s.windeal.club Open in urlscan Pro
2a04:3542:1000:910:80c8:eeff:fe8b:487b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://m.bolo2vas25.click/c/n/257236/4792
Effective URL:
https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click...
Submission: On November 13 via api (November 13th 2024, 12:53:44 am UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 8 domains to perform 14 HTTP transactions. The main IP is 2a04:3542:1000:910:80c8:eeff:fe8b:487b, located in Madrid, Spain and belongs to UPCLOUD, FI. The main domain is s.windeal.club.
TLS certificate: Issued by E5 on October 24th 2024. Valid for: 3 months.

This is the only time s.windeal.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	45.79.74.74 45.79.74.74	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3 3	2a04:3542:100... 2a04:3542:1000:910:80c8:eeff:fe8b:6d38	202053 (UPCLOUD) (UPCLOUD)
1 1	2a04:3542:100... 2a04:3542:1000:910:80c8:eeff:fe8b:2ba4	202053 (UPCLOUD) (UPCLOUD)
8	2a04:3542:100... 2a04:3542:1000:910:80c8:eeff:fe8b:487b	202053 (UPCLOUD) (UPCLOUD)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	116.202.247.159 116.202.247.159	24940 (HETZNER-AS) (HETZNER-AS)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
14	5

2 45.79.74.74 (Fremont, United States) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 45-79-74-74.ip.linodeusercontent.com

m.bolo2vas25.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:3542:1000:910:80c8:eeff:fe8b:6d38 (Madrid, Spain) 3 redirects

ASN202053 (UPCLOUD, FI)

1d745e6548a.goodeals.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1d7466fa8ca.morningluck.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:3542:1000:910:80c8:eeff:fe8b:2ba4 (Madrid, Spain) 1 redirects

ASN202053 (UPCLOUD, FI)

1d7466fa8ca.luckyflowers.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:3542:1000:910:80c8:eeff:fe8b:487b (Madrid, Spain)

ASN202053 (UPCLOUD, FI)

s.windeal.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.202.247.159 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.159.247.202.116.clients.your-server.de

carriers.mobilemediaportals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	windeal.club s.windeal.club	121 KB
3	mobilemediaportals.com carriers.mobilemediaportals.com	2 KB
2	goodeals.xyz 2 redirects 1d745e6548a.goodeals.xyz	499 B
2	bolo2vas25.click 2 redirects m.bolo2vas25.click	757 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2944
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	101 KB
1	luckyflowers.click 1 redirects 1d7466fa8ca.luckyflowers.click	999 B
1	morningluck.info 1 redirects 1d7466fa8ca.morningluck.info	946 B
14	8

	Domain	Requested by
8	s.windeal.club	s.windeal.club
3	carriers.mobilemediaportals.com	s.windeal.club
2	1d745e6548a.goodeals.xyz	2 redirects
2	m.bolo2vas25.click	2 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	s.windeal.club
1	1d7466fa8ca.luckyflowers.click	1 redirects
1	1d7466fa8ca.morningluck.info	1 redirects
14	8

This site contains links to these domains. Also see Links.

Domain
powergoods.xyz

Subject Issuer	Validity	Valid
*.windeal.club E5	`2024-10-24` - `2025-01-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
mobilemediaportals.com R10	`2024-10-03` - `2025-01-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1
Frame ID: DEDD3F55BB6416677DAE3822793FD705
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Congratulations!

Page URL History Show full URLs

http://m.bolo2vas25.click/c/n/257236/4792 HTTP 307
https://m.bolo2vas25.click/c/n/257236/4792 HTTP 302
https://1d745e6548a.goodeals.xyz/?p=7229&wid=147327&wid_hmac=c23a47427a852d0d9a3b96729579a184&click_id=579d5f... HTTP 302
https://1d7466fa8ca.morningluck.info/?p=7229&wid=147327&wid_hmac=c23a47427a852d0d9a3b96729579a184&click_id=579d5f... HTTP 302
https://s.windeal.club/iq_test2?flow=sms&tid=64y7p4w07dw7of32qkc0ssgkk,17815799,5,7229&ctrack=17314... HTTP 307
http://m.bolo2vas25.click/c/n/257236/4792 HTTP 302
https://1d745e6548a.goodeals.xyz/?p=7229&wid=147327&wid_hmac=c23a47427a852d0d9a3b96729579a184&click_id=17ec17... HTTP 302
https://1d7466fa8ca.luckyflowers.click/?p=7229&wid=147327&wid_hmac=c23a47427a852d0d9a3b96729579a184&click_id=17ec17... HTTP 302
https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.20... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

14
Requests

93 %
HTTPS

71 %
IPv6

8
Domains

8
Subdomains

5
IPs

3
Countries

224 kB
Transfer

629 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://powergoods.xyz/?oid=154965&oid_hmac=99ed59bef86614fbb4ba71f391f199d9&click_id=17ec178131c648c8afc49e04d59de8e7&co=1&ctrack=1731459219.200068140&noback=1&p=7229&sub_id=4792_
Title: Notify me

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.bolo2vas25.click/c/n/257236/4792 HTTP 307
https://m.bolo2vas25.click/c/n/257236/4792 HTTP 302
https://1d745e6548a.goodeals.xyz/?p=7229&wid=147327&wid_hmac=c23a47427a852d0d9a3b96729579a184&click_id=579d5fa4a61c4d54b9911e7aec2cb53b&sub_id=4792_ HTTP 302
https://1d7466fa8ca.morningluck.info/?p=7229&wid=147327&wid_hmac=c23a47427a852d0d9a3b96729579a184&click_id=579d5fa4a61c4d54b9911e7aec2cb53b&sub_id=4792_&co=1&noback=1 HTTP 302
https://s.windeal.club/iq_test2?flow=sms&tid=64y7p4w07dw7of32qkc0ssgkk,17815799,5,7229&ctrack=1731459218.2420736067&p=7229&click_id=579d5fa4a61c4d54b9911e7aec2cb53b&sub_id=4792_&co=1&noback=1 HTTP 307
http://m.bolo2vas25.click/c/n/257236/4792 HTTP 302
https://1d745e6548a.goodeals.xyz/?p=7229&wid=147327&wid_hmac=c23a47427a852d0d9a3b96729579a184&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_ HTTP 302
https://1d7466fa8ca.luckyflowers.click/?p=7229&wid=147327&wid_hmac=c23a47427a852d0d9a3b96729579a184&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1 HTTP 302
https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request win_click Show response
s.windeal.club/
Redirect Chain

http://m.bolo2vas25.click/c/n/257236/4792
https://m.bolo2vas25.click/c/n/257236/4792
https://1d745e6548a.goodeals.xyz/?p=7229&wid=147327&wid_hmac=c23a47427a852d0d9a3b96729579a184&click_id=579d5fa4a61c4d54b9911e7aec2cb53b&sub_id=4792_
https://1d7466fa8ca.morningluck.info/?p=7229&wid=147327&wid_hmac=c23a47427a852d0d9a3b96729579a184&click_id=579d5fa4a61c4d54b9911e7aec2cb53b&sub_id=4792_&co=1&noback=1
https://s.windeal.club/iq_test2?flow=sms&tid=64y7p4w07dw7of32qkc0ssgkk,17815799,5,7229&ctrack=1731459218.2420736067&p=7229&click_id=579d5fa4a61c4d54b9911e7aec2cb53b&sub_id=4792_&co=1&noback=1
http://m.bolo2vas25.click/c/n/257236/4792
https://1d745e6548a.goodeals.xyz/?p=7229&wid=147327&wid_hmac=c23a47427a852d0d9a3b96729579a184&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_
https://1d7466fa8ca.luckyflowers.click/?p=7229&wid=147327&wid_hmac=c23a47427a852d0d9a3b96729579a184&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1
https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1

17 KB
8 KB

104ms
103ms

Document
text/html

2a04:3542:1000:910:80c8:eeff:fe8b:487b
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: 6e0d7d6ca3d6fc2dcd13d836963a725137686410ba6a0554014be0791553c977

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 13 Nov 2024 00:53:39 GMT
log-id: 1bd2f60e-e170-4a44-a908-a2a5b68c188c
vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=UTF-8
date: Wed, 13 Nov 2024 00:53:39 GMT
location: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
101 KB 196ms
66ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2V6DGFRPKP

Requested by

Host: s.windeal.club
URL: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a66972c1fcc91aca910f9223b1e320d6bd11d7df093b38a8f2dcef4fd66aee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.windeal.club/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 13 Nov 2024 00:53:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 00:53:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103219
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 app.css
s.windeal.club/css/offers/win_click/ 10 KB
2 KB 77ms
76ms Stylesheet
text/css 2a04:3542:1000:910:80c8:eeff:fe8b:487b
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://s.windeal.club/css/offers/win_click/app.css?id=ce47df0defeb8989b1f424ffb3faba95
Requested by: Host: s.windeal.club
URL: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: f20a6aeca5e400acade49ba9f575372734a08305a06e12c5bbc8767a98feafc1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1

Response headers

cache-control: max-age=31536000, public
content-encoding: gzip
etag: W/"6731fa7f-27fb"
pragma: public
expires: Thu, 13 Nov 2025 00:53:39 GMT
date: Wed, 13 Nov 2024 00:53:39 GMT
content-type: text/css
last-modified: Mon, 11 Nov 2024 12:37:19 GMT
vary: Accept-Encoding

GET
H2 200 logo.jpg
s.windeal.club/img/offers/win_click/themes/casino/ 1 KB
1 KB 77ms
76ms Image
image/jpeg 2a04:3542:1000:910:80c8:eeff:fe8b:487b
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.windeal.club/img/offers/win_click/themes/casino/logo.jpg
Requested by: Host: s.windeal.club
URL: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: bb1f8783891ce9f064d95967a30bb0cad330cab1093ef7ed422045db3de312e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1

Response headers

cache-control: max-age=31536000, public
etag: "6731fa7f-46c"
pragma: public
expires: Thu, 13 Nov 2025 00:53:39 GMT
accept-ranges: bytes
content-length: 1132
date: Wed, 13 Nov 2024 00:53:39 GMT
content-type: image/jpeg
last-modified: Mon, 11 Nov 2024 12:37:19 GMT

GET
H2 200 default@0.5x.png
s.windeal.club/img/prizes/iphone-16-pro/ 8 KB
8 KB 76ms
75ms Image
image/png 2a04:3542:1000:910:80c8:eeff:fe8b:487b
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.windeal.club/img/prizes/iphone-16-pro/default@0.5x.png
Requested by: Host: s.windeal.club
URL: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: 5a637a5c43f4ed3629de04b794292fcd107e8335b47844b0462acb0768b14e2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1

Response headers

cache-control: max-age=31536000, public
etag: "6731fa02-1e0e"
pragma: public
expires: Thu, 13 Nov 2025 00:53:39 GMT
accept-ranges: bytes
content-length: 7694
date: Wed, 13 Nov 2024 00:53:39 GMT
content-type: image/png
last-modified: Mon, 11 Nov 2024 12:35:14 GMT

GET
H2 200 app.js Show response
s.windeal.club/js/ 0
207 B 61ms
60ms Script
application/javascript 2a04:3542:1000:910:80c8:eeff:fe8b:487b
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://s.windeal.club/js/app.js?id=d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: s.windeal.club
URL: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1

Response headers

cache-control: max-age=31536000, public
etag: "6731fa7f-0"
pragma: public
expires: Thu, 13 Nov 2025 00:53:39 GMT
accept-ranges: bytes
content-length: 0
date: Wed, 13 Nov 2024 00:53:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 11 Nov 2024 12:37:19 GMT

GET
H2 200 app.js Show response
s.windeal.club/js/offers/win_click/ 294 KB
97 KB 66ms
66ms Script
application/javascript 2a04:3542:1000:910:80c8:eeff:fe8b:487b
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://s.windeal.club/js/offers/win_click/app.js?id=44aebc7c4dbcd32ab8ce89f5a632839a
Requested by: Host: s.windeal.club
URL: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: e5f5776b4c3277937bd40e348e27f58ae3845600cd0f7812a618d58a8a63ad16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1

Response headers

cache-control: max-age=31536000, public
content-encoding: gzip
etag: W/"6731fa7e-49703"
pragma: public
expires: Thu, 13 Nov 2025 00:53:39 GMT
date: Wed, 13 Nov 2024 00:53:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 11 Nov 2024 12:37:18 GMT
vary: Accept-Encoding

GET 9a566fec-8056-4582-b9de-a9db41bd2d64
https://s.windeal.club/ 0
0

GET
H2 200 coins.jpg
s.windeal.club/img/offers/win_click/themes/casino/ 3 KB
3 KB 65ms
64ms Image
image/jpeg 2a04:3542:1000:910:80c8:eeff:fe8b:487b
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.windeal.club/img/offers/win_click/themes/casino/coins.jpg
Requested by: Host: s.windeal.club
URL: https://s.windeal.club/css/offers/win_click/app.css?id=ce47df0defeb8989b1f424ffb3faba95
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: 3388518b86e14bee824865e93ff4876cb525b1b19cdd30dfada34f4cae3063c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.windeal.club/css/offers/win_click/app.css?id=ce47df0defeb8989b1f424ffb3faba95

Response headers

cache-control: max-age=31536000, public
etag: "6731fa7f-b42"
pragma: public
expires: Thu, 13 Nov 2025 00:53:39 GMT
accept-ranges: bytes
content-length: 2882
date: Wed, 13 Nov 2024 00:53:39 GMT
content-type: image/jpeg
last-modified: Mon, 11 Nov 2024 12:37:19 GMT

GET
H2 200 crown.png
s.windeal.club/img/offers/win_click/themes/casino/ 1 KB
2 KB 67ms
66ms Image
image/png 2a04:3542:1000:910:80c8:eeff:fe8b:487b
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.windeal.club/img/offers/win_click/themes/casino/crown.png
Requested by: Host: s.windeal.club
URL: https://s.windeal.club/css/offers/win_click/app.css?id=ce47df0defeb8989b1f424ffb3faba95
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:3542:1000:910:80c8:eeff:fe8b:487b Madrid, Spain, ASN202053 (UPCLOUD, FI),
Reverse DNS
Software: /
Resource Hash: 22c4520224fb0c2a3cce5178fb6ae20ef6f98d5b8294a7d52c4cb8607ca9c1dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.windeal.club/css/offers/win_click/app.css?id=ce47df0defeb8989b1f424ffb3faba95

Response headers

cache-control: max-age=31536000, public
etag: "6731fa7f-5fa"
pragma: public
expires: Thu, 13 Nov 2025 00:53:39 GMT
accept-ranges: bytes
content-length: 1530
date: Wed, 13 Nov 2024 00:53:39 GMT
content-type: image/png
last-modified: Mon, 11 Nov 2024 12:37:19 GMT

GET
H2 200 telekom.svg
carriers.mobilemediaportals.com/ 546 B
451 B 186ms
57ms Image
image/svg+xml 116.202.247.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://carriers.mobilemediaportals.com/telekom.svg
Requested by: Host: s.windeal.club
URL: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.247.159 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.247.202.116.clients.your-server.de
Software: /
Resource Hash: 2c3495e08372e20a256af1ab72ba78c098aad07d894a23bffc26a94f27caa71a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.windeal.club/

Response headers

content-encoding: gzip
date: Wed, 13 Nov 2024 00:53:39 GMT
etag: W/"66c5ad7c-222"
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 21 Aug 2024 09:03:56 GMT

GET
H2 200 vodafone.svg
carriers.mobilemediaportals.com/ 689 B
522 B 193ms
67ms Image
image/svg+xml 116.202.247.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://carriers.mobilemediaportals.com/vodafone.svg
Requested by: Host: s.windeal.club
URL: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.247.159 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.247.202.116.clients.your-server.de
Software: /
Resource Hash: 5d1f3eba861b3b61a94974c291157f6087eeb1aecd5adaf2b5d07a2257b12c96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.windeal.club/

Response headers

content-encoding: gzip
date: Wed, 13 Nov 2024 00:53:39 GMT
etag: W/"66c5ad7c-2b1"
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 21 Aug 2024 09:03:56 GMT

GET
H2 200 o2.svg
carriers.mobilemediaportals.com/ 934 B
593 B 183ms
58ms Image
image/svg+xml 116.202.247.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://carriers.mobilemediaportals.com/o2.svg
Requested by: Host: s.windeal.club
URL: https://s.windeal.club/win_click?tid=64y7p52me1yiuz9ed2ddwgk4k,16516971,5,7229&ctrack=1731459219.200068140&p=7229&click_id=17ec178131c648c8afc49e04d59de8e7&sub_id=4792_&co=1&noback=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.247.159 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.247.202.116.clients.your-server.de
Software: /
Resource Hash: 41e90ad513e7514c505e362ef2d490ff015e9d7997864b358cb06691672d8104

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.windeal.club/

Response headers

content-encoding: gzip
date: Wed, 13 Nov 2024 00:53:39 GMT
etag: W/"66c5ad7c-3a6"
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 21 Aug 2024 09:03:56 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 159ms
56ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2V6DGFRPKP&gtm=45je4b70v880168263za200&_p=1731459219340&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&cid=716804733.1731459220&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731459219&sct=1&seg=0&dl=https%3A%2F%2Fs.windeal.club%2Fwin_click%3Ftid%3D64y7p52me1yiuz9ed2ddwgk4k%2C16516971%2C5%2C7229%26ctrack%3D1731459219.200068140%26p%3D7229%26click_id%3D17ec178131c648c8afc49e04d59de8e7%26sub_id%3D4792_%26co%3D1%26noback%3D1&dt=Congratulations!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.ab=a&ep.flow=ivr&ep.offer=win_click&ep.prize=iphone-16-pro&ep.category=ivr_win&ep.p=7229&tfd=4274
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2V6DGFRPKP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://s.windeal.club/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://s.windeal.club
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 00:53:39 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.windeal.club
URL: blob:https://s.windeal.club/9a566fec-8056-4582-b9de-a9db41bd2d64

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bolo2vas25.click/	1970-01-21 10:33:39	Name: uk Value: 62bcb8a7df254a6a8466bfa4809418ea
.1d7466fa8ca.morningluck.info/	1970-01-21 00:57:39	Name: rts-trck Value: 1
.morningluck.info/	1970-01-21 10:33:39	Name: t-uuid Value: 64y7p4w0adz50s0p3onscc400
.morningluck.info/	1970-01-21 00:59:05	Name: ab Value: B
.morningluck.info/	1970-01-21 01:40:51	Name: traffic-visited-domain Value: windeal.club
.morningluck.info/	1970-01-21 00:57:39	Name: traffic-back-ivr Value: ok
.1d7466fa8ca.luckyflowers.click/	1970-01-21 00:57:39	Name: rts-trck Value: 1
.1d7466fa8ca.luckyflowers.click/	1970-01-21 10:33:39	Name: t-uuid Value: 64y7p52mh68ond18bkfgow8k4
.1d7466fa8ca.luckyflowers.click/	1970-01-21 00:59:05	Name: ab Value: B
.1d7466fa8ca.luckyflowers.click/	1970-01-21 01:40:51	Name: traffic-visited-domain Value: windeal.club
.1d7466fa8ca.luckyflowers.click/	1970-01-21 00:57:39	Name: traffic-back-ivr Value: ok
s.windeal.club/	1970-01-21 00:57:46	Name: XSRF-TOKEN Value: eyJpdiI6Ill6VWRDeGFBVE11Y1BEd2VPUWdLM3c9PSIsInZhbHVlIjoicVp0bmlZRFJSOFVlUmtXM1ErenRmWEU4L3dTRE1nNFFMSHBZWGYvNnZUWXhRUW9Gd3d4cnhwa1piTGdnZzZnUHkxNFJ5ckxUVkhzRFpzQ2dGcXJJY2o5dm1qQ0s2RS94QjE5UXI5Q2IxNUZoZVlyQU1YRjRBSkk5anh6M2d4SCsiLCJtYWMiOiI1MmQzOGYzM2RkZDE3NWM2ZmViMDUwNmRhYmQ5YWEwOThiYjQ0YWI2MDQ5Yjc4MmFjMjBlMTE4NjM3NTU1ZTUwIiwidGFnIjoiIn0%3D
s.windeal.club/	1970-01-21 00:57:46	Name: ivr_offers_session Value: eyJpdiI6Ik1aZ1JTWkhSM3ZLSTkyS1hzc2Z0L0E9PSIsInZhbHVlIjoiWk5mL3BMaWRJcjNEbzJDSUtyeWVhTU5YVDc3SzNhb3NTWXVMa3J2UzBuMlUyY2picUFrQU51VnYvRFplV2YrUTFZZWZZN3kydTIxYVhzZmRXTXoxL2tUZmdGRjlPMm5ncGRhOW1CSnJEbm9qV1c1Wk12YTU1VVVZTHFHWitwTXYiLCJtYWMiOiJkMjkyYTJiYjdjOGEzN2ZjNWE4ODA3OTQxMjEwZjZmZmZhM2QwN2ZiZTdkZWM4ZDc3MTU0ZmJkOWFmZjI0MzBiIiwidGFnIjoiIn0%3D
s.windeal.club/	1970-01-21 00:59:05	Name: domain-trk Value: eyJpdiI6Ik9jemhGc081bEdjbkJPelVBcVh2cXc9PSIsInZhbHVlIjoiWDVQTjBmZ0x0U3NSeldZeTZuSGVaWmxsSkpDd1RDRHhDeGRLRlhwWEFSZXFJOHpYS1FBbjhkRlBGU001WTlzeiIsIm1hYyI6IjM1NTYzMTRmZDE4NmVmYmI5ZWYyNzM5OTczOThiYWM0NzYxNDk3OGEyMDZjNWVlN2RjYWI5OWI3MjRiZmVmOTAiLCJ0YWciOiIifQ%3D%3D
s.windeal.club/	1969-12-31 23:59:59	Name: SESS_TRAF Value: eyJpdiI6IlQzNkVROEN0UmpSQlpTekxQUmxuK2c9PSIsInZhbHVlIjoiOTMzK2U2c2w1VkFPNGozOWtQL3NaZ1E4Yyt3b3BLTkdUY3lPeW5vYmZqUVVXaUF1MVVYbndLN3FjZ1NuSFo0cTlVUTJ1enJvSTFZenlZNTlxdzlvS2lBMGwxK3p3NVBhbUx6RXhXMFRwOXJPSk9id29hQ1ZNdDdjYjlXVEp4T1N4RnhaSTRFajJ0R2pQNm5Pd0JqTjlVUFcrREVuUnZWM2NyRXNsNWlBT2ZqNitpMkg4UFg5MzhMcmNhdUJ1UnhDaDloYmxSaVkrWXVSN3BmOWlIUERTb01zdUh3eUVTdmN4cW96dHJUVWNxVC96dElJSDF3dHJWMUNMY2t1MHR1Z0N5akV5cDlYZ0Z4NEptTWhqaDBleHkvZHhkVmtKRm1UMm1tQS9vNHpCZW89IiwibWFjIjoiMTlkMDVkYzUwZTk4NDcwYjkxZTEyYmE5MDIyYzA0YmE2YjJiZTUwMzA1ZTllODE5YWNhOTcxMDU3N2E2Yjg2NCIsInRhZyI6IiJ9
s.windeal.club/	1970-01-21 00:59:05	Name: visit Value: eyJpdiI6IkY4bjBJR21qamRGRkg5bklZbk0rSGc9PSIsInZhbHVlIjoiYWpoNDljOEJMeWdUZGVjWjU4RkIvLy9KdXczc3BJWkp5OGVDa3ZWWlZhNTRWbldjL3RYK1grVFB4WHZ2NmRqaiIsIm1hYyI6IjgxN2Y0ZTc5ZmI3ODA4YWVlODRiMGJjYTA0MDQ3NGVlY2I0NWQ1OTY3MmE3MmMwMGFlN2YwNTliNzk2NTVlNzgiLCJ0YWciOiIifQ%3D%3D
s.windeal.club/	1970-01-21 00:57:46	Name: hLqnOxmCBeQvGOI0OZPByi3JVwWfuKd71sToxyDg Value: eyJpdiI6IlRvb3lpVDJoWi9TazJCN2xURWRPZ3c9PSIsInZhbHVlIjoiSGZNQnYyMEFZR3NkTm55Y0F0V0FHWFVoV2h0Y0VySHQ4UnViUm8rOTlEb3diRWFnVWxpWnI3M2MrblZhK2JhWVFlSnl0T1lXUnFaYjZDVjVmY29OTERlUmNjMlJOS2l0ZUtBakZvb3VGZjBrcFVUZGJGTlRtaWJsRXo0dDJlL3pDQ21SQXNmK3lMZStRWno1cDRHRWtSRnFHNURBYjgxbDF3eEw3dnR2MVdmY0RoVTBBeFBJb3NsTldiNE5KTjM0RlB4Y3lSeG4rVGJ6bWhUcS9TTnMvZGV0ZzhuUTl1dlVHenV1YWpGdTFiaXA1S1FhQzBBYkl2UTF4N0diQU80VENYdmdSRzZrUjlHNnRBN1NtMGRXa2hUS29GbWF2SUlBbndwSVVydzZvWVhKTkIxSzB5dU4vTjVuckRrOGxFS1RmL25OV2poV1phdXc3SS9oNFpQU1ZsVFU2RVh3VjhlVDdBazlRWUFXMmJ6bG0wT0VQTURRL2p2YWpJZWhoVE83Y01SdGhZR0FPQVpNOGxmWEZqdUt1akFqSWdKcmZXRmpWNTcrTGhjSFVOSWduOUNQY2NZSmdTSkZnSnlIdXlNeXZMK1ppNFh5ZWhqVEs5eE1WYldmNm53NE90VXBOSnI5WW9BY2J6NFBCU2QyZmNpU0k1c09veDU3UEEralUrOWFwaHRTcE9TbGp6dytaaHF2LzFCMWNlOHdIa3Z3MG5hdzZFZG9HdFhoTXdadjEwYWlBQVRZcWI0c3hTY2lTL0cwU2pNNnVSRFpCUzgzU0xUcDlIYy9uQT09IiwibWFjIjoiYzU0MjZkMGUzNjg3MzMwZWQ0NTljNWRkNDMyNmJiOTQwNTEwYmIxOTA1MjEzZmU5ZDIyYzVhOTdiZDBmNWE5MyIsInRhZyI6IiJ9
.windeal.club/	1970-01-21 10:33:39	Name: _ga Value: GA1.1.716804733.1731459220
.windeal.club/	1970-01-21 10:33:39	Name: _ga_2V6DGFRPKP Value: GS1.1.1731459219.1.0.1731459219.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d745e6548a.goodeals.xyz
1d7466fa8ca.luckyflowers.click
1d7466fa8ca.morningluck.info
carriers.mobilemediaportals.com
m.bolo2vas25.click
region1.google-analytics.com
s.windeal.club
www.googletagmanager.com
s.windeal.club
116.202.247.159
2001:4860:4802:32::36
2a00:1450:4001:830::2008
2a04:3542:1000:910:80c8:eeff:fe8b:2ba4
2a04:3542:1000:910:80c8:eeff:fe8b:487b
2a04:3542:1000:910:80c8:eeff:fe8b:6d38
45.79.74.74
0a66972c1fcc91aca910f9223b1e320d6bd11d7df093b38a8f2dcef4fd66aee6
22c4520224fb0c2a3cce5178fb6ae20ef6f98d5b8294a7d52c4cb8607ca9c1dd
2c3495e08372e20a256af1ab72ba78c098aad07d894a23bffc26a94f27caa71a
3388518b86e14bee824865e93ff4876cb525b1b19cdd30dfada34f4cae3063c2
41e90ad513e7514c505e362ef2d490ff015e9d7997864b358cb06691672d8104
5a637a5c43f4ed3629de04b794292fcd107e8335b47844b0462acb0768b14e2a
5d1f3eba861b3b61a94974c291157f6087eeb1aecd5adaf2b5d07a2257b12c96
6e0d7d6ca3d6fc2dcd13d836963a725137686410ba6a0554014be0791553c977
bb1f8783891ce9f064d95967a30bb0cad330cab1093ef7ed422045db3de312e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f5776b4c3277937bd40e348e27f58ae3845600cd0f7812a618d58a8a63ad16
f20a6aeca5e400acade49ba9f575372734a08305a06e12c5bbc8767a98feafc1

s.windeal.club Open in urlscan Pro 2a04:3542:1000:910:80c8:eeff:fe8b:487b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

71 %IPv6

8 Domains

8 Subdomains

5 IPs

3 Countries

224 kBTransfer

629 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

19 Cookies

Indicators

s.windeal.club Open in urlscan Pro
2a04:3542:1000:910:80c8:eeff:fe8b:487b Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

71 %
IPv6

8
Domains

8
Subdomains

5
IPs

3
Countries

224 kB
Transfer

629 kB
Size

19
Cookies

14 HTTP transactions
0 data transactions