winorama.store Open in urlscan Pro
172.67.139.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://winorama.store/
Effective URL:
https://winorama.store/
Submission: On August 28 via api (August 28th 2024, 4:35:03 pm UTC) from NL — Scanned from NL

Summary HTTP 15 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 172.67.139.15, located in United States and belongs to CLOUDFLARENET, US. The main domain is winorama.store.
TLS certificate: Issued by WE1 on August 28th 2024. Valid for: 3 months.

This is the only time winorama.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.67.139.15 172.67.139.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.21.34.193 104.21.34.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	34.120.206.70 34.120.206.70	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
15	6

2 172.67.139.15 (United States)

ASN13335 (CLOUDFLARENET, US)

winorama.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.34.193 (None, )

ASN13335 (CLOUDFLARENET, US)

smandorys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.206.70 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 70.206.120.34.bc.googleusercontent.com

katalogmarzen.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	gstatic.com fonts.gstatic.com	106 KB
3	smandorys.com smandorys.com	63 KB
2	katalogmarzen.pl katalogmarzen.pl	255 KB
2	winorama.store winorama.store	10 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
15	5

	Domain	Requested by
5	fonts.gstatic.com	fonts.googleapis.com
3	smandorys.com	winorama.store
2	katalogmarzen.pl	winorama.store
2	winorama.store
1	fonts.googleapis.com	winorama.store
15	5

This site contains links to these domains. Also see Links.

Domain
smandorys.com
tryvary.com

Subject Issuer	Validity	Valid
winorama.store WE1	`2024-08-28` - `2024-11-26`	3 months	crt.sh
smandorys.com WE1	`2024-07-17` - `2024-10-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.katalogmarzen.pl Certum Domain Validation CA SHA2	`2024-07-22` - `2025-07-22`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://winorama.store/
Frame ID: EDB9917727878FA188EFC43595F34074
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://winorama.store/ HTTP 307
https://winorama.store/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

87 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

434 kB
Transfer

738 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://smandorys.com/l/pl--a----2/

Search URL Search Domain Scan URL

URL: http://smandorys.com/l/pl--a----2/?author=1
Title: admin

Search URL Search Domain Scan URL

URL: https://tryvary.com/
Title: Tryvary

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://winorama.store/ HTTP 307
https://winorama.store/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
winorama.store/
Redirect Chain

http://winorama.store/
https://winorama.store/

26 KB
9 KB

1144ms
978ms

Document
text/html

172.67.139.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winorama.store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: d8bb0bd11d380b583f90322e102a738ab766f4c0743f8131cead72e3a0bc21dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ba5b6206b16670f-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 28 Aug 2024 16:34:55 GMT
expires: Wed, 28 Aug 2024 16:34:54 GMT
link: <http://smandorys.com/l/pl--a----2/index.php?rest_route=/>; rel="https://api.w.org/" <http://smandorys.com/l/pl--a----2/index.php?rest_route=/wp/v2/pages/2>; rel="alternate"; title="JSON"; type="application/json" <http://smandorys.com/l/pl--a----2/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qujp68bqlo4Y0VhfXPehb1WPZoKvWFWY7HxVzMz3BJ%2Bw%2Fy7Er%2BgJZHpp2Fles0wk5zlJoe2gY0MsXqUpYaeQi2Z%2B5gzN7A5g3MvVTeUBBwx6A%2Fs0PC8NnshxYvwOiIuX7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-pingback: http://smandorys.com/l/pl--a----2/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

Location: https://winorama.store/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 style.min.css
smandorys.com/l/pl--a----2/wp-includes/css/dist/block-library/ 110 KB
15 KB 246ms
124ms Stylesheet
text/css 104.21.34.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smandorys.com/l/pl--a----2/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by: Host: winorama.store
URL: https://winorama.store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.34.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer: https://winorama.store/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 16:34:55 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 472500
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jul 2024 21:46:55 GMT
server: cloudflare
etag: W/"66a024cf-1b723"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkiBwXxABsJXuXgbA6Ws83T0M%2Fvy4FMPXfUzRWtSh5hxP3kCy9FYsK5%2F2YzWmV32ihgyznuTGysZSb1Vflbn5IRISAH6uP6seN%2FKGhfufEqvpq065cWsKarGrLNgPQ7g"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ba5b6283e05a019-AMS
expires: Mon, 02 Sep 2024 05:19:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 171ms
47ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3A400%7CRoboto%3A700&display=swap

Requested by

Host: winorama.store
URL: https://winorama.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3607d39c88e9c862e39cdb1b515311d9f896f0b308ef9c9be14f533de01207a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winorama.store/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Aug 2024 16:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 28 Aug 2024 16:34:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Aug 2024 16:34:55 GMT

GET
H3 200 style.css
smandorys.com/l/pl--a----2/wp-content/themes/tryvary/ 162 KB
25 KB 155ms
35ms Stylesheet
text/css 104.21.34.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smandorys.com/l/pl--a----2/wp-content/themes/tryvary/style.css?ver=1.0.0
Requested by: Host: winorama.store
URL: https://winorama.store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.34.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 009b47a969d8de13d6ac1f60791faccd19810d7759c64f3241696501140e887f

Request headers

Referer: https://winorama.store/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 16:34:55 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 622755
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Sep 2021 09:51:20 GMT
server: cloudflare
etag: W/"6139d918-28636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nuchFMzeEnQpEb1Q2PNryZ7zsGidVHB8O1iajnO1OYt0KlG5vMrQGt%2F597cm1y0P2AGoVRbO4cyiJvv0khG%2BHxCqXrNg7dcKBlMH0XL6yCxVtZ%2FSzn3VGFb0n%2BY3UChI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ba5b6283dfaa019-AMS
expires: Sat, 31 Aug 2024 11:35:40 GMT

GET
H3 200 bootstrap.bundle.min.js Show response
smandorys.com/l/pl--a----2/wp-content/themes/tryvary/assets/js/ 77 KB
22 KB 197ms
77ms Script
application/javascript 104.21.34.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smandorys.com/l/pl--a----2/wp-content/themes/tryvary/assets/js/bootstrap.bundle.min.js
Requested by: Host: winorama.store
URL: https://winorama.store/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.34.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2955219abcb2f853bcbbb5f6fd16fcc8b750b36dc962686279c9523f7a5e2f64

Request headers

Referer: https://winorama.store/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 16:34:55 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 492835
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Sep 2021 09:51:20 GMT
server: cloudflare
etag: W/"6139d918-1339d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WiZWvGIqyipoefaNudqE7mW6QX7QjJqHWv9sM5QtJSUSFItOI34r%2BeHQsTYCFUkmvn6q725PRBwe76zdQlcXYQmoyQSQXZjdbAJ5y7H35N60QuMusZH6acS2%2Fzc4WEsE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ba5b6283deea019-AMS
expires: Sun, 01 Sep 2024 23:41:00 GMT

GET
H2 200 piekna-kobieta-podczas-masazu-klasycznego-jpg.jpg
katalogmarzen.pl/img/artykuly/1/2019_06/ 87 KB
88 KB 196ms
73ms Image
image/jpeg 34.120.206.70
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://katalogmarzen.pl/img/artykuly/1/2019_06/piekna-kobieta-podczas-masazu-klasycznego-jpg.jpg

Requested by

Host: winorama.store
URL: https://winorama.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.206.70 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

70.206.120.34.bc.googleusercontent.com

Software

nginx/1.22.1 /

Resource Hash

279a68cfc516074d8bffa1892aa1f0a1884e41d8372588993e1a129ad7d253b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://winorama.store/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 16:34:55 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2019 08:03:22 GMT
server: nginx/1.22.1
etag: "5cf625ca-15d60"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89440

GET
H2 200 wnetrze-pokoju-do-masazu-w-happy-and-beauty.jpg
katalogmarzen.pl/upload/ 167 KB
167 KB 170ms
48ms Image
image/jpeg 34.120.206.70
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://katalogmarzen.pl/upload/wnetrze-pokoju-do-masazu-w-happy-and-beauty.jpg

Requested by

Host: winorama.store
URL: https://winorama.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.206.70 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

70.206.120.34.bc.googleusercontent.com

Software

nginx/1.22.1 /

Resource Hash

696131d509df3006f43cd047e9cde7fa7ab0e224bef4d77412d9a8a86776c79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://winorama.store/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 16:34:55 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 25 Jun 2019 12:53:37 GMT
server: nginx/1.22.1
etag: "5d121951-29af0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170736

GET aa71a993-956a-4e6c-82ef-fe1530f0c401
https://winorama.store/ 0
0

GET wp-emoji-release.min.js
smandorys.com/l/pl--a----2/wp-includes/js/ 0
0

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
32 KB 202ms
92ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%7CRoboto%3A700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winorama.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 07:12:53 GMT
x-content-type-options: nosniff
age: 206522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Aug 2025 07:12:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 136ms
28ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%7CRoboto%3A700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winorama.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 14:09:26 GMT
x-content-type-options: nosniff
age: 95129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Aug 2025 14:09:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 183ms
75ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%7CRoboto%3A700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winorama.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 14:26:58 GMT
x-content-type-options: nosniff
age: 94077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12304
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Aug 2025 14:26:58 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFYzr-tdg.woff2
fonts.gstatic.com/s/ptserif/v18/ 21 KB
21 KB 149ms
41ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFYzr-tdg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%7CRoboto%3A700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61fd2c7de39f437b7007d8cafb2e7c36fc2d4b7e9edd2147fe27458a0b97745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winorama.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 07:18:55 GMT
x-content-type-options: nosniff
age: 206160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21436
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Aug 2025 07:18:55 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFSzr-tdg.woff2
fonts.gstatic.com/s/ptserif/v18/ 22 KB
22 KB 189ms
89ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFSzr-tdg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%7CRoboto%3A700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089baa8e2efa0d4452f21704412d6f34aad7060c3aaa69cc7e661610f4048673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winorama.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 11:29:10 GMT
x-content-type-options: nosniff
age: 18345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22084
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Aug 2025 11:29:10 GMT

GET
H3 404 favicon.ico
winorama.store/ 548 B
556 B 63ms
62ms Other
text/html 172.67.139.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winorama.store/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://winorama.store/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 16:34:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pbSjjDPxDyPr%2BLHMkNF27bstq%2FkbrqDhWZmKpssgjeV0gH9em7ttfp4HB0ZOiYN5mQ56BMvfmuWCkpvWFE7PiQbwSmS5DHXfS0WQQEBq6nxuEv5AuR0TU1Sie5g6iqgLGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8ba5b62d9f6d670f-AMS
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: winorama.store
URL: blob:https://winorama.store/aa71a993-956a-4e6c-82ef-fe1530f0c401

Domain: smandorys.com
URL: http://smandorys.com/l/pl--a----2/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings number| uidEvent object| bootstrap

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			winorama.store/	1970-01-20 23:52:21	Name: _subid Value: 367iki33hss91
			winorama.store/	1970-01-20 23:09:09	Name: ac829 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE5OTUwXCI6MTcyNDg2Mjg5NH0sXCJjYW1wYWlnbnNcIjp7XCI2NDU4XCI6MTcyNDg2Mjg5NH0sXCJ0aW1lXCI6MTcyNDg2Mjg5NH0ifQ.l4hVhD4173Rkxymk3_zEfJ6tuN0iYujjEfUQeB2_vKU

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://winorama.store/(Line 201) Message: Mixed Content: The page at 'https://winorama.store/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://smandorys.com/l/pl--a----2/'. This endpoint should be made available over a secure connection.
security	error	URL: https://winorama.store/(Line 26) Message: Mixed Content: The page at 'https://winorama.store/' was loaded over HTTPS, but requested an insecure script 'http://smandorys.com/l/pl--a----2/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://winorama.store/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
katalogmarzen.pl
smandorys.com
winorama.store
smandorys.com
winorama.store
104.21.34.193
172.67.139.15
2a00:1450:4001:81d::200a
2a00:1450:4001:830::2003
34.120.206.70
009b47a969d8de13d6ac1f60791faccd19810d7759c64f3241696501140e887f
089baa8e2efa0d4452f21704412d6f34aad7060c3aaa69cc7e661610f4048673
279a68cfc516074d8bffa1892aa1f0a1884e41d8372588993e1a129ad7d253b5
2955219abcb2f853bcbbb5f6fd16fcc8b750b36dc962686279c9523f7a5e2f64
3607d39c88e9c862e39cdb1b515311d9f896f0b308ef9c9be14f533de01207a0
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
696131d509df3006f43cd047e9cde7fa7ab0e224bef4d77412d9a8a86776c79c
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d61fd2c7de39f437b7007d8cafb2e7c36fc2d4b7e9edd2147fe27458a0b97745
d8bb0bd11d380b583f90322e102a738ab766f4c0743f8131cead72e3a0bc21dc
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

winorama.store Open in urlscan Pro 172.67.139.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

87 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

434 kBTransfer

738 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

3 Console Messages

Indicators

winorama.store Open in urlscan Pro
172.67.139.15 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

434 kB
Transfer

738 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions