (AS-COLOCROSSING) | |
1 1 | 45.79.244.11 45.79.244.11 | 63949 (LINODE-AP...) (LINODE-AP Linode) | |
1 | 66.228.63.84 66.228.63.84 | 63949 (LINODE-AP...) (LINODE-AP Linode) | |
3 | 2a02:6ea0:c70... 2a02:6ea0:c700::1 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
7 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-48-135.eu-central-1.compute.amazonaws.com
gazitmedia.com |
ASN36352 (AS-COLOCROSSING, US)
PTR: 172-245-240-87-host.colocrossing.com
kq6.dedicationlinks.com | |
icus3.dedicationlinks.com | |
icus3.zqbdrjam3t.com |
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-45-79-244-11.atlanta.nodebalancer.linode.com
offers-haka.com |
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-66-228-63-84.atlanta.nodebalancer.linode.com
wintoday2021.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
cdn77.org
1673333600.rsc.cdn77.org |
54 KB |
2 |
dedicationlinks.com
2 redirects
kq6.dedicationlinks.com icus3.dedicationlinks.com |
2 KB |
2 |
cyndaldesper.com
2 redirects
go.cyndaldesper.com |
467 B |
2 |
gazitmedia.com
gazitmedia.com |
4 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
wintoday2021.com
wintoday2021.com |
3 KB |
1 |
offers-haka.com
1 redirects
offers-haka.com |
217 B |
1 |
zqbdrjam3t.com
1 redirects
icus3.zqbdrjam3t.com |
1 KB |
1 |
hfamk96ola.me
1 redirects
hfamk96ola.me |
369 B |
7 | 9 |
Domain | Requested by | |
---|---|---|
3 | 1673333600.rsc.cdn77.org |
wintoday2021.com
code.jquery.com |
2 | go.cyndaldesper.com | 2 redirects |
2 | gazitmedia.com | |
1 | code.jquery.com |
wintoday2021.com
|
1 | wintoday2021.com | |
1 | offers-haka.com | 1 redirects |
1 | icus3.zqbdrjam3t.com | 1 redirects |
1 | icus3.dedicationlinks.com | 1 redirects |
1 | kq6.dedicationlinks.com | 1 redirects |
1 | hfamk96ola.me | 1 redirects |
7 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
gazitmedia.com R3 |
2021-05-26 - 2021-08-24 |
3 months | crt.sh |
www.cdn77.com R3 |
2021-05-03 - 2021-08-01 |
3 months | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529
Frame ID: F200398B0235798066B35A5FD3B13FED
Requests: 7 HTTP requests in this frame
Screenshot
![](/screenshots/986601e3-8341-4289-af02-430c3d15871e.png)
Page URL History Show full URLs
-
http://hfamk96ola.me/daepn
HTTP 301
https://gazitmedia.com/click?trvid=10253&eid=71193373&subid1=VK2506&v1=me&v2=p_17698&v3=360&v4=1&v5... Page URL
- https://gazitmedia.com/double?t=2&d=eyJVUkwiOiJodHRwOi8vZ28uY3luZGFsZGVzcGVyLmNvbS90czU2MzUtc21zLW9... Page URL
-
http://go.cyndaldesper.com/ts5635-sms-owwlm-1-us?subid=6uxa27p9x4pm&tid={tid}&thru=VK2506
HTTP 302
http://go.cyndaldesper.com/ts5635-sms-owwlm-1-us-rev HTTP 302
http://kq6.dedicationlinks.com/?kw=ts5635-sms-owwlm-1-us-rev&s1=ts5635-sms-owwlm-1-us-rev&s2=1624953023.85-... HTTP 301
https://icus3.dedicationlinks.com/ HTTP 302
https://icus3.zqbdrjam3t.com/o/HZJFAMRO/aa7fc154-d8ae-11eb-827a-9d715a4f6134 HTTP 302
http://offers-haka.com/click?hash=28529&pid=2420&aid=89056&keyword=ab4d8f1c-d8ae-11eb-94ba-d3a83fea... HTTP 302
http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529 Page URL
Detected technologies
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://hfamk96ola.me/daepn
HTTP 301
https://gazitmedia.com/click?trvid=10253&eid=71193373&subid1=VK2506&v1=me&v2=p_17698&v3=360&v4=1&v5=2906&v6=7405902337&v7=glwharton@gmail.com&v8=Gary Page URL
- https://gazitmedia.com/double?t=2&d=eyJVUkwiOiJodHRwOi8vZ28uY3luZGFsZGVzcGVyLmNvbS90czU2MzUtc21zLW93d2xtLTEtdXM_c3ViaWQ9NnV4YTI3cDl4NHBtXHUwMDI2dGlkPXt0aWR9XHUwMDI2dGhydT1WSzI1MDYiLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjI1OTZ9 Page URL
-
http://go.cyndaldesper.com/ts5635-sms-owwlm-1-us?subid=6uxa27p9x4pm&tid={tid}&thru=VK2506
HTTP 302
http://go.cyndaldesper.com/ts5635-sms-owwlm-1-us-rev HTTP 302
http://kq6.dedicationlinks.com/?kw=ts5635-sms-owwlm-1-us-rev&s1=ts5635-sms-owwlm-1-us-rev&s2=1624953023.85-190697147-0-&s3=&fallback=18 HTTP 301
https://icus3.dedicationlinks.com/ HTTP 302
https://icus3.zqbdrjam3t.com/o/HZJFAMRO/aa7fc154-d8ae-11eb-827a-9d715a4f6134 HTTP 302
http://offers-haka.com/click?hash=28529&pid=2420&aid=89056&keyword=ab4d8f1c-d8ae-11eb-94ba-d3a83fea0da1 HTTP 302
http://wintoday2021.com/1682?id=6f62b501-5d2f-4e1b-b948-c991733975d1&h=28529 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://hfamk96ola.me/daepn HTTP 301
- https://gazitmedia.com/click?trvid=10253&eid=71193373&subid1=VK2506&v1=me&v2=p_17698&v3=360&v4=1&v5=2906&v6=7405902337&v7=glwharton@gmail.com&v8=Gary
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
click
gazitmedia.com/ Redirect Chain
|
1 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
double
gazitmedia.com/ |
777 B 957 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
1682
wintoday2021.com/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iphone11.png
1673333600.rsc.cdn77.org/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
band.png
1673333600.rsc.cdn77.org/images/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
code.jquery.com/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iphone11.png
1673333600.rsc.cdn77.org/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| ajax_call function| hitthelist string| pm_pid function| generateUkid function| sendmessage function| redirecting function| becreative function| renderPrize string| winmsg0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1673333600.rsc.cdn77.org
code.jquery.com
gazitmedia.com
go.cyndaldesper.com
hfamk96ola.me
icus3.dedicationlinks.com
icus3.zqbdrjam3t.com
kq6.dedicationlinks.com
offers-haka.com
wintoday2021.com
167.114.197.131
172.245.240.87
2001:4de0:ac18::1:a:1b
216.189.51.65
2a02:6ea0:c700::1
3.126.48.135
45.79.244.11
66.228.63.84
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
193039069db3d2a46e189023de371cc848ec2cdcfc8166ce5ccf3c1b911955a0
7685b4143cd4571fecdfe56a650f5dabd029d1b64d2df9399aac8a4d8913f7f9
7c7bde257307c9dc772b1f2b3f1dfbdfc098d15e9ce078e1584ea109fdb8e4b5
d792ebb041e827d0fcc2381af0b4d9cef4b7ca887fdcdb093abffefb2f8aba60
f3bebd9375f356332b5c6bd0f3cfcb67597de118b2c24a506985f2936da4d6ea