whoslucky.win Open in urlscan Pro
2606:4700:3037::681c:d8b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.exclicks.com/ec2b6023-a7e4-49eb-9ef3-31b58041ba94
Effective URL:
https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc...
Submission Tags: 6629711
Submission: On July 14 via api (July 14th 2020, 5:48:28 am UTC) from NL

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3037::681c:d8b, located in United States and belongs to CLOUDFLARENET, US. The main domain is whoslucky.win.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 25th 2020. Valid for: a year.

This is the only time whoslucky.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.196.86.59 18.196.86.59	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700:303... 2606:4700:3037::681c:d8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.210.30.35 54.210.30.35	14618 (AMAZON-AES) (AMAZON-AES)
12	3

1 18.196.86.59 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

track.exclicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3037::681c:d8b (United States)

ASN13335 (CLOUDFLARENET, US)

whoslucky.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.210.30.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-30-35.compute-1.amazonaws.com

downloader.anstrex.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	whoslucky.win whoslucky.win	245 KB
1	anstrex.org downloader.anstrex.org	255 B
1	exclicks.com 1 redirects track.exclicks.com	1 KB
0	dailydeals.today Failed dailydeals.today Failed
12	4

	Domain	Requested by
9	whoslucky.win	whoslucky.win
1	downloader.anstrex.org	whoslucky.win
1	track.exclicks.com	1 redirects
0	dailydeals.today Failed	whoslucky.win
12	4

This site contains links to these domains. Also see Links.

Domain
track.kyclicks.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-05-25` - `2021-05-25`	a year	crt.sh
downloader.anstrex.org Let's Encrypt Authority X3	`2020-06-02` - `2020-08-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1
Frame ID: 038FC140429761F1E8678E0E6CE4DFA3
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://track.exclicks.com/ec2b6023-a7e4-49eb-9ef3-31b58041ba94 HTTP 302
https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMng... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

12
Requests

83 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

245 kB
Transfer

1079 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://track.kyclicks.com/click/1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.exclicks.com/ec2b6023-a7e4-49eb-9ef3-31b58041ba94 HTTP 302
https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response whoslucky.win/br/santander/ Redirect Chain https://track.exclicks.com/ec2b6023-a7e4-49eb-9ef3-31b58041ba94 https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsS...	10 KB 4 KB	384ms 350ms	Document text/html	2606:4700:3037::681c:d8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681c:d8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4fcff26253cdd880041803d1fc8acc6c21d1ccedc8699d8d7a895fc9e7af6a9f` Request headers :method GET :authority whoslucky.win :scheme https :path /br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Tue, 14 Jul 2020 05:48:11 GMT content-type text/html set-cookie __cfduid=d48d2bd71dd64e269b4d938d0ad4e033b1594705691; expires=Thu, 13-Aug-20 05:48:11 GMT; path=/; domain=.whoslucky.win; HttpOnly; SameSite=Lax last-modified Wed, 24 Jun 2020 04:01:17 GMT vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 03ed76dbbd0000dfcf7c180200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5b28f40c6e9ddfcf-FRA content-encoding br Redirect headers Server nginx Date Tue, 14 Jul 2020 05:48:11 GMT Content-Length 0 Connection keep-alive Cache-Control no-store, no-cache, pre-check=0, post-check=0 Expires Thu, 01 Jan 1970 00:00:00 GMT Location https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 Pragma no-cache Set-Cookie ec2b6023-a7e4-49eb-9ef3-31b58041ba94-v4=ec2b6023-a7e4-49eb-9ef3-31b58041ba94; Max-Age=86400; Expires=Wed, 15-Jul-2020 05:48:11 GMT; Domain=track.exclicks.com; Path=/; Secure; HttpOnly;SameSite=None cep-v4=Pi5Zgugdo3hwslyrZ4jctU6cIm1FOc08eVaCtt0k3enqH8FLozaIOWWlv7LR_wsEbn9SrGCmzqVuFKaO8t8Bm_9mTDPrCNJmVcvkAT8Ww1xEX8hPup7AmNp_wrtmr2RhWxhHGpY1AF48eKZT3VAXnukwxjsdLfehlGEPdA5qKof4HDtlJE9cS6GM31KpTpfvsyBP10kVUwUQwLWVio8-cFFTeXis46u4ll7F7AkITGZZOvj95bwuYvzyxV0Ji6sXKSMPhqqx8G-S5gzmXm6gc9pl1U9wiUpFqnyZw7jgXDBDKg1JiOlR2cmNpHWYSO5Ddx1tkcU40GdYKtmvTBGhG0dGik8my-o3Nt_EAlYSTuz7nyp9f9QjgSYnj72opuMf; Max-Age=86400; Expires=Wed, 15-Jul-2020 05:48:11 GMT; Domain=track.exclicks.com; Path=/; Secure; HttpOnly;SameSite=None
GET H2	200	5ee4b3179695c_v.css whoslucky.win/br/santander/	604 KB 60 KB	30ms 29ms	Stylesheet text/css	2606:4700:3037::681c:d8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://whoslucky.win/br/santander/5ee4b3179695c_v.css Requested by Host: whoslucky.win URL: https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681c:d8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2fe0ea07ab8454fc5f251a32e49c0a7f6a71fa9a66bd388bb6db8edcc4a976ee` Request headers Referer https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 14 Jul 2020 05:48:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 15 Jun 2020 06:17:42 GMT server cloudflare age 22 etag W/"5ee71286-96ff8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=43200 cf-ray 5b28f40e9a97dfcf-FRA cf-request-id 03ed76dd1f0000dfcf7c18a200000001 expires Tue, 14 Jul 2020 17:47:49 GMT
GET H2	200	5ee4b31cbaa03_v.css whoslucky.win/br/santander/	116 KB 21 KB	19ms 18ms	Stylesheet text/css	2606:4700:3037::681c:d8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://whoslucky.win/br/santander/5ee4b31cbaa03_v.css Requested by Host: whoslucky.win URL: https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681c:d8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dff2f9c68962b2ebeee74a9eca1b2626e46d4fc174f4959106b149662407dd4c` Request headers Referer https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 14 Jul 2020 05:48:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 15 Jun 2020 06:17:40 GMT server cloudflare age 22 etag W/"5ee71284-1d0c9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=43200 cf-ray 5b28f40e9a98dfcf-FRA cf-request-id 03ed76dd1f0000dfcf7c18b200000001 expires Tue, 14 Jul 2020 17:47:49 GMT
GET H2	200	5ee4b31b6cf54_v.js Show response whoslucky.win/br/santander/	95 KB 32 KB	17ms 16ms	Script application/javascript	2606:4700:3037::681c:d8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://whoslucky.win/br/santander/5ee4b31b6cf54_v.js Requested by Host: whoslucky.win URL: https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681c:d8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df` Request headers Referer https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 14 Jul 2020 05:48:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 15 Jun 2020 06:17:57 GMT server cloudflare age 22 etag W/"5ee71295-17a69" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 cf-ray 5b28f40e9a9cdfcf-FRA cf-request-id 03ed76dd200000dfcf7c18d200000001 expires Tue, 14 Jul 2020 17:47:49 GMT
GET H2	200	5ee4b314c6015_v.css whoslucky.win/br/santander/	14 KB 3 KB	11ms 10ms	Stylesheet text/css	2606:4700:3037::681c:d8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://whoslucky.win/br/santander/5ee4b314c6015_v.css Requested by Host: whoslucky.win URL: https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681c:d8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1f1219598f93e1169e40ee1b8827b72983383cd25eb26adbeba91b3cd50b3743` Request headers Referer https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 14 Jul 2020 05:48:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 15 Jun 2020 06:17:53 GMT server cloudflare age 22 etag W/"5ee71291-382a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=43200 cf-ray 5b28f40e9a99dfcf-FRA cf-request-id 03ed76dd1f0000dfcf7c18c200000001 expires Tue, 14 Jul 2020 17:47:49 GMT
GET H2	200	5ee4b315b1e2f_v.png whoslucky.win/br/santander/	83 KB 83 KB	14ms 13ms	Image image/png	2606:4700:3037::681c:d8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://whoslucky.win/br/santander/5ee4b315b1e2f_v.png Requested by Host: whoslucky.win URL: https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681c:d8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3b5a17dd9d01f9954aa7675ced3fc4cdec25b07f2846aadc1a0ce3fad4eacb8f` Request headers Referer https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 14 Jul 2020 05:48:12 GMT cf-cache-status HIT age 22 status 200 content-length 84840 cf-request-id 03ed76dd640000dfcf7c192200000001 last-modified Mon, 15 Jun 2020 06:17:51 GMT server cloudflare etag "5ee7128f-14b68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 5b28f40f0b58dfcf-FRA expires Thu, 13 Aug 2020 05:47:50 GMT
GET H2	200	5ee4b318ef154_v.js Show response whoslucky.win/br/santander/	154 KB 41 KB	19ms 19ms	Script application/javascript	2606:4700:3037::681c:d8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://whoslucky.win/br/santander/5ee4b318ef154_v.js Requested by Host: whoslucky.win URL: https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681c:d8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1b7a59b1f42be2925fcefeeb95e071fcb206011f4d233866ab51dc2caf347b5e` Request headers Referer https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 14 Jul 2020 05:48:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 15 Jun 2020 06:17:48 GMT server cloudflare age 21 etag W/"5ee7128c-2696f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 cf-ray 5b28f40ebadedfcf-FRA cf-request-id 03ed76dd370000dfcf7c18e200000001 expires Tue, 14 Jul 2020 17:47:50 GMT
GET H2	200	bo.js Show response whoslucky.win/	567 B 340 B	10ms 10ms	Script application/javascript	2606:4700:3037::681c:d8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://whoslucky.win/bo.js Requested by Host: whoslucky.win URL: https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681c:d8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0fba138412ae8c7ef9bd3bc422b919ead9dcf46ef4919671fc82ba253ac0d507` Request headers Referer https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 14 Jul 2020 05:48:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 Jun 2020 03:01:29 GMT server cloudflare age 21 etag W/"5ef95989-237" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 cf-ray 5b28f40ecafbdfcf-FRA cf-request-id 03ed76dd400000dfcf7c18f200000001 expires Tue, 14 Jul 2020 17:47:50 GMT
GET H2	200	ba.js Show response whoslucky.win/	2 KB 1 KB	16ms 15ms	Script application/javascript	2606:4700:3037::681c:d8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://whoslucky.win/ba.js Requested by Host: whoslucky.win URL: https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681c:d8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2c510cfe5a4a8dbaba25fd4b84aa6e01f053c2a1b194492184a43cff0aee47f8` Request headers Referer https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 14 Jul 2020 05:48:12 GMT content-encoding br cf-cache-status HIT last-modified Mon, 29 Jun 2020 03:01:25 GMT server cloudflare age 22 etag W/"5ef95985-8b6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 cf-ray 5b28f40f0b57dfcf-FRA cf-request-id 03ed76dd640000dfcf7c191200000001 expires Tue, 14 Jul 2020 17:47:50 GMT
GET		icomoon.ttf dailydeals.today/wp-content/plugins/thrive-visual-editor/editor/css/fonts/thrvicomoon/	0 0

GET		icomoon.woff dailydeals.today/wp-content/plugins/thrive-visual-editor/editor/css/fonts/thrvicomoon/	0 0

GET H/1.1	404 Not Found	5ee4b31a06204_v.jpg downloader.anstrex.org/public/user_data/push_data/5d4a80de3ab9b1.39811175/dailydeals.today_1592046336_5ee4b3007cec08.44914859/original/	0 255 B	341ms 101ms	Image text/html	54.210.30.35 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://downloader.anstrex.org/public/user_data/push_data/5d4a80de3ab9b1.39811175/dailydeals.today_1592046336_5ee4b3007cec08.44914859/original/5ee4b31a06204_v.jpg Requested by Host: whoslucky.win URL: https://whoslucky.win/br/santander/?cid=wup2g91mku9g0df02g02d2f8&cep=HX8qvoLrmZPQwMUIrPC1v1a2PsMngJTGbceWs56ZgVcpYumyc5u_K2GDLiUwJ4o452SXyHFMeI-COH7cL3gXJQr21Y-_CgFEouOtJnaGx99fmkbAZcfxRRytmKT7xLsSKnuL1cra15XxvfYUyVF27BD-_fW1EfIeI2gd_xpyPvO6U3ZujDVNUxniGIyNbKkbEICXwjFjGKQOG_TxPc6ZhUf4k-MX6q7gRkX_G8O4jXqIMCcYRRy1GRodS1Ts5RAHHZiy9T-kYNIHDwsRfNPsRlUMN6-j23mAkGpNDODywunX6YO4khXeBFa0rsqCYfeNVSKadWr20gUmFhDHIQRLBqiCWTTtVYI1HwPwNGIP0KyuTmZzgVazX-eMOt8orHgi&lptoken=1558947d70ee74e691a1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 54.210.30.35 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-210-30-35.compute-1.amazonaws.com Software nginx/1.15.6 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://whoslucky.win/br/santander/5ee4b314c6015_v.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 05:48:12 GMT Content-Encoding gzip Transfer-Encoding chunked Server nginx/1.15.6 Connection keep-alive Vary Accept-Encoding Content-Type text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dailydeals.today
URL: http://dailydeals.today/wp-content/plugins/thrive-visual-editor/editor/css/fonts/thrvicomoon/icomoon.ttf?jtzdu4

Domain: dailydeals.today
URL: http://dailydeals.today/wp-content/plugins/thrive-visual-editor/editor/css/fonts/thrvicomoon/icomoon.woff?jtzdu4

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.whoslucky.win/	1970-01-19 11:41:37	Name: __cfduid Value: d48d2bd71dd64e269b4d938d0ad4e033b1594705691
			whoslucky.win/br/santander	1970-01-19 10:58:29	Name: evergreen_1 Value: 2020-7-14-7-49-57

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dailydeals.today
downloader.anstrex.org
track.exclicks.com
whoslucky.win
dailydeals.today
18.196.86.59
2606:4700:3037::681c:d8b
54.210.30.35
0fba138412ae8c7ef9bd3bc422b919ead9dcf46ef4919671fc82ba253ac0d507
1b7a59b1f42be2925fcefeeb95e071fcb206011f4d233866ab51dc2caf347b5e
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f1219598f93e1169e40ee1b8827b72983383cd25eb26adbeba91b3cd50b3743
2c510cfe5a4a8dbaba25fd4b84aa6e01f053c2a1b194492184a43cff0aee47f8
2fe0ea07ab8454fc5f251a32e49c0a7f6a71fa9a66bd388bb6db8edcc4a976ee
3b5a17dd9d01f9954aa7675ced3fc4cdec25b07f2846aadc1a0ce3fad4eacb8f
4fcff26253cdd880041803d1fc8acc6c21d1ccedc8699d8d7a895fc9e7af6a9f
dff2f9c68962b2ebeee74a9eca1b2626e46d4fc174f4959106b149662407dd4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

whoslucky.win Open in urlscan Pro 2606:4700:3037::681c:d8b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

83 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

245 kBTransfer

1079 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

2 Cookies

Indicators

whoslucky.win Open in urlscan Pro
2606:4700:3037::681c:d8b Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

83 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

245 kB
Transfer

1079 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions