urlscan.io logo urlscan.io
SecurityTrails logo

www.winner.co.il Open in urlscan Pro
108.138.36.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.winner.co.il/
Effective URL: https://www.winner.co.il/
Submission: On May 15 via api from US — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 58 HTTP transactions. The main IP is 108.138.36.65, located in United States and belongs to AMAZON-02, US. The main domain is www.winner.co.il.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on February 11th 2024. Valid for: a year.
This is the only time www.winner.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 108.138.36.65 16509 (AMAZON-02)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 142.250.186.74 15169 (GOOGLE)
4 35.190.88.7 15169 (GOOGLE)
3 142.250.181.227 15169 (GOOGLE)
6 18.66.192.105 16509 (AMAZON-02)
1 185.172.148.132 44239 (PROINITY ...)
13 54.230.228.66 16509 (AMAZON-02)
1 20.50.2.6 8075 (MICROSOFT...)
1 13.107.213.64 8075 (MICROSOFT...)
1 172.217.18.14 ()
1 172.217.16.200 ()
58 13
17    108.138.36.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-65.muc50.r.cloudfront.net
www.winner.co.il
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com
4    35.190.88.7 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 7.88.190.35.bc.googleusercontent.com
sessions.bugsnag.com
3    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
6    18.66.192.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-105.muc50.r.cloudfront.net
api.winner.co.il
1    185.172.148.132 (Germany)

ASN44239 (PROINITY PROINITY, CH)
cdn.glassix.net
13    54.230.228.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-66.muc50.r.cloudfront.net
content.winner.co.il
1    20.50.2.6 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
serverless.glassix.com
1    13.107.213.64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
static.glassix.com
1    172.217.18.14 (None, )

ASN- ()
www.google-analytics.com
1    172.217.16.200 (None, )

ASN- ()
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
36 winner.co.il
www.winner.co.il
api.winner.co.il
content.winner.co.il
5 MB
4 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 797
175 B
3 gstatic.com
fonts.gstatic.com
56 KB
2 glassix.com
serverless.glassix.com — Cisco Umbrella Rank: 323478
static.glassix.com — Cisco Umbrella Rank: 364116
6 KB
1 googletagmanager.com
www.googletagmanager.com
79 KB
1 google-analytics.com
www.google-analytics.com
21 KB
1 glassix.net
cdn.glassix.net
164 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
2 KB
0 cloudfront.net Failed
d2xerlamkztbb1.cloudfront.net Failed
0 moonsite.co.il Failed
vpn-cdn.moonsite.co.il Failed
58 11
Domain Requested by
17 www.winner.co.il www.winner.co.il
13 content.winner.co.il
6 api.winner.co.il www.winner.co.il
4 sessions.bugsnag.com www.winner.co.il
3 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com www.winner.co.il
1 www.google-analytics.com www.winner.co.il
www.google-analytics.com
1 static.glassix.com cdn.glassix.net
1 serverless.glassix.com cdn.glassix.net
1 cdn.glassix.net www.winner.co.il
1 fonts.googleapis.com www.winner.co.il
1 cdnjs.cloudflare.com www.winner.co.il
0 d2xerlamkztbb1.cloudfront.net Failed www.winner.co.il
0 vpn-cdn.moonsite.co.il Failed
58 14

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
instagram.com
www.facebook.com
Subject Issuer Validity Valid
*.winner.co.il
GeoTrust TLS RSA CA G1		 2024-02-11 -
2025-03-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-20 -
2025-04-15		 a year crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
cdn.glassix.net
R3		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.glassix.com
Go Daddy Secure Certificate Authority - G2		 2023-08-14 -
2024-09-14		 a year crt.sh
static.glassix.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-10-05		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.winner.co.il/
Frame ID: D925996D0434C75FF9E2F447D7964715
Requests: 77 HTTP requests in this frame

Frame: https://static.glassix.com/widget/conversations/f3bca5de-5ea2-4697-8bf7-008b04f72ad1?conversational-flow-id=b390c511-c073-4cc0-bc37-6b35e9f1b109&culture=he-IL&default-department-id=ccc29b67-01a7-4f23-ae13-a0692debdc38&h=&has-had-conversations=false&host-origin=https%3A%2F%2Fwww.winner.co.il&host-page-title=%D7%98%D7%95%D7%98%D7%95%20%D7%95%D7%95%D7%99%D7%A0%D7%A8%20-%20%D7%95%D7%95%D7%99%D7%A0%D7%A8%20%D7%A8%D7%90%D7%A9%D7%99&is-embedded=true&loaderBg=%23ED1C24&snippet-id=7JDhOgdFUX56k7RMfuYZ&unique-identifier=335e6987-22d9-41cb-a3ea-caa2db329b40&w=&was-unique-identifier-provided=false&handled-widget=1
Frame ID: AD1305A55A8F01DB45A788B9DA327973
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

טוטו ווינר - ווינר ראשי

Page URL History Show full URLs

  1. http://www.winner.co.il/ HTTP 307
    https://www.winner.co.il/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

58
Requests

86 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

13
IPs

4
Countries

5359 kB
Transfer

15262 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.winner.co.il/ HTTP 307
    https://www.winner.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.winner.co.il/
Redirect Chain
  • http://www.winner.co.il/
  • https://www.winner.co.il/
795 KB
593 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.winner.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
13a5ab608d1261a2962a87528356034d6941815ce983aed1e777d480b716a509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 15 May 2024 23:08:38 GMT
etag
W/"1da7397bed56eaa"
expires
Thu, 01 Jan 1970 00:00:00 GMT
last-modified
Mon, 11 Mar 2024 09:37:34 GMT
pragma
no-cache
server
ReplaceHeaderValue
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-id
hEiXYulpKXtg14hk3rBnbOExUR2AdfbgKFCbRWI6ZX6UhsuPhb0QJw==
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sourcefiles

Redirect headers

Location
https://www.winner.co.il/
Non-Authoritative-Reason
HttpsUpgrades
main.ce8e0e5f.js
www.winner.co.il/static/js/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winner.co.il/static/js/main.ce8e0e5f.js
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
Winner /
Resource Hash
31f2e94e90d9e720e9020baf5cbd828de76a3c1bb3c7f4c9c74e4ccb59ac67d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 20:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
10011
x-cache
Hit from cloudfront
last-modified
Mon, 11 Mar 2024 09:37:36 GMT
server
Winner
etag
W/"1da7397c044e0d0"
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-sourcefiles
accept-ranges
bytes
x-amz-cf-id
HptdyBQnlBJqObOrVd-5VZpalN5vr6ezla1Zq_cVWg0UXETpNYKe0A==
main.94a8393d.css
www.winner.co.il/static/css/ 		678 KB
162 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.winner.co.il/static/css/main.94a8393d.css
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
Winner /
Resource Hash
ac89327a4e19129adf86e262397bcb34822a562d5f9d9a3e06f74ce6f166afa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 20:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
10025
x-cache
Hit from cloudfront
last-modified
Mon, 11 Mar 2024 09:37:35 GMT
server
Winner
etag
"1da7397bf7b007f"
x-frame-options
SAMEORIGIN
content-type
text/css
x-sourcefiles
accept-ranges
bytes
x-amz-cf-id
g0l4WA9_LjxtmCqyEMUpxKkZJR_SGesUH-t_MrZqQQh1xyzfqMVRyw==
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59bfa226458cc78e85a6d2bad16705ac815fd9437d5f61f76d24bd21c8692c59

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cec3a579c0ed9c552d6516d0ce7140142de0f6d4362ebd1b334b844c5aa5472

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
smoothscroll.min.js
cdnjs.cloudflare.com/ajax/libs/iamdustan-smoothscroll/0.4.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iamdustan-smoothscroll/0.4.0/smoothscroll.min.js
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2329433568e2a7b14ad9325461c936dfba814c17928b09d21430a32c6ebce83e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 23:08:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
662010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1217
last-modified
Mon, 04 May 2020 16:11:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9e-fb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=palXgbvP6Da6p7uH7a2wUMPByaVQqW1sRP5EuycidyEzQKbIGKLW9Wbk%2B6hitHiVp9A5jAHFmYOQGRcCs66BBuq4RVvlw0pQJYlI9HK5IfusBmsCQESpDJt3daprRCNgftZrCLuR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8846ca8f38f6e3df-TLV
expires
Mon, 05 May 2025 23:08:40 GMT
css2
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Heebo:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/css/main.94a8393d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
7b839e613b8bfcf7d47644cbf8099a51073192a51ebe98899ea34eb70c22b6c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 May 2024 23:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 May 2024 21:52:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 May 2024 23:08:40 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://www.winner.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 15 May 2024 23:08:41 GMT
via
1.1 google
858.fa5fb7b5.chunk.css
www.winner.co.il/static/css/ 		1 MB
709 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.winner.co.il/static/css/858.fa5fb7b5.chunk.css
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
Winner /
Resource Hash
c8adbbcd74f5e487ab719935ec5fb8ea5cabc3a7f9647d47c8bc08650ca9f136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 20:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
10024
x-cache
Hit from cloudfront
last-modified
Mon, 11 Mar 2024 09:37:35 GMT
server
Winner
etag
"1da7397bf63746c"
x-frame-options
SAMEORIGIN
content-type
text/css
x-sourcefiles
accept-ranges
bytes
x-amz-cf-id
465fJp0rUVOVf3V5_7VwgCrgnVaCYBOelQDXz9c2ewJEUSqDbI8mfQ==
858.52a503a6.chunk.js
www.winner.co.il/static/js/ 		216 B
624 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winner.co.il/static/js/858.52a503a6.chunk.js
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
Winner /
Resource Hash
63ef918d83289512e032707bfaa57d82b104f0907cc8915fad1f7ecbc74d4498
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 20:21:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
10024
x-cache
Hit from cloudfront
content-length
216
last-modified
Mon, 11 Mar 2024 09:37:35 GMT
server
Winner
etag
"1da7397bf719958"
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-sourcefiles
accept-ranges
bytes
x-amz-cf-id
YNroVERoUp3gcoyB_MLtpGxcrfPkeeI3iI_6zSjNXBMRHzKl1xoYcQ==
/
sessions.bugsnag.com/ 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Bugsnag-Api-Key
cd08dd8de773c02f993b03d79d44a152
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Bugsnag-Payload-Version
1
Referer
https://www.winner.co.il/
Bugsnag-Sent-At
2024-05-15T23:08:40.935Z
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 15 May 2024 23:08:41 GMT
via
1.1 google
bugsnag-session-uuid
ccda16b2-53b5-48b6-8f86-827499a2fd77
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
truncated
/ 		547 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08f406488f99bdea6b66494496069819e80341082349fe5c672d967f556e305b

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
GetDynamicData
www.winner.co.il/api/v2/publicapi/ 		18 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.winner.co.il/api/v2/publicapi/GetDynamicData
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
e503b382ed2d19b117c0cf4e0510c1120d7b1d0713ed536485624bc71332ec0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

DeviceId
undefined
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Csrf-Token
null
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
RequestId
54881fe18d84f3977286c7a673ec5845
UserAgentData
{"devicemodel":"none","deviceos":"windows","deviceosversion":"10","appversion":"1.7.0","apptype":"desktop","originId":"3","isAccessibility":false}
Content-Type
application/json
Accept
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://www.winner.co.il/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 23:08:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
externalrequestduration
0
content-encoding
gzip
api-supported-versions
1, 2
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
requestid
54881fe18d84f3977286c7a673ec5845
x-cache
Miss from cloudfront
nwhashes
12B8292DC0462A66D7E59AED6F6B7AD7
server
ReplaceHeaderValue
serverdatetime
2024-05-15T23:08:41
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-sourcefiles
hashes
{"staticdata":"DDA4A9D37142224E6CDE2F3751F28B57","dynamicdata":"022F4611C0E5FCC7DFC9AAFDA8E2D08A","webstaticdata":"6B56C5B201FEEE7420722960F07EE23F","webdynamicdata":"6EF4ED8F967A36492C2774465F19B68B"}
x-amz-cf-id
TiwC2WpRtZgXzcsu5YoS3MEtqD5qoC_eTZUgsqehzH6gFL5jpTj1eQ==
fullrequestduration
0
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v26/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.winner.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 04:49:37 GMT
x-content-type-options
nosniff
age
411544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30240
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:13:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 May 2025 04:49:37 GMT
NGS6v5_NC0k9P9H0TbFzsQ.woff2
fonts.gstatic.com/s/heebo/v26/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H0TbFzsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
7fec3b95dc56bffc2cabdd0ef02cc24c0653e2bf790b444ead53467bc1b409de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.winner.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 11:02:34 GMT
x-content-type-options
nosniff
age
389167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11788
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:15:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 May 2025 11:02:34 GMT
GetStaticData
www.winner.co.il/api/v2/publicapi/ 		1 MB
302 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.winner.co.il/api/v2/publicapi/GetStaticData
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
239c3b89245f66a8930a82f7bd74ce7427e6617b28af01602bcff1866140b237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

DeviceId
ffb9d475b5eb3e7af8f1dd0c90123bfe
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Csrf-Token
null
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
RequestId
8237e96c68d7b7035cafe05fbf4f4e3e
UserAgentData
{"devicemodel":"none","deviceos":"windows","deviceosversion":"10","appversion":"1.7.0","apptype":"desktop","originId":"3","isAccessibility":false}
Content-Type
application/json
Accept
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://www.winner.co.il/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 23:08:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
externalrequestduration
0
content-encoding
gzip
api-supported-versions
1, 2
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
requestid
8237e96c68d7b7035cafe05fbf4f4e3e
x-cache
Miss from cloudfront
nwhashes
12B8292DC0462A66D7E59AED6F6B7AD7
server
ReplaceHeaderValue
serverdatetime
2024-05-15T23:08:41
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-sourcefiles
hashes
{"staticdata":"DDA4A9D37142224E6CDE2F3751F28B57","dynamicdata":"022F4611C0E5FCC7DFC9AAFDA8E2D08A","webstaticdata":"6B56C5B201FEEE7420722960F07EE23F","webdynamicdata":"6EF4ED8F967A36492C2774465F19B68B"}
x-amz-cf-id
wg2pfwvjQ8gGdUbI8HTO9zIg9G_sM8GxD67xDesab9wF-xrwMvYtxQ==
fullrequestduration
0
favicon.ico
www.winner.co.il/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.winner.co.il/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
439f36ed53abdab65577eb575e596370520ebf9fc8a00a84fd9c7129e457c812
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 23:08:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 09:37:34 GMT
server
ReplaceHeaderValue
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
etag
"1da7397bed9077e"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/x-icon
x-sourcefiles
accept-ranges
bytes
content-length
1150
x-amz-cf-id
BriD6Z2jIXg4XW9Q9U3cWqeek6uMvUAMwzUqpSOa37NBH9u4mi4kIQ==
favicon-32x32.png
www.winner.co.il/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.winner.co.il/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
f660395944444eac65e4eee8af5789f191445e248bb9003ceb68fd7d3fce37b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 23:08:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 09:37:34 GMT
server
ReplaceHeaderValue
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
etag
"1da7397bed909f6"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
x-sourcefiles
accept-ranges
bytes
content-length
2806
x-amz-cf-id
zhB-TbQWT-xvBiBvdX8U7XZBXSg32G0AdyGoz6VMdt0S99eWeTy0yg==
GetCMobileHashes
api.winner.co.il/v2/publicapi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.winner.co.il/v2/publicapi/GetCMobileHashes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-105.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,deviceid,hashesmessage,requestid,useragentdata,x-csrf-token
Access-Control-Request-Method
GET
Origin
https://www.winner.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*,x-requested-with,x-signalr-user-agent,accountid,content-type,deviceid,hstoken,requestid,useragentdata,X-LVS-Referrer,X-LVS-ReferUrl,X-LVS-ReferCampaign,X-Csrf-Token,isloggingon,validation_token,mode,Hashes,nwhashes,hashesmessage,serverdatetime,token2fa,code2fa,param1,gpid
access-control-allow-methods
GET
access-control-allow-origin
https://www.winner.co.il
date
Wed, 15 May 2024 23:08:42 GMT
server
ReplaceHeaderValue
strict-transport-security
max-age=31536000
vary
Origin
via
1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
x-amz-cf-id
H4fYylfqvxt1iDno-ZCsKxSU1UdbDpZ1dzLb3poZj3GSgpl4kbM1mg==
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sourcefiles
GetCMobileHashes
api.winner.co.il/v2/publicapi/ 		225 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.winner.co.il/v2/publicapi/GetCMobileHashes
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-105.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
b3b5df59bede7d620f4118c6a57ae8ea93e329c0d46badceb178ea537e9cd856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

DeviceId
ffb9d475b5eb3e7af8f1dd0c90123bfe
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
HashesMessage
{"reason":"Initiated"}
X-Csrf-Token
null
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
RequestId
3279e47486782f73b2f57ac2e7ed2e0e
UserAgentData
{"devicemodel":"none","deviceos":"windows","deviceosversion":"10","appversion":"1.7.0","apptype":"desktop","originId":"3","isAccessibility":false}
Content-Type
application/json
Accept
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://www.winner.co.il/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 23:08:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
externalrequestduration
0
via
1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
api-supported-versions
1, 2
x-amz-cf-pop
MUC50-P1
requestid
3279e47486782f73b2f57ac2e7ed2e0e
x-cache
Miss from cloudfront
nwhashes
12B8292DC0462A66D7E59AED6F6B7AD7
content-length
225
server
ReplaceHeaderValue
serverdatetime
2024-05-15T23:08:43
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.winner.co.il
access-control-expose-headers
mode,hashes,nwhashes,gpid,accountId,hstoken
access-control-allow-credentials
true
x-sourcefiles
hashes
{"staticdata":"DDA4A9D37142224E6CDE2F3751F28B57","dynamicdata":"022F4611C0E5FCC7DFC9AAFDA8E2D08A","webstaticdata":"6B56C5B201FEEE7420722960F07EE23F","webdynamicdata":"6EF4ED8F967A36492C2774465F19B68B"}
x-amz-cf-id
_0j5mHfsgLYQ_AQrSK-yvzfrYyrfgjU1qYjl2vZeeGuukARBYKW2qA==
fullrequestduration
0
GetNWData
www.winner.co.il/api/v2/publicapi/ 		1 MB
307 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.winner.co.il/api/v2/publicapi/GetNWData
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
1ae1110105d61d57521cf38eb5075827af09545ddb9e9021d0a4929713d7e190
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

DeviceId
ffb9d475b5eb3e7af8f1dd0c90123bfe
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Csrf-Token
null
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
RequestId
7ec3c9ab2b7e4fb63a89e5489662f901
UserAgentData
{"devicemodel":"none","deviceos":"windows","deviceosversion":"10","appversion":"1.7.0","apptype":"desktop","originId":"3","isAccessibility":false}
Content-Type
application/json
Accept
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://www.winner.co.il/
nwhashes
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 23:08:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
externalrequestduration
0
content-encoding
gzip
api-supported-versions
1, 2
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
requestid
7ec3c9ab2b7e4fb63a89e5489662f901
x-cache
Miss from cloudfront
nwhashes
12B8292DC0462A66D7E59AED6F6B7AD7
server
ReplaceHeaderValue
serverdatetime
2024-05-15T23:08:43
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-sourcefiles
hashes
{"staticdata":"DDA4A9D37142224E6CDE2F3751F28B57","dynamicdata":"022F4611C0E5FCC7DFC9AAFDA8E2D08A","webstaticdata":"6B56C5B201FEEE7420722960F07EE23F","webdynamicdata":"6EF4ED8F967A36492C2774465F19B68B"}
x-amz-cf-id
FIQCoplPKTZyLrLLS6xDvOrNrNtnht0_u4-jksbQUMQjqy9Jnm6yQA==
fullrequestduration
30
/
sessions.bugsnag.com/ 		21 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Bugsnag-Api-Key
cd08dd8de773c02f993b03d79d44a152
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Bugsnag-Payload-Version
1
Referer
https://www.winner.co.il/
Bugsnag-Sent-At
2024-05-15T23:08:42.668Z
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 15 May 2024 23:08:42 GMT
via
1.1 google
bugsnag-session-uuid
28769355-1392-48b5-90d0-0938e38ef9ce
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
widget.1.2.min.js
cdn.glassix.net/clients/ 		387 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.glassix.net/clients/widget.1.2.min.js
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
1478858ed6645df5c7f1c22976f0feec1e85e83ef2f333f0fb18748efd74547a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-version
1.0.0.0
date
Wed, 15 May 2024 23:08:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-edge-location
defr
x-cache
CONFIG_NOCACHE, HIT
x-region
north-eu-1
x-date
Wed, 15 May 2024 20:25:05 GMT
x-xss-protection
1; mode=block
request-context
appId=cid-v1:5b1ec4aa-a483-41d4-b197-f435d5446684
last-modified
Wed, 15 May 2024 19:01:36 GMT
server
keycdn
etag
"0281a4ffaa6da1:0"
vary
Accept-Encoding
x-azure-ref
20240515T202505Z-1675f555588dtbkh2wtxk5hqws00000000g00000000136p9
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
max-age=604800
expires
Wed, 22 May 2024 23:08:43 GMT
header-bg.11631d60fbc87dfd7d96.webp
www.winner.co.il/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winner.co.il/static/media/header-bg.11631d60fbc87dfd7d96.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
767e9995020555e4966985ac4b19fa248836a465a0876827fcb445cc98f312e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 20:02:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
11167
x-cache
Hit from cloudfront
content-length
1478
last-modified
Mon, 11 Mar 2024 09:37:39 GMT
server
ReplaceHeaderValue
etag
"1da7397c1d3f646"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sourcefiles
accept-ranges
bytes
x-amz-cf-id
C9adGQXbgAuJjYQffHqq5a4y9sRrq8-wEeydJ4jo9Wfn9VFRqRZ2rQ==
354107-17-mivza_150x250_.jpg
content.winner.co.il/Images/media/uivjujx3/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/Images/media/uivjujx3/354107-17-mivza_150x250_.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
e66bf76e3cb854c0a39d41feefae6b2b0fd9581fad6444be43a13676ace71bb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 04:47:46 GMT
strict-transport-security
max-age=31536000
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 12:41:54 GMT
x-amz-cf-pop
MUC50-P5
age
66057
etag
"0956bf589dda1:0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
48792
x-amz-cf-id
awFfhxv7A1zAMSi4Z6QjLTi6cyHO5bAV4Mhv32pmOawOb5QYdiXU3Q==
360354-2-banner_tips_304x304_.jpg
content.winner.co.il/Images/media/luseggyb/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/Images/media/luseggyb/360354-2-banner_tips_304x304_.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
22f1a80989b25c17817783c819272c4f9258ddbfa7c19b0a9f206e5588bc3bdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:10:05 GMT
content-encoding
gzip
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
last-modified
Thu, 14 Sep 2023 10:01:26 GMT
x-amz-cf-pop
MUC50-P5
age
46717
etag
"09f716cf2e6d91:0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
RUa7cNKtSONYNP_7CN_JJINPzGEwciSyYbxs0Zk-PzbR3EUZbUdRqA==
qr_desk.png
content.winner.co.il/images/media/tdelhmng/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/images/media/tdelhmng/qr_desk.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
176daeb7a7168f4ab8f36920836a82e6f028592624e68938a031dc5fba223e01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 03:56:57 GMT
strict-transport-security
max-age=31536000
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
last-modified
Mon, 11 Mar 2024 12:05:06 GMT
x-amz-cf-pop
MUC50-P5
age
69105
etag
"36ae635bac73da1:0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2146
x-amz-cf-id
O0UqJEQvMN78hkusf5NRS4IVNtMn1zOH_JGbPi3oXDaBXxFcohMILw==
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
701403c587cc943f5c9d0b9e5f13b89a0ccde7611ce6d2e2aeff99754311d5e2

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37948ed3669f3f9ebc9ffd05fa58333d73492e6505a46b7170ef032e22d268e2

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0041feec9d3e3599019045d0adf9ac208a9d8f383d53442d8b1993e766b1b46a

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebfeded7c22110bcaed59b40f7e8dafa7cb4ee7ff05f5a47b188fd72d4593841

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58c99531badc45814d11f60aede58d56c746cd7267b876e0a25e15d448cc17f4

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c71560bfa00612520a5e586c4e645f25d83c1cf48cd15f1340e1764e196c9507

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
800a4b5466e8338c31a3fa0ee8abe6d57e2ba83d856fb0d3f80efdbe6686fcf6

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bf7691c9733eeede273d296ff27e753f76d68a2301df0907576c84486bb795a

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdaedd14f6b3520d3d535ce1b6213042ba2920efe86e1a123ebae2f27f01faa2

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6674c477fed725ea14471143f53e4a4710bfbe21fab861762990e1f90aae7fc

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
over18.png
vpn-cdn.moonsite.co.il/images/media/n5vpglry/ 		0
0
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c55b0950116507346c6506581f1218bc9f45392b34a6644d03a38064c2a3fad4

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		542 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4b7c390497e0706d39a3825c3951f5b81991022992ede06639bbc0764bfcb7

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
footer_background.4a5d9ce9024bf5340255.webp
www.winner.co.il/static/media/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winner.co.il/static/media/footer_background.4a5d9ce9024bf5340255.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
cc66b451bf474135c2a66ac5e4e372618853fda08d04fce6c2170a430d95f1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 20:02:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
11167
x-cache
Hit from cloudfront
content-length
13630
last-modified
Mon, 11 Mar 2024 09:37:37 GMT
server
ReplaceHeaderValue
etag
"1da7397c0a2f3be"
x-frame-options
SAMEORIGIN
content-type
image/webp
x-sourcefiles
accept-ranges
bytes
x-amz-cf-id
AK4BIGQo_HY5L2qhdkG11IO0okLQXNQmuHblLjyKRnujpyjb5aZAHQ==
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1f52fb401e512da4ceca7a4a3cc8c28060074128d919e24d5c0fa478c147538

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		448 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7005b20ca48a11b9587ce007cf83f4528e887f9953789c76f9459167114fdcaf

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
separator-1.4944a3f05adfaa110e9d.svg
www.winner.co.il/static/media/ 		1 KB
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winner.co.il/static/media/separator-1.4944a3f05adfaa110e9d.svg
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/css/858.fa5fb7b5.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
04a4a6fb16e7897ce9706016b4ba3b9244a440cf9b27bc77ec048b298ce5512d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/static/css/858.fa5fb7b5.chunk.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 20:04:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
x-amz-cf-pop
MUC50-P2
age
11061
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
last-modified
Mon, 11 Mar 2024 09:37:40 GMT
server
ReplaceHeaderValue
etag
W/"1da7397c26c8e39"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
x-sourcefiles
x-amz-cf-id
qUq2XQ4Wkqu7DGnFgUrskXArJ08WByALENImB3jbAo3frIoB8bkdmg==
GetOptions_v2
serverless.glassix.com/api/widget/ 		34 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serverless.glassix.com/api/widget/GetOptions_v2?departmentId=ccc29b67-01a7-4f23-ae13-a0692debdc38&snippetId=7JDhOgdFUX56k7RMfuYZ&culture=
Requested by
Host: cdn.glassix.net
URL: https://cdn.glassix.net/clients/widget.1.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.2.6 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2c169ea7464e7b311b353820e55122f7b68febbf48643a7063b0bf04b10fc99c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 15 May 2024 23:08:43 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Expires
-1
over18.png
vpn-cdn.moonsite.co.il/images/media/n5vpglry/ 		0
0
f3bca5de-5ea2-4697-8bf7-008b04f72ad1
static.glassix.com/widget/conversations/ Frame AD13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.glassix.com/widget/conversations/f3bca5de-5ea2-4697-8bf7-008b04f72ad1?conversational-flow-id=b390c511-c073-4cc0-bc37-6b35e9f1b109&culture=he-IL&default-department-id=ccc29b67-01a7-4f23-ae13-a0692debdc38&h=&has-had-conversations=false&host-origin=https%3A%2F%2Fwww.winner.co.il&host-page-title=%D7%98%D7%95%D7%98%D7%95%20%D7%95%D7%95%D7%99%D7%A0%D7%A8%20-%20%D7%95%D7%95%D7%99%D7%A0%D7%A8%20%D7%A8%D7%90%D7%A9%D7%99&is-embedded=true&loaderBg=%23ED1C24&snippet-id=7JDhOgdFUX56k7RMfuYZ&unique-identifier=335e6987-22d9-41cb-a3ea-caa2db329b40&w=&was-unique-identifier-provided=false&handled-widget=1
Requested by
Host: cdn.glassix.net
URL: https://cdn.glassix.net/clients/widget.1.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.213.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.glassix.com *.glassix-dev.com *.glassix.net *.glassix.io *.glassix.org *.glassix-dev.net *.glassix.co.uk *.glassix-aws.com *.glassix-ngrok.com *.google.com *.msecnd.net *.heapanalytics.com *.adobe.com *.googleapis.com *.hotjar.com static.opentok.com cdn.ably.io cdn.userway.org
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.winner.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, must-revalidate, max-age=30
content-encoding
br
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.glassix.com *.glassix-dev.com *.glassix.net *.glassix.io *.glassix.org *.glassix-dev.net *.glassix.co.uk *.glassix-aws.com *.glassix-ngrok.com *.google.com *.msecnd.net *.heapanalytics.com *.adobe.com *.googleapis.com *.hotjar.com static.opentok.com cdn.ably.io cdn.userway.org
content-type
text/html
date
Wed, 15 May 2024 23:08:44 GMT
etag
"24638331"
last-modified
Sun, 10 Mar 2024 07:54:45 GMT
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-azure-ref
20240515T230844Z-156c8bbb89f9wf8p8gddff3stc0000000200000000001yhq
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a69b4b8d019cb8cf80f803f37884836d028e90ade869ab5e6d24d6d14d150e6

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
GetCMobileLine
api.winner.co.il/v2/publicapi/ 		3 MB
396 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.winner.co.il/v2/publicapi/GetCMobileLine?lineChecksum=177002395
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-105.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
9f1a237e564a5d5f04c8704048da211d1ebcb83ef941554a4d96a714070a827f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

DeviceId
ffb9d475b5eb3e7af8f1dd0c90123bfe
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
HashesMessage
{"newCurrentVersion":"1715814494321","lineNewHash":"177002395","reason":"Hashes not equal"}
X-Csrf-Token
null
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
RequestId
cf5c497f375e1165074ee1f81f501003
UserAgentData
{"devicemodel":"none","deviceos":"windows","deviceosversion":"10","appversion":"1.7.0","apptype":"desktop","originId":"3","isAccessibility":false}
Content-Type
application/json
Accept
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://www.winner.co.il/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 23:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
externalrequestduration
0
via
1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
api-supported-versions
1, 2
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P1
age
10
requestid
741af2438beec98e6ce73e448ad37e38
x-cache
Hit from cloudfront
nwhashes
12B8292DC0462A66D7E59AED6F6B7AD7
server
ReplaceHeaderValue
serverdatetime
2024-05-15T23:08:34
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.winner.co.il
access-control-expose-headers
mode,hashes,nwhashes,gpid,accountId,hstoken
cache-control
public, must-revalidate, max-age=300
access-control-allow-credentials
true
x-sourcefiles
hashes
{"staticdata":"DDA4A9D37142224E6CDE2F3751F28B57","dynamicdata":"022F4611C0E5FCC7DFC9AAFDA8E2D08A","webstaticdata":"6B56C5B201FEEE7420722960F07EE23F","webdynamicdata":"6EF4ED8F967A36492C2774465F19B68B"}
x-amz-cf-id
bSoTfMKubprauxeD1DE_pLwaJMx99E8JyAfop9YluV91TffifNKiyg==
fullrequestduration
19
GetCMobileLine
api.winner.co.il/v2/publicapi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.winner.co.il/v2/publicapi/GetCMobileLine?lineChecksum=177002395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-105.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,deviceid,hashesmessage,requestid,useragentdata,x-csrf-token
Access-Control-Request-Method
GET
Origin
https://www.winner.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*,x-requested-with,x-signalr-user-agent,accountid,content-type,deviceid,hstoken,requestid,useragentdata,X-LVS-Referrer,X-LVS-ReferUrl,X-LVS-ReferCampaign,X-Csrf-Token,isloggingon,validation_token,mode,Hashes,nwhashes,hashesmessage,serverdatetime,token2fa,code2fa,param1,gpid
access-control-allow-methods
GET
access-control-allow-origin
https://www.winner.co.il
age
10
date
Wed, 15 May 2024 23:08:34 GMT
server
ReplaceHeaderValue
strict-transport-security
max-age=31536000
vary
Origin
via
1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
x-amz-cf-id
09txMJ_IB5uLxVrYjsYaDi83pl8UvJ4Ped6Mcfxpq4AimQxzwNJ6BQ==
x-amz-cf-pop
MUC50-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sourcefiles
GetCMobileTabs
api.winner.co.il/v2/publicapi/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.winner.co.il/v2/publicapi/GetCMobileTabs
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-105.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
da5f147f99d4306412abc008e8113ae36ff1b3f1a421600066947a6a957e228c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

DeviceId
ffb9d475b5eb3e7af8f1dd0c90123bfe
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
HashesMessage
{"newCurrentVersion":"1715814494321","tabsNewHash":"1766381992","reason":"Hashes not equal"}
X-Csrf-Token
null
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
RequestId
2d34e2bc87e6201b355f9ba47bcda7a0
UserAgentData
{"devicemodel":"none","deviceos":"windows","deviceosversion":"10","appversion":"1.7.0","apptype":"desktop","originId":"3","isAccessibility":false}
Content-Type
application/json
Accept
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://www.winner.co.il/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 23:08:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
externalrequestduration
0
content-encoding
gzip
api-supported-versions
1, 2
via
1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
requestid
2d34e2bc87e6201b355f9ba47bcda7a0
x-cache
Miss from cloudfront
nwhashes
12B8292DC0462A66D7E59AED6F6B7AD7
server
ReplaceHeaderValue
serverdatetime
2024-05-15T23:08:46
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.winner.co.il
access-control-expose-headers
mode,hashes,nwhashes,gpid,accountId,hstoken
access-control-allow-credentials
true
x-sourcefiles
hashes
{"staticdata":"DDA4A9D37142224E6CDE2F3751F28B57","dynamicdata":"022F4611C0E5FCC7DFC9AAFDA8E2D08A","webstaticdata":"6B56C5B201FEEE7420722960F07EE23F","webdynamicdata":"6EF4ED8F967A36492C2774465F19B68B"}
x-amz-cf-id
3Gy8KAv10dc2ghoJeK3mLuGv-UcSC-DvGa9JrObFPaA7IIMuD_QepQ==
fullrequestduration
0
GetCMobileTabs
api.winner.co.il/v2/publicapi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.winner.co.il/v2/publicapi/GetCMobileTabs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-105.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,deviceid,hashesmessage,requestid,useragentdata,x-csrf-token
Access-Control-Request-Method
GET
Origin
https://www.winner.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*,x-requested-with,x-signalr-user-agent,accountid,content-type,deviceid,hstoken,requestid,useragentdata,X-LVS-Referrer,X-LVS-ReferUrl,X-LVS-ReferCampaign,X-Csrf-Token,isloggingon,validation_token,mode,Hashes,nwhashes,hashesmessage,serverdatetime,token2fa,code2fa,param1,gpid
access-control-allow-methods
GET
access-control-allow-origin
https://www.winner.co.il
date
Wed, 15 May 2024 23:08:45 GMT
server
ReplaceHeaderValue
strict-transport-security
max-age=31536000
vary
Origin
via
1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
x-amz-cf-id
KF4jE5kUIEI5noKqVarfuOfkaX2FVKeyNhydWqg-rKIKS1cWJJBszg==
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sourcefiles
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 May 2024 22:20:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2900
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 16 May 2024 00:20:27 GMT
gtm.js
www.googletagmanager.com/ 		229 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PHRV934&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
761c83e56f72142c82c9307b4c7f076af2d8db659a2e2f8975b0bb5479db5524
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 23:08:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80540
x-xss-protection
0
last-modified
Wed, 15 May 2024 22:28:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 May 2024 23:08:47 GMT
GetPromotions
www.winner.co.il/api/v2/publicapi/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.winner.co.il/api/v2/publicapi/GetPromotions
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
c00e75e3e34655cbe725fd250937524d3647d7bd22102c3c3a31c3bb2c624653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

DeviceId
ffb9d475b5eb3e7af8f1dd0c90123bfe
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Csrf-Token
null
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
RequestId
67bc43f9582dbdbca9c12ebddd079d9a
UserAgentData
{"devicemodel":"none","deviceos":"windows","deviceosversion":"10","appversion":"1.7.0","apptype":"desktop","originId":"3","isAccessibility":false}
Content-Type
application/json
Accept
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://www.winner.co.il/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 23:08:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
externalrequestduration
20
content-encoding
gzip
api-supported-versions
1, 2
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
requestid
ffb9d475b5eb3e7af8f1dd0c90123bfe
x-cache
Miss from cloudfront
nwhashes
12B8292DC0462A66D7E59AED6F6B7AD7
server
ReplaceHeaderValue
serverdatetime
2024-05-15T23:08:47
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-sourcefiles
hashes
{"staticdata":"DDA4A9D37142224E6CDE2F3751F28B57","dynamicdata":"022F4611C0E5FCC7DFC9AAFDA8E2D08A","webstaticdata":"6B56C5B201FEEE7420722960F07EE23F","webdynamicdata":"6EF4ED8F967A36492C2774465F19B68B"}
x-amz-cf-id
OleXJnWgIVmQqhmV0XKkvx_hcl83PBzFEH_1jdgetQwQMBGAo68G-Q==
fullrequestduration
40
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
921b5098486922c9d26842f6e536e40f8d029a2bf8534b58e5edd2c44e60c1ad

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0a3a80e5fd5a20aefec9f8780636dd4408b65a5d90e0e9260dea82812b21961

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc59717e81bb86d937c0f155425d10c08858a71127a5abc3e789b2280b644892

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bdcb306c01d9df3d12220e0c61af397f5498d820fef593352d306903b46d0ba

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
839ae9a9d463009e15b34c4c1ce9236218f9dd7a11e13659f8af73fab5227c79

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
837c485e2374de5b3f5197a3188b4cebbb76a84e8bd1c871d05a575fdec13ecc

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
a-icons-swiper-arrow.549e7f387527c640b659.svg
www.winner.co.il/static/media/ 		154 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winner.co.il/static/media/a-icons-swiper-arrow.549e7f387527c640b659.svg
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/css/main.94a8393d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
11801d58ad63ef5faec7b7c9a57dbfd4c5d696b0d2ff1d0be0383734456b3b2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/static/css/main.94a8393d.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:04:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
7455
x-cache
Hit from cloudfront
content-length
154
last-modified
Mon, 11 Mar 2024 09:37:37 GMT
server
ReplaceHeaderValue
etag
"1da7397c0a2c61a"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-sourcefiles
accept-ranges
bytes
x-amz-cf-id
7_PUtNMAAqnZIcYR4fY7OoFr_iA7dbx4364kXfTKOAGBIbGOHv9FUQ==
a-icons-success-yellow.8d46844371af8317c633.svg
www.winner.co.il/static/media/ 		559 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winner.co.il/static/media/a-icons-success-yellow.8d46844371af8317c633.svg
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/css/main.94a8393d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
4e26680de122b23e09b2b3a0a7a0119aac425513e7044cfa5f348fe819dd4f0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/static/css/main.94a8393d.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:07:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
7287
x-cache
Hit from cloudfront
content-length
559
last-modified
Mon, 11 Mar 2024 09:37:37 GMT
server
ReplaceHeaderValue
etag
"1da7397c0a2c4af"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-sourcefiles
accept-ranges
bytes
x-amz-cf-id
flz06K2RozYdK4O_lG2XQ633Ey4B9J5_KkKnpexQPvSVouVPZKGQIQ==
NGS6v5_NC0k9P9H4TbFzsQ.woff2
fonts.gstatic.com/s/heebo/v26/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H4TbFzsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
2569e36256dc36c83a2822674518c408bd879d91893814ccb5dbad5813736b84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.winner.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 07:47:18 GMT
x-content-type-options
nosniff
age
141689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14696
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:12:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 07:47:18 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin
https://www.winner.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
urik.jpg
content.winner.co.il/Images/media/3xfnoz0l/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/Images/media/3xfnoz0l/urik.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
e096e47324016df8b1b8ba3d9ec11e5706697a4e52e0ea542da4b8a85e6d99c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 05:37:03 GMT
strict-transport-security
max-age=31536000
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 15:08:10 GMT
x-amz-cf-pop
MUC50-P5
age
63104
etag
"0e99cbfbaf2d81:0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
17723
x-amz-cf-id
X0SnrWbSmpoDirmQ-xcjW9aj9-fBmZB6b4oJ2wGjW2UgiIvWqz06rQ==
screen-shot_.jpg
content.winner.co.il/Images/media/bncha1s2/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/Images/media/bncha1s2/screen-shot_.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
0d0e626ad65bf4f3ffbb9c8f49f127968fda8f49273e99d4f38bbee8672b077d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:31:10 GMT
content-encoding
gzip
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Sep 2020 13:15:44 GMT
x-amz-cf-pop
MUC50-P5
age
27456
etag
"00217ae290d61:0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
wD7mUTtrlh288dvMjsA6_1bND6717Jtzm6it0-N9U6GqCxyHY5BwMw==
nadav-500x500px.jpg
content.winner.co.il/Images/media/cjlfgx3h/ 		80 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/Images/media/cjlfgx3h/nadav-500x500px.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
c9f73180b9d7354611db9353c71688c6c8ab3cc9223349488af769337249b6df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:29:40 GMT
content-encoding
gzip
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Sep 2020 13:15:31 GMT
x-amz-cf-pop
MUC50-P5
age
41947
etag
"bd2ed872e290d61:0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
j4PZBwNdmDfF-h98XHjGgfqZHiW9MrreUhF3oGbZmaOZkmTfr5rebA==
moti_500x500_.jpg
content.winner.co.il/Images/media/oardmvuv/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/Images/media/oardmvuv/moti_500x500_.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
1999ed701b207f2ba1a071e0fd51ed1643df759030a04bf5632a0aff52b883be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:08:22 GMT
content-encoding
gzip
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Sep 2020 13:15:54 GMT
x-amz-cf-pop
MUC50-P5
age
46825
etag
"0e11680e290d61:0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
0iDGh5DH_0FJjnLGjaTW-nicCj8lnpdQFj8dO36FqA0v9OnBaOqXDg==
oreny.jpg
content.winner.co.il/Images/media/ecsfiast/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/Images/media/ecsfiast/oreny.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
4e4a24a8f6310386d1df43db4efc99014b7b247ce287e2062cf20354cbaeb539
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 06:44:50 GMT
strict-transport-security
max-age=31536000
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 15:09:10 GMT
x-amz-cf-pop
MUC50-P5
age
59037
etag
"02f60e3baf2d81:0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
12192
x-amz-cf-id
uQirfcAejYuD5uGI9_Xs4kpiO9_8W0LIcY-Pdjh73jnM5Z_PzqwJNQ==
%D7%93%D7%95%D7%A8-%D7%94%D7%95%D7%A4%D7%9E%D7%9F.png
content.winner.co.il/Images/media/3b2jqczi/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/Images/media/3b2jqczi/%D7%93%D7%95%D7%A8-%D7%94%D7%95%D7%A4%D7%9E%D7%9F.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
c09d9d4af87b8ba3bb10cf8aa9ab447da7e91a0ca426c8a793daa75611de0eb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 05:09:31 GMT
strict-transport-security
max-age=31536000
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
last-modified
Tue, 05 Sep 2023 12:55:30 GMT
x-amz-cf-pop
MUC50-P5
age
64755
etag
"0cdd53ff8dfd91:0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12773
x-amz-cf-id
KpAY4uK0njn_mvOS3xJO464oy56PMBqgfxTVp4zcUDndFww277c94g==
getHighlightBlocks
www.winner.co.il/api/v2/publicapi/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.winner.co.il/api/v2/publicapi/getHighlightBlocks
Requested by
Host: www.winner.co.il
URL: https://www.winner.co.il/static/js/main.ce8e0e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-65.muc50.r.cloudfront.net
Software
ReplaceHeaderValue /
Resource Hash
358a5e59d99ecb0d098e55915f326af380a75a2b579ab6c19d26e6db77f815a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

DeviceId
ffb9d475b5eb3e7af8f1dd0c90123bfe
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Csrf-Token
null
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
RequestId
3239d68545f1b88a5ef26410fe101cb1
UserAgentData
{"devicemodel":"none","deviceos":"windows","deviceosversion":"10","appversion":"1.7.0","apptype":"desktop","originId":"3","isAccessibility":false}
Content-Type
application/json
Accept
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://www.winner.co.il/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 23:08:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
externalrequestduration
0
content-encoding
gzip
api-supported-versions
1, 2
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
requestid
3239d68545f1b88a5ef26410fe101cb1
x-cache
Miss from cloudfront
nwhashes
12B8292DC0462A66D7E59AED6F6B7AD7
server
ReplaceHeaderValue
serverdatetime
2024-05-15T23:08:47
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-sourcefiles
hashes
{"staticdata":"DDA4A9D37142224E6CDE2F3751F28B57","dynamicdata":"022F4611C0E5FCC7DFC9AAFDA8E2D08A","webstaticdata":"6B56C5B201FEEE7420722960F07EE23F","webdynamicdata":"6EF4ED8F967A36492C2774465F19B68B"}
x-amz-cf-id
8pzeypBqmtbb1aoATT82I3X5ccvrow2CFCM3FFP8k7AmDK_d1v-kxQ==
fullrequestduration
2
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://www.winner.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 15 May 2024 23:08:47 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		0
0
360909-11-banner_mivza_ligot_863x360px_bf.jpg
content.winner.co.il/Images/media/bojhtl3i/ 		0
0
360622-1-banner_support_863x360_b.jpg
content.winner.co.il/Images/media/hsxj4wk5/ 		62 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/Images/media/hsxj4wk5/360622-1-banner_support_863x360_b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 14:32:30 GMT
content-encoding
gzip
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
last-modified
Thu, 12 Oct 2023 12:43:02 GMT
x-amz-cf-pop
MUC50-P5
age
30977
etag
"0cf46a39fdd91:0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
L0oiSVry9ag0L-MHTFutjq-JzBZjjrLr-PRuXrjywzQ46VjpJijmJw==
fotolia_252854760.jpg
content.winner.co.il/Images/media/2igh30ep/ 		0
0
fotolia_27318875.jpg
content.winner.co.il/Images/media/fjojbt1a/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/Images/media/fjojbt1a/fotolia_27318875.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
81bcc1ca8acba211296c69d7627ac6d94cecceb6ca06efd5fb0d53e589ebd4c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 19:00:01 GMT
strict-transport-security
max-age=31536000
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
last-modified
Sun, 14 Feb 2021 09:16:36 GMT
x-amz-cf-pop
MUC50-P5
age
14926
etag
"0b2f317b22d71:0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
42173
x-amz-cf-id
nZug75PfYmTrubi0_CM_iY5Vd4WEPFHDoDow1Q_BTpfc5pFRLk0x6Q==
fotolia10316124n.jpg
content.winner.co.il/Images/media/y5wbqey4/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/Images/media/y5wbqey4/fotolia10316124n.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
13285e7c595862a0eb33872ea12a5e8326c2ffef139ad6a4d26a2553d621a721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 19:00:10 GMT
strict-transport-security
max-age=31536000
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
last-modified
Wed, 10 Feb 2021 13:14:28 GMT
x-amz-cf-pop
MUC50-P5
age
14916
etag
"01213a9aeffd61:0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
51056
x-amz-cf-id
SMpcsL6OKHI15lCg-o3sSA_gcvb1s_6rTUlirkHMQwk0IZ23kkhQbQ==
%D7%9E%D7%A9%D7%97%D7%A7%D7%99%D7%9D-%D7%91%D7%90%D7%97%D7%A8%D7%99%D7%95%D7%AA-%D7%95%D7%95%D7%91.jpg
content.winner.co.il/Images/media/ow1psmfd/ 		101 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.winner.co.il/Images/media/ow1psmfd/%D7%9E%D7%A9%D7%97%D7%A7%D7%99%D7%9D-%D7%91%D7%90%D7%97%D7%A8%D7%99%D7%95%D7%AA-%D7%95%D7%95%D7%91.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-66.muc50.r.cloudfront.net
Software
/
Resource Hash
e718c5d0f4573e4086498a9120f9ee50df96bcfdd6e5482dc4ddd85811e15804
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.winner.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 14:32:30 GMT
content-encoding
gzip
via
1.1 50a920ee7e446bd07188dda00cda68a2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
last-modified
Wed, 23 Nov 2022 08:18:56 GMT
x-amz-cf-pop
MUC50-P5
age
30977
etag
"0d8e53a14ffd81:0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
rHs6rcqXOLSWeVoniWQU3S0gsLRF6Ukgv5FAkaQEyPe1PR9_MSEL5w==
360909-1-banner_chat_863x360_e.jpg
content.winner.co.il/Images/media/ourgirjr/ 		0
0
collect
www.google-analytics.com/j/ 		0
0
widget.js
d2xerlamkztbb1.cloudfront.net/19762791-fa03/5/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vpn-cdn.moonsite.co.il
URL
https://vpn-cdn.moonsite.co.il/images/media/n5vpglry/over18.png
Domain
vpn-cdn.moonsite.co.il
URL
https://vpn-cdn.moonsite.co.il/images/media/n5vpglry/over18.png
Domain
sessions.bugsnag.com
URL
https://sessions.bugsnag.com/
Domain
content.winner.co.il
URL
https://content.winner.co.il/Images/media/bojhtl3i/360909-11-banner_mivza_ligot_863x360px_bf.jpg
Domain
content.winner.co.il
URL
https://content.winner.co.il/Images/media/2igh30ep/fotolia_252854760.jpg
Domain
content.winner.co.il
URL
https://content.winner.co.il/Images/media/ourgirjr/360909-1-banner_chat_863x360_e.jpg
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=456442777&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winner.co.il%2F&ul=he-il&de=UTF-8&dt=%D7%98%D7%95%D7%98%D7%95%20%D7%95%D7%95%D7%99%D7%A0%D7%A8%20-%20%D7%95%D7%95%D7%99%D7%A0%D7%A8%20%D7%A8%D7%90%D7%A9%D7%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=1024975610&gjid=249959025&cid=1307225412.1715814527&tid=UA-4596911-5&_gid=447683928.1715814527&_r=1&_slc=1&gtm=45He45d0n81PHRV934v849083424za200&gcd=13l3l3l3l1&dma=0&z=1109440024
Domain
d2xerlamkztbb1.cloudfront.net
URL
https://d2xerlamkztbb1.cloudfront.net/19762791-fa03/5/widget.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkwinner_web_react_app number| __mobxInstanceCount object| __mobxGlobals function| _ object| dataLayer number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| GlassixWidgetClient object| widgetClient

7 Cookies

Domain/Path Name / Value
www.winner.co.il/api/v2/publicapi Name: WWWP
Value: AN7Cd5cBEgoBRpkgLx3ZHg$$
www.winner.co.il/static/media Name: WWWP
Value: ATGMFZcBEgoW900UmxpWcQ$$
api.winner.co.il/v2/publicapi Name: WinnerP
Value: AtfPZ30BEgqpPOw/mSMdfg$$
www.winner.co.il/ Name: WWWP
Value: BQ+WHpcBEgr5WEIJdvoFFA$$
www.winner.co.il/ Name: abp.mobileWebOriginId
Value: 11
www.winner.co.il/ Name: abp.desktopOriginId
Value: 3
.winner.co.il/ Name: glassix-visitor-id-v2-f3bca5de-5ea2-4697-8bf7-008b04f72ad1
Value: 335e6987-22d9-41cb-a3ea-caa2db329b40

2 Console Messages

Source Level URL
Text
network error URL: https://vpn-cdn.moonsite.co.il/images/media/n5vpglry/over18.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://vpn-cdn.moonsite.co.il/images/media/n5vpglry/over18.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.winner.co.il
cdn.glassix.net
cdnjs.cloudflare.com
content.winner.co.il
d2xerlamkztbb1.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
serverless.glassix.com
sessions.bugsnag.com
static.glassix.com
vpn-cdn.moonsite.co.il
www.google-analytics.com
www.googletagmanager.com
www.winner.co.il
content.winner.co.il
d2xerlamkztbb1.cloudfront.net
sessions.bugsnag.com
vpn-cdn.moonsite.co.il
www.google-analytics.com
104.17.24.14
108.138.36.65
13.107.213.64
142.250.181.227
142.250.186.74
172.217.16.200
172.217.18.14
18.66.192.105
185.172.148.132
20.50.2.6
35.190.88.7
54.230.228.66
0041feec9d3e3599019045d0adf9ac208a9d8f383d53442d8b1993e766b1b46a
04a4a6fb16e7897ce9706016b4ba3b9244a440cf9b27bc77ec048b298ce5512d
08f406488f99bdea6b66494496069819e80341082349fe5c672d967f556e305b
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d0e626ad65bf4f3ffbb9c8f49f127968fda8f49273e99d4f38bbee8672b077d
11801d58ad63ef5faec7b7c9a57dbfd4c5d696b0d2ff1d0be0383734456b3b2b
13285e7c595862a0eb33872ea12a5e8326c2ffef139ad6a4d26a2553d621a721
13a5ab608d1261a2962a87528356034d6941815ce983aed1e777d480b716a509
1478858ed6645df5c7f1c22976f0feec1e85e83ef2f333f0fb18748efd74547a
176daeb7a7168f4ab8f36920836a82e6f028592624e68938a031dc5fba223e01
1999ed701b207f2ba1a071e0fd51ed1643df759030a04bf5632a0aff52b883be
1ae1110105d61d57521cf38eb5075827af09545ddb9e9021d0a4929713d7e190
22f1a80989b25c17817783c819272c4f9258ddbfa7c19b0a9f206e5588bc3bdd
2329433568e2a7b14ad9325461c936dfba814c17928b09d21430a32c6ebce83e
239c3b89245f66a8930a82f7bd74ce7427e6617b28af01602bcff1866140b237
2569e36256dc36c83a2822674518c408bd879d91893814ccb5dbad5813736b84
2a69b4b8d019cb8cf80f803f37884836d028e90ade869ab5e6d24d6d14d150e6
2c169ea7464e7b311b353820e55122f7b68febbf48643a7063b0bf04b10fc99c
31f2e94e90d9e720e9020baf5cbd828de76a3c1bb3c7f4c9c74e4ccb59ac67d4
358a5e59d99ecb0d098e55915f326af380a75a2b579ab6c19d26e6db77f815a0
37948ed3669f3f9ebc9ffd05fa58333d73492e6505a46b7170ef032e22d268e2
439f36ed53abdab65577eb575e596370520ebf9fc8a00a84fd9c7129e457c812
4e26680de122b23e09b2b3a0a7a0119aac425513e7044cfa5f348fe819dd4f0a
4e4a24a8f6310386d1df43db4efc99014b7b247ce287e2062cf20354cbaeb539
58c99531badc45814d11f60aede58d56c746cd7267b876e0a25e15d448cc17f4
59bfa226458cc78e85a6d2bad16705ac815fd9437d5f61f76d24bd21c8692c59
5bdcb306c01d9df3d12220e0c61af397f5498d820fef593352d306903b46d0ba
63ef918d83289512e032707bfaa57d82b104f0907cc8915fad1f7ecbc74d4498
6cec3a579c0ed9c552d6516d0ce7140142de0f6d4362ebd1b334b844c5aa5472
7005b20ca48a11b9587ce007cf83f4528e887f9953789c76f9459167114fdcaf
701403c587cc943f5c9d0b9e5f13b89a0ccde7611ce6d2e2aeff99754311d5e2
761c83e56f72142c82c9307b4c7f076af2d8db659a2e2f8975b0bb5479db5524
767e9995020555e4966985ac4b19fa248836a465a0876827fcb445cc98f312e7
7b839e613b8bfcf7d47644cbf8099a51073192a51ebe98899ea34eb70c22b6c2
7fec3b95dc56bffc2cabdd0ef02cc24c0653e2bf790b444ead53467bc1b409de
800a4b5466e8338c31a3fa0ee8abe6d57e2ba83d856fb0d3f80efdbe6686fcf6
81bcc1ca8acba211296c69d7627ac6d94cecceb6ca06efd5fb0d53e589ebd4c0
837c485e2374de5b3f5197a3188b4cebbb76a84e8bd1c871d05a575fdec13ecc
839ae9a9d463009e15b34c4c1ce9236218f9dd7a11e13659f8af73fab5227c79
921b5098486922c9d26842f6e536e40f8d029a2bf8534b58e5edd2c44e60c1ad
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
9bf7691c9733eeede273d296ff27e753f76d68a2301df0907576c84486bb795a
9f1a237e564a5d5f04c8704048da211d1ebcb83ef941554a4d96a714070a827f
ac89327a4e19129adf86e262397bcb34822a562d5f9d9a3e06f74ce6f166afa1
b1f52fb401e512da4ceca7a4a3cc8c28060074128d919e24d5c0fa478c147538
b3b5df59bede7d620f4118c6a57ae8ea93e329c0d46badceb178ea537e9cd856
b6674c477fed725ea14471143f53e4a4710bfbe21fab861762990e1f90aae7fc
bdaedd14f6b3520d3d535ce1b6213042ba2920efe86e1a123ebae2f27f01faa2
c00e75e3e34655cbe725fd250937524d3647d7bd22102c3c3a31c3bb2c624653
c09d9d4af87b8ba3bb10cf8aa9ab447da7e91a0ca426c8a793daa75611de0eb0
c0a3a80e5fd5a20aefec9f8780636dd4408b65a5d90e0e9260dea82812b21961
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c55b0950116507346c6506581f1218bc9f45392b34a6644d03a38064c2a3fad4
c71560bfa00612520a5e586c4e645f25d83c1cf48cd15f1340e1764e196c9507
c8adbbcd74f5e487ab719935ec5fb8ea5cabc3a7f9647d47c8bc08650ca9f136
c9f73180b9d7354611db9353c71688c6c8ab3cc9223349488af769337249b6df
cc66b451bf474135c2a66ac5e4e372618853fda08d04fce6c2170a430d95f1cc
da5f147f99d4306412abc008e8113ae36ff1b3f1a421600066947a6a957e228c
dc59717e81bb86d937c0f155425d10c08858a71127a5abc3e789b2280b644892
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e096e47324016df8b1b8ba3d9ec11e5706697a4e52e0ea542da4b8a85e6d99c2
e503b382ed2d19b117c0cf4e0510c1120d7b1d0713ed536485624bc71332ec0c
e66bf76e3cb854c0a39d41feefae6b2b0fd9581fad6444be43a13676ace71bb0
e718c5d0f4573e4086498a9120f9ee50df96bcfdd6e5482dc4ddd85811e15804
ebfeded7c22110bcaed59b40f7e8dafa7cb4ee7ff05f5a47b188fd72d4593841
f660395944444eac65e4eee8af5789f191445e248bb9003ceb68fd7d3fce37b1
fb4b7c390497e0706d39a3825c3951f5b81991022992ede06639bbc0764bfcb7