urlscan.io logo urlscan.io
SecurityTrails logo

winonlynow.com Open in urlscan Pro
2606:4700:3030::6818:64a4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://areftthcrsipss.com/r.php?v=dD1jJmQ9ODQwNCZsPTc5NCZjPTI3NTEyMQ==
Effective URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_co...
Submission: On September 27 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 6 countries across 12 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3030::6818:64a4, located in United States and belongs to CLOUDFLARENET, US. The main domain is winonlynow.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 23rd 2020. Valid for: a year.
This is the only time winonlynow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 139.99.236.243 16276 (OVH)
1 1 35.204.93.160 15169 (GOOGLE)
1 1 2001:41d0:701... 16276 (OVH)
1 1 51.75.67.102 16276 (OVH)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
23 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 198.20.124.172 32475 (SINGLEHOP...)
30 6
1    139.99.236.243 (Sydney, Australia)

ASN16276 (OVH, FR)
PTR: 243.ip-139-99-236.net
areftthcrsipss.com
1    35.204.93.160 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 160.93.204.35.bc.googleusercontent.com
aptrk13.com
1    2001:41d0:701:1100::1f26 (France)

ASN16276 (OVH, FR)
ahab-mtb.be
1    51.75.67.102 (Germany)

ASN16276 (OVH, FR)
PTR: click4.geni.link
downhill-mtb.eu
1    2606:4700:3033::681b:b629 (United States)

ASN13335 (CLOUDFLARENET, US)
partner.2019advrt.com
1    2606:4700:3036::ac43:c1aa (United States)

ASN13335 (CLOUDFLARENET, US)
best.boosterads.online
23    2606:4700:3030::6818:64a4 (United States)

ASN13335 (CLOUDFLARENET, US)
winonlynow.com
1    2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2606:4700:3033::681b:9a32 (United States)

ASN13335 (CLOUDFLARENET, US)
ssbk.best-gateway.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    198.20.124.172 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
PTR: db1.plugon.me
analytics.plugon.me
Domain Requested by
23 winonlynow.com winonlynow.com
2 analytics.plugon.me winonlynow.com
2 maxcdn.bootstrapcdn.com winonlynow.com
1 cdn.jsdelivr.net winonlynow.com
1 ssbk.best-gateway.com winonlynow.com
1 fonts.googleapis.com winonlynow.com
1 best.boosterads.online 1 redirects
1 partner.2019advrt.com 1 redirects
1 downhill-mtb.eu 1 redirects
1 ahab-mtb.be 1 redirects
1 aptrk13.com 1 redirects
1 areftthcrsipss.com 1 redirects
30 12

This site contains links to these domains. Also see Links.

Domain
en-gb.wordpress.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-23 -
2021-08-23		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-09-21 -
2021-04-17		 7 months crt.sh
*.plugon.me
Let's Encrypt Authority X3		 2020-07-01 -
2020-09-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Frame ID: 3BD5D409B696ADA6252BBAF10F2DB020
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://areftthcrsipss.com/r.php?v=dD1jJmQ9ODQwNCZsPTc5NCZjPTI3NTEyMQ== HTTP 302
    https://aptrk13.com/?a=2071&oc=12227&c=35132&m=3&s1=1&s2=8404&s3=12318&s4=794&s5=275121 HTTP 302
    https://ahab-mtb.be/qM8t5n6c1PefZ?subid1=2071&subid2=170201242 HTTP 302
    https://downhill-mtb.eu/aff_c?offer_id=10338&aff_id=4377&aff_sub=1795&aff_sub2=GOVH3-1654527&aff_sub3=1 HTTP 302
    https://partner.2019advrt.com/click?pid=30&offer_id=241&ref_id=GOVH3-1654527&sub2=1795 HTTP 302
    https://best.boosterads.online/ccp/fevas20/?trkfl=AAS45&cmpId=553&clickid=5f70812e13baf2000104ed12&pubid=30... HTTP 302
    https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /piwik\.js|piwik\.php/i
Overall confidence: 100%
Detected patterns
  • script /wp-content\/plugins\/weglot/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

30
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

12
Subdomains

6
IPs

6
Countries

276 kB
Transfer

1229 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://areftthcrsipss.com/r.php?v=dD1jJmQ9ODQwNCZsPTc5NCZjPTI3NTEyMQ== HTTP 302
    https://aptrk13.com/?a=2071&oc=12227&c=35132&m=3&s1=1&s2=8404&s3=12318&s4=794&s5=275121 HTTP 302
    https://ahab-mtb.be/qM8t5n6c1PefZ?subid1=2071&subid2=170201242 HTTP 302
    https://downhill-mtb.eu/aff_c?offer_id=10338&aff_id=4377&aff_sub=1795&aff_sub2=GOVH3-1654527&aff_sub3=1 HTTP 302
    https://partner.2019advrt.com/click?pid=30&offer_id=241&ref_id=GOVH3-1654527&sub2=1795 HTTP 302
    https://best.boosterads.online/ccp/fevas20/?trkfl=AAS45&cmpId=553&clickid=5f70812e13baf2000104ed12&pubid=30-1795 HTTP 302
    https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
winonlynow.com/de/cst_reg_it_old/
Redirect Chain
  • http://areftthcrsipss.com/r.php?v=dD1jJmQ9ODQwNCZsPTc5NCZjPTI3NTEyMQ==
  • https://aptrk13.com/?a=2071&oc=12227&c=35132&m=3&s1=1&s2=8404&s3=12318&s4=794&s5=275121
  • https://ahab-mtb.be/qM8t5n6c1PefZ?subid1=2071&subid2=170201242
  • https://downhill-mtb.eu/aff_c?offer_id=10338&aff_id=4377&aff_sub=1795&aff_sub2=GOVH3-1654527&aff_sub3=1
  • https://partner.2019advrt.com/click?pid=30&offer_id=241&ref_id=GOVH3-1654527&sub2=1795
  • https://best.boosterads.online/ccp/fevas20/?trkfl=AAS45&cmpId=553&clickid=5f70812e13baf2000104ed12&pubid=30-1795
  • https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
118 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.3
Resource Hash
9e9c47e011beeb51fe17a377259f7a999e1bca675459bf6babdae605131fdfd3

Request headers

:method
GET
:authority
winonlynow.com
:scheme
https
:path
/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 27 Sep 2020 12:10:23 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dae81805e7f693cee8be4801b54d911c61601208622; expires=Tue, 27-Oct-20 12:10:22 GMT; path=/; domain=.winonlynow.com; HttpOnly; SameSite=Lax; Secure extSId=8212225; expires=Sun, 27-Sep-2020 14:10:23 GMT; Max-Age=7200; path=/
x-powered-by
PHP/7.3.3
link
<https://winonlynow.com/wp-json/>; rel="https://api.w.org/" <https://winonlynow.com/?p=6434>; rel=shortlink
cf-cache-status
DYNAMIC
cf-request-id
057111b694000097c06a817200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5d951f0429e497c0-FRA
content-encoding
br

Redirect headers

status
302
date
Sun, 27 Sep 2020 12:10:22 GMT
content-type
text/html;charset=ISO-8859-1
set-cookie
__cfduid=d43fb2e3d9a3ea71454f42abcc5daa4501601208622; expires=Tue, 27-Oct-20 12:10:22 GMT; path=/; domain=.boosterads.online; HttpOnly; SameSite=Lax; Secure JSESSIONID=33BFF4BBE39DCE7E83CDD067AC91C127; Path=/ccp/fevas20/; HttpOnly
location
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
x-frame-options
SAMEORIGIN
cf-cache-status
DYNAMIC
cf-request-id
057111b6060000324018abe200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5d951f033e603240-FRA
register-small.css
winonlynow.com/wp-content/plugins/user-api/includes/vc-elements/css/ 		222 B
231 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-content/plugins/user-api/includes/vc-elements/css/register-small.css?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0fae4058283ce6b10f20e52c7e3ff1510c2f2179f659412f167367690c4c16

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Mar 2019 13:43:53 GMT
server
cloudflare
age
3299759
etag
W/"5c9e2119-de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
5d951f089dd597c0-FRA
cf-request-id
057111b95f000097c06a882200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
winonlynow.com/wp-includes/css/dist/block-library/ 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-includes/css/dist/block-library/style.min.css?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Apr 2019 12:26:01 GMT
server
cloudflare
age
1219480
etag
W/"5cbf0459-629a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
5d951f089dd797c0-FRA
cf-request-id
057111b95f000097c06a883200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
theme.min.css
winonlynow.com/wp-includes/css/dist/block-library/ 		1 KB
550 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-includes/css/dist/block-library/theme.min.css?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847f1e29e2676e8dfcbfede5d4ffce35178e79a60f66186cc95e85c25b14cb11

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Apr 2019 12:26:01 GMT
server
cloudflare
age
192578
etag
W/"5cbf0459-407"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
5d951f089dd897c0-FRA
cf-request-id
057111b95f000097c06a884200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
front-css.css
winonlynow.com/wp-content/plugins/weglot/dist/css/ 		50 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-content/plugins/weglot/dist/css/front-css.css?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdef580c2e91b6591f80539713f1a076be6418ab9e2e50ffedb12b5d4f3a4f1a

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 08:35:01 GMT
server
cloudflare
age
3299759
etag
W/"5e69f435-c91a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
5d951f089dd997c0-FRA
cf-request-id
057111b95f000097c06a885200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		7 KB
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf76b304b5739a60283aea879baf821f9a38ee4329590dbc4678f2174d27250f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Sep 2020 10:47:43 GMT
server
ESF
date
Sun, 27 Sep 2020 12:10:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Sep 2020 12:10:23 GMT
style.css
winonlynow.com/wp-content/themes/twentyseventeen/ 		82 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-content/themes/twentyseventeen/style.css?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ee2670ee7ad106dfcc2f493f440df91863eab70732b660434e24696c259fc70

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jan 2020 10:13:22 GMT
server
cloudflare
age
3299759
etag
W/"5e1459c2-14624"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
5d951f089dda97c0-FRA
cf-request-id
057111b95f000097c06a886200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
blocks.css
winonlynow.com/wp-content/themes/twentyseventeen/assets/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-content/themes/twentyseventeen/assets/css/blocks.css?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97201fbb633fdbc1a8bbf2dfd7f1f0ac5fa8ada2c481b3fcb8e6bab9754d6fdb

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jan 2020 10:13:22 GMT
server
cloudflare
age
1566760
etag
W/"5e1459c2-27df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
5d951f089ddb97c0-FRA
cf-request-id
057111b95f000097c06a887200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
js_composer.min.css
winonlynow.com/wp-content/plugins/js_composer/assets/css/ 		473 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18fd322583b992be8df5cc0713fee5fc2ec1f43004f1d838cfe1a76d49cb8f4a

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Feb 2019 16:41:48 GMT
server
cloudflare
age
3299759
etag
W/"5c61a5cc-76596"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
5d951f089ddd97c0-FRA
cf-request-id
057111b95f000097c06a888200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
Defaults.css
winonlynow.com/wp-content/uploads/smile_fonts/Defaults/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Feb 2019 16:41:47 GMT
server
cloudflare
age
3299759
etag
W/"5c61a5cb-6bf7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
5d951f089dde97c0-FRA
cf-request-id
057111b95f000097c06a889200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/bootstrap.min.css?ver=5.1.6
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 14 Dec 2018 05:14:43 GMT
status
200
etag
"1544764483"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19736
jquery.js
winonlynow.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-includes/js/jquery/jquery.js?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Sep 2019 01:50:07 GMT
server
cloudflare
age
3299759
etag
W/"5d7069cf-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
5d951f089de097c0-FRA
cf-request-id
057111b95f000097c06a88a200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
winonlynow.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-includes/js/jquery/jquery-migrate.min.js?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Feb 2019 16:42:08 GMT
server
cloudflare
age
3299759
etag
W/"5c61a5e0-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
5d951f089de297c0-FRA
cf-request-id
057111b95f000097c06a88b200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
front-js.js
winonlynow.com/wp-content/plugins/weglot/dist/ 		2 KB
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-content/plugins/weglot/dist/front-js.js?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2005c499ac54953aa518b98f0bb11f6faa5ce155dce47f921da536d19501d85

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 08:35:01 GMT
server
cloudflare
age
876042
etag
W/"5e69f435-61c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
5d951f089de397c0-FRA
cf-request-id
057111b95f000097c06a88c200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
winonlynow.com/wp-includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.6
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Apr 2019 12:26:01 GMT
server
cloudflare
age
192578
etag
W/"5cbf0459-2f02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
5d951f0a6f2597c0-FRA
cf-request-id
057111ba80000097c06a898200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
3.png
winonlynow.com/wp-content/uploads/2019/07/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winonlynow.com/wp-content/uploads/2019/07/3.png?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9da8006ca1c0cfcd97d6bf92ce23342b273c808a61ea924da4018e6e2c3239b2

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
cf-cache-status
HIT
age
1566760
status
200
content-length
1126
cf-request-id
057111ba80000097c06a899200000001
last-modified
Mon, 22 Jul 2019 09:57:16 GMT
server
cloudflare
etag
"5d35887c-466"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5d951f0a6f2697c0-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
4.png
winonlynow.com/wp-content/uploads/2019/07/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winonlynow.com/wp-content/uploads/2019/07/4.png?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1816728eaa63cc1ecf466dec5ff4e5ac1822fe40480cf086f55ef643d19c8513

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
cf-cache-status
HIT
age
3299759
status
200
content-length
1963
cf-request-id
057111ba80000097c06a89a200000001
last-modified
Mon, 22 Jul 2019 09:57:18 GMT
server
cloudflare
etag
"5d35887e-7ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5d951f0a6f2897c0-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
7.png
winonlynow.com/wp-content/uploads/2019/07/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winonlynow.com/wp-content/uploads/2019/07/7.png?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb69e2661fdb4b8cb5aa919aa219fad581426c0d404ddbe894906d5142e1598

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
cf-cache-status
HIT
age
3299759
status
200
content-length
1943
cf-request-id
057111ba80000097c06a89b200000001
last-modified
Mon, 22 Jul 2019 09:57:20 GMT
server
cloudflare
etag
"5d358880-797"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5d951f0a6f2997c0-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
winonlynow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 25 Sep 2020 21:34:15 GMT
server
cloudflare
etag
W/"5f6e6257-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
5d951f08ee1e97c0-FRA
cf-request-id
057111b993000097c06a88d200000001
expires
Tue, 29 Sep 2020 12:10:23 GMT
geodata.js.php
ssbk.best-gateway.com/geodata/elastic/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssbk.best-gateway.com/geodata/elastic/geodata.js.php?token=088b9e02-5f10-7e0e-40c9-05910dc31daa
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:9a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a5d094867c94b65eca56c193e0ea2516487bc593fa8ad540d4a2ddf5ad1b30
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset: UTF-8
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=63072000; includeSubDomains; preload;
cf-ray
5d951f090d9f2c01-FRA
cf-request-id
057111b9a500002c01ca330200000001
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js?ver=1.1
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 14 Dec 2018 05:14:43 GMT
status
200
etag
"1544764483"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
10035
jquery.validate.min.js
cdn.jsdelivr.net/npm/jquery-validation@1.19.0/dist/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery-validation@1.19.0/dist/jquery.validate.min.js?ver=1
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2708835
x-cache
HIT, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
7815
etag
W/"5f30-OBXPEeECCscMyGeJuira8H09tDQ"
x-served-by
cache-fra19183-FRA, cache-hhn4047-HHN
date
Sun, 27 Sep 2020 12:10:23 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
register-small.js
winonlynow.com/wp-content/plugins/user-api/includes/vc-elements/scripts/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-content/plugins/user-api/includes/vc-elements/scripts/register-small.js?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b544b1e6e5d445c2b2e0c4a6a087cb94cdfe227a0d9eba6cb4e6f67aab09446

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Sep 2019 15:21:02 GMT
server
cloudflare
age
3299759
etag
W/"5d839cde-4172"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
5d951f0a4f1097c0-FRA
cf-request-id
057111ba6d000097c06a891200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
skip-link-focus-fix.js
winonlynow.com/wp-content/themes/twentyseventeen/assets/js/ 		683 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jan 2020 10:13:22 GMT
server
cloudflare
age
3299759
etag
W/"5e1459c2-2ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
5d951f0a4f1197c0-FRA
cf-request-id
057111ba6d000097c06a892200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
global.js
winonlynow.com/wp-content/themes/twentyseventeen/assets/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-content/themes/twentyseventeen/assets/js/global.js?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6d9599b5f75bd2619299f87d5b979f14955c35d2dd34050ff13ab0609297d7c

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jan 2020 10:13:22 GMT
server
cloudflare
age
3299759
etag
W/"5e1459c2-1e4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
5d951f0a4f1297c0-FRA
cf-request-id
057111ba6d000097c06a893200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.scrollTo.js
winonlynow.com/wp-content/themes/twentyseventeen/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Jan 2020 10:13:22 GMT
server
cloudflare
age
876070
etag
W/"5e1459c2-16cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
5d951f0a4f1497c0-FRA
cf-request-id
057111ba6d000097c06a894200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
winonlynow.com/wp-includes/js/ 		1 KB
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-includes/js/wp-embed.min.js?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Feb 2019 16:42:08 GMT
server
cloudflare
age
3299759
etag
W/"5c61a5e0-57b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
5d951f0a4f1597c0-FRA
cf-request-id
057111ba6d000097c06a895200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
js_composer_front.min.js
winonlynow.com/wp-content/plugins/js_composer/assets/js/dist/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winonlynow.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?x86584
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6818:64a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0bcb73a9ca9483f3d74255ce1a77f5fbc491f09a5516929e55b4c38c2e9ecd

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 12:10:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Feb 2019 16:41:51 GMT
server
cloudflare
age
3299759
etag
W/"5c61a5cf-4cfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=315360000
cf-ray
5d951f0a4f1697c0-FRA
cf-request-id
057111ba6d000097c06a896200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
piwik.js
analytics.plugon.me/ 		69 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.plugon.me/piwik.js
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.20.124.172 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
db1.plugon.me
Software
nginx/1.14.1 /
Resource Hash
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 12:10:23 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 12 Sep 2020 08:05:55 GMT
Server
nginx/1.14.1
ETag
"5f5c8163-1131c"
X-Frame-Options
SAMEORIGIN
Connection
close
Content-Type
application/javascript
Cache-Control
public, max-age=7200
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload;
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
70428
X-XSS-Protection
1; mode=block
piwik.php
analytics.plugon.me/ 		43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.plugon.me/piwik.php?action_name=Das%20ist%20deine%20Chance%20zu%20gewinnen.&idsite=28&rec=1&r=337487&h=14&m=10&s=23&url=https%3A%2F%2Fwinonlynow.com%2Fde%2Fcst_reg_it_old%2F%3FextSId%3D8212225%26utm_campaign%3DAFF_blank_at%26utm_medium%3DCPA%26utm_source%3DAFF%26utm_content%3Dblank_at%26pubid%3D30-1795%26clickid%3D5f70812e13baf2000104ed12%26pubid%3D30-1795&_id=cbca458a62610091&_idts=1601208624&_idvc=1&_idn=1&_rcn=AFF_blank_at&_refts=1601208624&_viewts=1601208624&send_image=1&cookie=1&res=1600x1200&gt_ms=709&pv_id=hrnnDi
Requested by
Host: winonlynow.com
URL: https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
198.20.124.172 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
db1.plugon.me
Software
nginx/1.14.1 / PHP/7.3.4
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;, max-age=7200; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://winonlynow.com/de/cst_reg_it_old/?extSId=8212225&utm_campaign=AFF_blank_at&utm_medium=CPA&utm_source=AFF&utm_content=blank_at&pubid=30-1795&clickid=5f70812e13baf2000104ed12&pubid=30-1795
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Sep 2020 12:10:24 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload;, max-age=7200; includeSubDomains; preload;
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.3.4
Transfer-Encoding
chunked
Connection
close
X-XSS-Protection
1; mode=block
Server
nginx/1.14.1
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-store
X-Robots-Tag
none
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _wpemojiSettings function| $ function| jQuery object| _paq string| visitor_id function| bin2hex function| setcolor object| GeoData object| jQuery112402813880436014795 object| registerForm object| twentyseventeenScreenReaderText object| wp function| vc_js string| screen_size function| getSizeName function| loadScript function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| vc_googleMapsPointer function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content object| twemoji object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

5 Cookies

Domain/Path Name / Value
winonlynow.com/ Name: _pk_id.28.04c2
Value: cbca458a62610091.1601208624.1.1601208624.1601208624.
winonlynow.com/ Name: _pk_ses.28.04c2
Value: 1
winonlynow.com/ Name: _pk_ref.28.04c2
Value: %5B%22AFF_blank_at%22%2C%22%22%2C1601208624%2C%22%22%5D
winonlynow.com/ Name: extSId
Value: 8212225
.winonlynow.com/ Name: __cfduid
Value: dae81805e7f693cee8be4801b54d911c61601208622

2 Console Messages

Source Level URL
Text
console-api log URL: https://winonlynow.com/wp-includes/js/jquery/jquery-migrate.min.js?x86584(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://winonlynow.com/wp-content/plugins/user-api/includes/vc-elements/scripts/register-small.js?x86584(Line 307)
Message:
Form validated

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ahab-mtb.be
analytics.plugon.me
aptrk13.com
areftthcrsipss.com
best.boosterads.online
cdn.jsdelivr.net
downhill-mtb.eu
fonts.googleapis.com
maxcdn.bootstrapcdn.com
partner.2019advrt.com
ssbk.best-gateway.com
winonlynow.com
139.99.236.243
198.20.124.172
2001:41d0:701:1100::1f26
2001:4de0:ac19::1:b:2a
2606:4700:3030::6818:64a4
2606:4700:3033::681b:9a32
2606:4700:3033::681b:b629
2606:4700:3036::ac43:c1aa
2a00:1450:4001:818::200a
2a04:4e42:1b::621
35.204.93.160
51.75.67.102
04a5d094867c94b65eca56c193e0ea2516487bc593fa8ad540d4a2ddf5ad1b30
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
0a0fae4058283ce6b10f20e52c7e3ff1510c2f2179f659412f167367690c4c16
0ee2670ee7ad106dfcc2f493f440df91863eab70732b660434e24696c259fc70
1816728eaa63cc1ecf466dec5ff4e5ac1822fe40480cf086f55ef643d19c8513
18fd322583b992be8df5cc0713fee5fc2ec1f43004f1d838cfe1a76d49cb8f4a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c0bcb73a9ca9483f3d74255ce1a77f5fbc491f09a5516929e55b4c38c2e9ecd
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6bb69e2661fdb4b8cb5aa919aa219fad581426c0d404ddbe894906d5142e1598
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
847f1e29e2676e8dfcbfede5d4ffce35178e79a60f66186cc95e85c25b14cb11
8b544b1e6e5d445c2b2e0c4a6a087cb94cdfe227a0d9eba6cb4e6f67aab09446
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
97201fbb633fdbc1a8bbf2dfd7f1f0ac5fa8ada2c481b3fcb8e6bab9754d6fdb
9da8006ca1c0cfcd97d6bf92ce23342b273c808a61ea924da4018e6e2c3239b2
9e9c47e011beeb51fe17a377259f7a999e1bca675459bf6babdae605131fdfd3
a2005c499ac54953aa518b98f0bb11f6faa5ce155dce47f921da536d19501d85
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
c6d9599b5f75bd2619299f87d5b979f14955c35d2dd34050ff13ab0609297d7c
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
cdef580c2e91b6591f80539713f1a076be6418ab9e2e50ffedb12b5d4f3a4f1a
cf76b304b5739a60283aea879baf821f9a38ee4329590dbc4678f2174d27250f
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89