urlscan.io logo urlscan.io
SecurityTrails logo

winspirit1.com Open in urlscan Pro
104.18.10.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link-towin.com/
Effective URL: https://winspirit1.com/registration/?affl_token=Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk
Submission: On December 19 via api from BE — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 10 HTTP transactions. The main IP is 104.18.10.201, located in and belongs to CLOUDFLARENET, US. The main domain is winspirit1.com.
TLS certificate: Issued by WE1 on November 1st 2024. Valid for: 3 months.
This is the only time winspirit1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 104.21.16.1 13335 (CLOUDFLAR...)
1 1 172.67.161.88 13335 (CLOUDFLAR...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 1 104.18.193.136 13335 (CLOUDFLAR...)
2 104.18.10.201 13335 (CLOUDFLAR...)
1 142.250.185.106 15169 (GOOGLE)
1 104.16.79.73 13335 (CLOUDFLAR...)
1 142.250.181.227 15169 (GOOGLE)
2 18.196.36.111 16509 (AMAZON-02)
2 3.125.84.31 16509 (AMAZON-02)
10 8
2    104.21.16.1 (None, )

ASN13335 (CLOUDFLARENET, US)
link-towin.com
1    172.67.161.88 (United States)

ASN13335 (CLOUDFLARENET, US)
click-to-click.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
make-go.com
1    104.18.193.136 (None, )

ASN13335 (CLOUDFLARENET, US)
record.winspiritaffiliates.com
2    104.18.10.201 (None, )

ASN13335 (CLOUDFLARENET, US)
winspirit1.com
1    142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
fonts.googleapis.com
1    104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
2    18.196.36.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-36-111.eu-central-1.compute.amazonaws.com
wchat.eu.freshchat.com
2    3.125.84.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-84-31.eu-central-1.compute.amazonaws.com
wchat.eu.freshchat.com
Apex Domain
Subdomains		 Transfer
4 freshchat.com
wchat.eu.freshchat.com — Cisco Umbrella Rank: 89526
24 KB
2 winspirit1.com
winspirit1.com
112 KB
2 link-towin.com
link-towin.com
2 KB
1 gstatic.com
fonts.gstatic.com
25 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
899 B
1 winspiritaffiliates.com
record.winspiritaffiliates.com
508 B
1 make-go.com
make-go.com
1 KB
1 click-to-click.com
click-to-click.com
2 KB
10 9
Domain Requested by
4 wchat.eu.freshchat.com winspirit1.com
wchat.eu.freshchat.com
2 winspirit1.com static.cloudflareinsights.com
2 link-towin.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 static.cloudflareinsights.com winspirit1.com
1 fonts.googleapis.com winspirit1.com
1 record.winspiritaffiliates.com 1 redirects
1 make-go.com 1 redirects
1 click-to-click.com 1 redirects
10 9

This site contains no links.

Subject Issuer Validity Valid
link-towin.com
WE1		 2024-12-13 -
2025-03-13		 3 months crt.sh
winspirit1.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.freshchat.com
Amazon RSA 2048 M03		 2024-11-16 -
2025-12-15		 a year crt.sh

This page contains 3 frames:

Primary Page: https://winspirit1.com/registration/?affl_token=Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk
Frame ID: BC7C8E024C845E5C14E11B33C202B6AC
Requests: 10 HTTP requests in this frame

Frame: https://wchat.eu.freshchat.com/widget/config_iframe.html?host=https://wchat.eu.freshchat.com&token=c5a3428f-39f5-40ea-95bb-bb13c892c87a&origin=https://winspirit1.com&widgetUuid=07cc0630-5602-4652-9ba1-fa00b9e94772
Frame ID: BCF6A1418F1FD4A87FFC584C7BE9824E
Requests: 1 HTTP requests in this frame

Frame: https://wchat.eu.freshchat.com/widget/?token=c5a3428f-39f5-40ea-95bb-bb13c892c87a&referrer=aHR0cHM6Ly93aW5zcGlyaXQxLmNvbQ==&widgetUuid=07cc0630-5602-4652-9ba1-fa00b9e94772&eagerLoad=true
Frame ID: 1BDD0A8A3852BF928307D01A52AB6638
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The site is not available in your country.

Page URL History Show full URLs

  1. https://link-towin.com/ Page URL
  2. https://link-towin.com/lander/test-land_1726389803/form.php HTTP 302
    https://click-to-click.com/direct?return=uniq&ip=31.187.78.115&language=HE&geo=IL&cloak_id=1005&cloak_s... HTTP 302
    https://make-go.com/click?o=1383&a=177&aff_click_id=mom0cv6c7mf&sub_id1=&sub_id2= HTTP 302
    https://record.winspiritaffiliates.com/_e5Kamg3qO7_UTilsit49JWNd7ZgqdRLk/8/s2s.req_id=919e4e7a3b75b698a5d63997ab83d... HTTP 301
    https://winspirit1.com/registration/?affl_token=Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

170 kB
Transfer

312 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link-towin.com/ Page URL
  2. https://link-towin.com/lander/test-land_1726389803/form.php HTTP 302
    https://click-to-click.com/direct?return=uniq&ip=31.187.78.115&language=HE&geo=IL&cloak_id=1005&cloak_subid=mom0cv6c7m7&sub_id_1=influence&timezone=Asia%2FJerusalem&funnel_name=direct&funnel=direct&funnel_id=direct&funnel_category=direct&funnel_host=direct&funnel_landing_id=11 HTTP 302
    https://make-go.com/click?o=1383&a=177&aff_click_id=mom0cv6c7mf&sub_id1=&sub_id2= HTTP 302
    https://record.winspiritaffiliates.com/_e5Kamg3qO7_UTilsit49JWNd7ZgqdRLk/8/s2s.req_id=919e4e7a3b75b698a5d63997ab83dffc&payload=webmaster_177%7CclickId_919e4e7a3b75b698a5d63997ab83dffc%7CbuyerId_%7Cutm_term=arb_919e4e7a3b75b698a5d63997ab83dffc%7Cutm_campaign=mom0cv6c7mf HTTP 301
    https://winspirit1.com/registration/?affl_token=Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
link-towin.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://link-towin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f4499eb7e3d2bf7-FRA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Thu, 19 Dec 2024 04:20:38 GMT
expires
Thu, 19 Dec 2024 04:20:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y0DU1OLUZ3zkxolZr00f0a%2B0QWsWb7%2BUohRvuWqBxxbJDPJjRTEhj1kpQ2ucPub0OJMg77gH%2BkyHSR0KV2%2BiQVA2OIaSEgDBE%2FB0TQTDwT5yJ06jDhMFo%2BBV8SPiatbyxA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Primary Request /
winspirit1.com/registration/
Redirect Chain
  • https://link-towin.com/lander/test-land_1726389803/form.php
  • https://click-to-click.com/direct?return=uniq&ip=31.187.78.115&language=HE&geo=IL&cloak_id=1005&cloak_subid=mom0cv6c7m7&sub_id_1=influence&timezone=Asia%2FJerusalem&funnel_name=direct&funnel=direct...
  • https://make-go.com/click?o=1383&a=177&aff_click_id=mom0cv6c7mf&sub_id1=&sub_id2=
  • https://record.winspiritaffiliates.com/_e5Kamg3qO7_UTilsit49JWNd7ZgqdRLk/8/s2s.req_id=919e4e7a3b75b698a5d63997ab83dffc&payload=webmaster_177%7CclickId_919e4e7a3b75b698a5d63997ab83dffc%7CbuyerId_%7C...
  • https://winspirit1.com/registration/?affl_token=Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk
111 KB
111 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winspirit1.com/registration/?affl_token=Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ab79899062300cddb64ff41bd05a24859bee56525ca77db32cd257ae11711e2e

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://link-towin.com
Referer
https://link-towin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-origin
*
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8f4499fd686c4d70-FRA
content-type
text/html; charset=UTF-8
date
Thu, 19 Dec 2024 04:20:41 GMT
last-modified
Wed, 18 Dec 2024 12:43:15 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate
cf-cache-status
BYPASS
cf-ray
8f4499f9c88e7da1-TLV
content-type
text/html; charset=utf-8
date
Thu, 19 Dec 2024 04:20:40 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://winspirit1.com/registration/?affl_token=Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
ZBan
css
fonts.googleapis.com/ 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Sora:400,700,800
Requested by
Host: winspirit1.com
URL: https://winspirit1.com/registration/?affl_token=Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
04c4824565c974bd1b4d5a3757ff04e0609450e13a7b1a34b5828c7e00d8bc22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winspirit1.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 19 Dec 2024 04:20:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 04:20:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 19 Dec 2024 04:20:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a272b1369af3b50c5cf82e76f22c4f1073d680c9080eb93caa80f50683ecc2c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		61 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14ac818fa1612d32c87d3725a348bf9c5722ed652d178cc3451f3342cb4600bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: winspirit1.com
URL: https://winspirit1.com/registration/?affl_token=Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winspirit1.com
Referer
https://winspirit1.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8f449a009ce27da1-TLV
access-control-allow-origin
*
date
Thu, 19 Dec 2024 04:20:41 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2
fonts.gstatic.com/s/sora/v12/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sora/v12/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sora:400,700,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
34f389410a7c00bca7ca2822478e236e1b5f388c49519ef8147bf035b2e20417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winspirit1.com
Referer
https://fonts.googleapis.com/

Response headers

age
154731
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:21:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:21:50 GMT
last-modified
Wed, 13 Sep 2023 22:16:06 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
25064
x-xss-protection
0
server
sffe
widget.js
wchat.eu.freshchat.com/js/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wchat.eu.freshchat.com/js/widget.js
Requested by
Host: winspirit1.com
URL: https://winspirit1.com/registration/?affl_token=Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.196.36.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-36-111.eu-central-1.compute.amazonaws.com
Software
fwe /
Resource Hash
89b2c8dbf9946747895038b615829c37a565d25cbc013222cb6af76c3a3fcf30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winspirit1.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
1e689415-f7d2-9785-b190-97e330bc30e3
cache-control
max-age=900, must-revalidate
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
content-encoding
gzip
x-fw-ratelimiting-managed
false
x-envoy-upstream-service-time
2
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
x-trace-id
00-131b2c1c5a8d694ad3172f45f6af4866-f8289d0793d8b89b-01
date
Thu, 19 Dec 2024 04:20:42 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Fri, 06 Dec 2024 03:23:28 GMT
server
fwe
x-server
57w4q
rum
winspirit1.com/cdn-cgi/ 		0
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://winspirit1.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://winspirit1.com/registration/?affl_token=Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8f449a032a6a4d70-FRA
access-control-allow-origin
https://winspirit1.com
date
Thu, 19 Dec 2024 04:20:42 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
config_iframe.html
wchat.eu.freshchat.com/widget/ Frame BCF6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://wchat.eu.freshchat.com/widget/config_iframe.html?host=https://wchat.eu.freshchat.com&token=c5a3428f-39f5-40ea-95bb-bb13c892c87a&origin=https://winspirit1.com&widgetUuid=07cc0630-5602-4652-9ba1-fa00b9e94772
Requested by
Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.125.84.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-84-31.eu-central-1.compute.amazonaws.com
Software
fwe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' * https://cloudflareinsights.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com https://ajax.cloudflare.com https://static.cloudflareinsights.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://winspirit1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' * https://cloudflareinsights.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com https://ajax.cloudflare.com https://static.cloudflareinsights.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type
text/html
date
Thu, 19 Dec 2024 04:20:42 GMT
last-modified
Fri, 06 Dec 2024 03:23:28 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
server
fwe
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
2
x-fw-ratelimiting-managed
false
x-request-id
8e854396-072b-4163-828d-65d013e717e1
x-server
bww8l
x-trace-id
00-9a47b914ec747483b856150b7efecee3-c095a64dd6d30f82-00
x-xss-protection
1; mode=block
/
wchat.eu.freshchat.com/widget/ Frame 1BDD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://wchat.eu.freshchat.com/widget/?token=c5a3428f-39f5-40ea-95bb-bb13c892c87a&referrer=aHR0cHM6Ly93aW5zcGlyaXQxLmNvbQ==&widgetUuid=07cc0630-5602-4652-9ba1-fa00b9e94772&eagerLoad=true
Requested by
Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.125.84.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-84-31.eu-central-1.compute.amazonaws.com
Software
fwe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' * https://cloudflareinsights.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com https://ajax.cloudflare.com https://static.cloudflareinsights.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://winspirit1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' * https://cloudflareinsights.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com https://ajax.cloudflare.com https://static.cloudflareinsights.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type
text/html
date
Thu, 19 Dec 2024 04:20:43 GMT
last-modified
Fri, 06 Dec 2024 03:23:28 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
server
fwe
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
2
x-fw-ratelimiting-managed
false
x-request-id
92404d16-10c6-48a3-a415-fe59587923b4
x-server
bww8l
x-trace-id
00-ad85c9acff4b4141a6d698c58698b109-5c144c8123d9617a-00
x-xss-protection
1; mode=block
widget.css
wchat.eu.freshchat.com/widget/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wchat.eu.freshchat.com/widget/css/widget.css?t=1734582043135
Requested by
Host: wchat.eu.freshchat.com
URL: https://wchat.eu.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.196.36.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-36-111.eu-central-1.compute.amazonaws.com
Software
fwe /
Resource Hash
58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winspirit1.com/

Response headers

x-request-id
d874b75d-933b-4b97-a6ca-4552e442c20f
content-encoding
gzip
x-fw-ratelimiting-managed
false
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
expires
Fri, 19 Dec 2025 04:20:43 GMT
date
Thu, 19 Dec 2024 04:20:43 GMT
content-type
text/css
last-modified
Fri, 06 Dec 2024 03:23:28 GMT
x-server
9ld88
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time
1
x-trace-id
00-d117312cd2ad550cbc5e28b424f2b27b-c5ec6853718d6032-00
x-xss-protection
1; mode=block
server
fwe

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| useFreshChat object| __cfBeacon object| fcWidget

15 Cookies

Domain/Path Name / Value
link-towin.com/ Name: _subid
Value: mom0cv6c7m7
link-towin.com/ Name: 9d8a5
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU4NzZcIjoxNzM0NTgyMDM4fSxcImNhbXBhaWduc1wiOntcIjEwMDVcIjoxNzM0NTgyMDM4fSxcInRpbWVcIjoxNzM0NTgyMDM4fSJ9.tdkouzaNcKFFjg1feIVeerlWIvu-T4dGN1KhzjwkDEw
link-towin.com/ Name: cloak_manager_first_visit
Value: return
click-to-click.com/ Name: _subid
Value: mom0cv6c7mf
click-to-click.com/ Name: 9d8a5
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU5MzBcIjoxNzM0NTgyMDM5LFwiNTg0MVwiOjE3MzQ1ODIwMzksXCI1ODA4XCI6MTczNDU4MjAzOX0sXCJjYW1wYWlnbnNcIjp7XCIzOVwiOjE3MzQ1ODIwMzksXCIxMDA0XCI6MTczNDU4MjAzOSxcIjEwMDJcIjoxNzM0NTgyMDM5fSxcInRpbWVcIjoxNzM0NTgyMDM5fSJ9.Ufz4ukRNDaSR8S3NYeqXomUCfKKmsVkp-3cW6F0NS2U
click-to-click.com/ Name: a5852ae4of1002
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiOTU3In0.f8TnnJDW9tsFuemMAuDaOdk_ZPwv_Jk1kBnA9aHWjyE
click-to-click.com/ Name: a5852ae4of1002ip
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiXCIzMS4xODcuNzguMTE1XCIifQ.1wW8S747v2MrIJ_GImeec8OCUVIBK3fwmy6gn5mxicw
click-to-click.com/ Name: a5852ae4s1002
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiNTgwOCJ9.L0qy1VrOkgdfdDpKhjR5m98sLf6e-2QKale5UeBTLLY
click-to-click.com/ Name: a5852ae4s1002ip
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiXCIzMS4xODcuNzguMTE1XCIifQ.1wW8S747v2MrIJ_GImeec8OCUVIBK3fwmy6gn5mxicw
click-to-click.com/ Name: _token
Value: uuid_mom0cv6c7mf_mom0cv6c7mf67639f1771ebd8.07482589
make-go.com/ Name: U-cd0dce8fca267bf1fb86cf43e18d5598
Value: unique
make-go.com/ Name: o_cd0dce8fca267bf1fb86cf43e18d5598
Value: 22214b7c-66fa-4e90-857e-c078e0bb155b
record.winspiritaffiliates.com/ Name: VID1
Value: Jy0jPFEuIzhSLVBgYApgCg%3D%3D
.winspiritaffiliates.com/ Name: ZBan
Value: Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk
.winspirit1.com/ Name: __cf_bm
Value: uadeKL5R4Ny9q_k4pqkF_uDJC.a2.lQRwPvowyCnYcU-1734582041-1.0.1.1-5JOD0XJQDrELUUPdB3CVF8QklD3QjQF9Tr2BRvzioBOct.v81iS6ntpUVDrNDVGnbnFlPmCiToTDtKZmmpBiTQ

1 Console Messages

Source Level URL
Text
network error URL: https://winspirit1.com/registration/?affl_token=Go06mia3njh7xQ8l92UTmGNd7ZgqdRLk
Message:
Failed to load resource: the server responded with a status of 451 ()