www.thewinningkey.com Open in urlscan Pro
2606:4700::6812:13bb  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	403	Primary Request 777777-2021-2022 Show response www.thewinningkey.com/sweeps/	527 KB 370 KB	310ms 103ms	Document text/html	2606:4700::6812:13bb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.thewinningkey.com/sweeps/777777-2021-2022?s1=&utm_campaign=&utm_content=&utm_medium=1766318&utm_source=email&utm_term=ee756446b31020d08286276ad1acb68af88c9c5c80d86abd70a0e966fd5b9187 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:13bb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe6e252f3339e74349179533af1be48149260cff9e53612ded79484807e9e900 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 75b7eb0ccd869c07-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 17 Oct 2022 09:13:25 GMT expires Thu, 01 Jan 1970 00:00:01 GMT referrer-policy same-origin server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET DATA	200 OK	truncated /	8 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 758569f863632de3cd1aa9d54e3095843a2ebc6d305cd075a5f65bedc94ae117 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	14 KB 14 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 00db2e22467e903b8565f34c64f2f4ad081c1b095675cbab9252babfae81a3f6 Request headers Referer Origin https://www.thewinningkey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type font/woff
GET DATA	200 OK	truncated /	14 KB 14 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3bfcf91dc9e93113c8fdf6a17d6bf2deec2f3c1cfd8fbf01c41b11cfe68ccf53 Request headers Referer Origin https://www.thewinningkey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type font/woff
GET H2	200	invisible.js Show response www.thewinningkey.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame EE6E	37 KB 15 KB	23ms 23ms	Script application/javascript	2606:4700::6812:13bb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.thewinningkey.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1665993600 Requested by Host: www.thewinningkey.com URL: https://www.thewinningkey.com/sweeps/777777-2021-2022?s1=&utm_campaign=&utm_content=&utm_medium=1766318&utm_source=email&utm_term=ee756446b31020d08286276ad1acb68af88c9c5c80d86abd70a0e966fd5b9187 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:13bb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1368c300508a400308c06f54958f3b5cc9d0fb70320c20fbc2149a8fc22b34c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Mon, 17 Oct 2022 09:13:25 GMT content-encoding gzip server cloudflare vary accept-encoding content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 75b7eb0e085c9c07-FRA
GET H2	200	nr-1209.min.js Show response js-agent.newrelic.com/	31 KB 12 KB	57ms 16ms	Script application/javascript	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1209.min.js Requested by Host: www.thewinningkey.com URL: https://www.thewinningkey.com/sweeps/777777-2021-2022?s1=&utm_campaign=&utm_content=&utm_medium=1766318&utm_source=email&utm_term=ee756446b31020d08286276ad1acb68af88c9c5c80d86abd70a0e966fd5b9187 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-amz-version-id Ilyf2heqjbcb6UZHMuleD6bz44kdIrhk content-encoding gzip via 1.1 varnish date Mon, 17 Oct 2022 09:13:25 GMT x-amz-request-id K3G1NSDQYYBMCTCV x-cache HIT cross-origin-resource-policy cross-origin content-length 11738 x-amz-id-2 x1gsCWxGJxJnua94KqELpOs5K2wfd7xLAvpJHQHIeObD56YFvUSO8HakLAAz6Ibdj3IHkoVrGHA= x-served-by cache-hhn4025-HHN last-modified Thu, 20 May 2021 23:21:18 GMT server AmazonS3 x-timer S1665998005.483771,VS0,VE0 etag "ceffb14d16467e17c5360bf7880099fa" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 5
GET H2	200	pica.js www.thewinningkey.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame EE6E	25 KB 10 KB	30ms 30ms	Other application/javascript	2606:4700::6812:13bb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.thewinningkey.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:13bb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca3ff3481a79bbefcd01a3af54275b19f7946cb00c7db988ed29a9ba1607a9dd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Mon, 17 Oct 2022 09:13:25 GMT content-encoding gzip server cloudflare vary accept-encoding content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 75b7eb0e38d49c07-FRA
GET H/1.1	403 Forbidden	NRJS-f16d1a5e51efdae09ce bam-cell.nr-data.net/1/	0 0	1107ms 548ms	Script text/plain	162.247.241.2 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/1/NRJS-f16d1a5e51efdae09ce?a=679460538&v=1209.f04e2b9&to=IVhXQRYKXggAFk4MXRZSS0YQDEYNBAgSSkYWXlVcEAxXF0oWBBRGB0RNahELUxIEDQ0EUQ5S&rst=468&ck=1&ref=https://www.thewinningkey.com/sweeps/777777-2021-2022&qt=3&ap=22&be=336&fe=404&dc=402&perf=%7B%22timing%22:%7B%22of%22:1665998005025,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:169,%22c%22:169,%22s%22:184,%22ce%22:208,%22rq%22:208,%22rp%22:311,%22rpe%22:357,%22dl%22:316,%22di%22:402,%22ds%22:402,%22de%22:403,%22dc%22:403,%22l%22:403,%22le%22:404%7D,%22navigation%22:%7B%7D%7D&fp=409&fcp=409&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1209.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 17 Oct 2022 09:13:26 GMT NEL {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWaQ6Zjmtb8xirRdurAcdSj%2Fb6srCiWxzXQHAzHA1dmaTIMGyF%2F7K%2FNlOWY3B320M0B0qUzkAczG3k7sUBg%2Fi7v9Dr6WLhTQeu5ascT7X8kp0YFzvPpk6%2BJsJLyOYIFA%2BTGU0Z5A"}],"group":"cf-nel","max_age":604800} Content-Type text/plain;charset=UTF-8 Connection keep-alive CF-RAY 75b7eb12fb0346d9-SIN Content-Length 2
POST H2	200	75b7eb0ccd869c07 Show response www.thewinningkey.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame EE6E	2 B 371 B	63ms 62ms	XHR text/plain	2606:4700::6812:13bb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.thewinningkey.com/cdn-cgi/challenge-platform/h/b/cv/result/75b7eb0ccd869c07 Requested by Host: www.thewinningkey.com URL: https://www.thewinningkey.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1665993600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:13bb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Content-Type application/json Response headers date Mon, 17 Oct 2022 09:13:25 GMT content-encoding gzip server cloudflare cf-ray 75b7eb109eb99c07-FRA content-type text/plain; charset=UTF-8

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.thewinningkey.com/	1970-01-20 06:46:39	Name: __cf_bm Value: Gr02N1NXp8CCmuTLW6bjxQ0wz2Tw0YNn1mV6ReQkc0Q-1665998005-0-ARWr6MOBExDIvzEm2UYWW0kYHbDXQrVAVc/xaUGUdavl9KQu9LL+b+omEVT4y1eVtEy9roeT/KbzNZE6MNEZNO6FlK9v8SngYW4wu8yIukLusRRSyPH0glqLagS6mPWKKfRv6Q9koGQu7rJdgx4BslWC5nTGciWEbZ/cZRGiDgKs

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.thewinningkey.com/sweeps/777777-2021-2022?s1=&utm_campaign=&utm_content=&utm_medium=1766318&utm_source=email&utm_term=ee756446b31020d08286276ad1acb68af88c9c5c80d86abd70a0e966fd5b9187 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bam-cell.nr-data.net/1/NRJS-f16d1a5e51efdae09ce?a=679460538&v=1209.f04e2b9&to=IVhXQRYKXggAFk4MXRZSS0YQDEYNBAgSSkYWXlVcEAxXF0oWBBRGB0RNahELUxIEDQ0EUQ5S&rst=468&ck=1&ref=https://www.thewinningkey.com/sweeps/777777-2021-2022&qt=3&ap=22&be=336&fe=404&dc=402&perf=%7B%22timing%22:%7B%22of%22:1665998005025,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:169,%22c%22:169,%22s%22:184,%22ce%22:208,%22rq%22:208,%22rp%22:311,%22rpe%22:357,%22dl%22:316,%22di%22:402,%22ds%22:402,%22de%22:403,%22dc%22:403,%22l%22:403,%22le%22:404%7D,%22navigation%22:%7B%7D%7D&fp=409&fcp=409&jsonp=NREUM.setToken Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
js-agent.newrelic.com
www.thewinningkey.com
151.101.66.137
162.247.241.2
2606:4700::6812:13bb
00db2e22467e903b8565f34c64f2f4ad081c1b095675cbab9252babfae81a3f6
1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3bfcf91dc9e93113c8fdf6a17d6bf2deec2f3c1cfd8fbf01c41b11cfe68ccf53
758569f863632de3cd1aa9d54e3095843a2ebc6d305cd075a5f65bedc94ae117
ca3ff3481a79bbefcd01a3af54275b19f7946cb00c7db988ed29a9ba1607a9dd
f1368c300508a400308c06f54958f3b5cc9d0fb70320c20fbc2149a8fc22b34c
fe6e252f3339e74349179533af1be48149260cff9e53612ded79484807e9e900