urlscan.io logo urlscan.io
SecurityTrails logo

winrisk.digital Open in urlscan Pro
107.180.113.218  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://winrisk.digital/
Submission: On October 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 45 HTTP transactions. The main IP is 107.180.113.218, located in Ashburn, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is winrisk.digital.
TLS certificate: Issued by R11 on October 8th 2024. Valid for: 3 months.
This is the only time winrisk.digital was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

IP Address AS Autonomous System
25 107.180.113.218 398101 (GO-DADDY-...)
1 2600:9000:25e... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 23.53.42.211 20940 (AKAMAI-ASN1)
1 104.18.27.50 13335 (CLOUDFLAR...)
1 18.66.102.11 16509 (AMAZON-02)
2 18.66.122.8 16509 (AMAZON-02)
2 34.107.203.234 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
1 13.33.187.74 16509 (AMAZON-02)
1 34.248.145.195 16509 (AMAZON-02)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
45 13
25    107.180.113.218 (Ashburn, United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 218.113.180.107.host.secureserver.net
winrisk.digital
1    2600:9000:25e8:2600:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tools.luckyorange.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    23.53.42.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-211.deploy.static.akamaitechnologies.com
img1.wsimg.com
1    104.18.27.50 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.mouseflow.com
1    18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com
2    18.66.122.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-8.fra60.r.cloudfront.net
web-sdk.smartlook.com
2    34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com
settings.luckyorange.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net
script.hotjar.com
1    34.248.145.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-145-195.eu-west-1.compute.amazonaws.com
content.hotjar.io
2    2a02:26f0:480:d::210:f149 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
4    2a02:26f0:3500:89a::228b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csp.secureserver.net
Apex Domain
Subdomains		 Transfer
25 winrisk.digital
winrisk.digital
542 KB
6 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 13177
csp.secureserver.net — Cisco Umbrella Rank: 13220
564 B
3 luckyorange.com
tools.luckyorange.com — Cisco Umbrella Rank: 14252
settings.luckyorange.com — Cisco Umbrella Rank: 14201
5 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 22280
22 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1177
61 KB
2 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 10296
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6755
171 B
1 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7549
50 KB
45 10
Domain Requested by
25 winrisk.digital winrisk.digital
4 csp.secureserver.net img1.wsimg.com
2 events.api.secureserver.net img1.wsimg.com
2 region1.google-analytics.com www.googletagmanager.com
2 settings.luckyorange.com tools.luckyorange.com
2 web-sdk.smartlook.com winrisk.digital
web-sdk.smartlook.com
2 img1.wsimg.com 1 redirects winrisk.digital
2 www.googletagmanager.com winrisk.digital
1 content.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com winrisk.digital
1 cdn.mouseflow.com winrisk.digital
1 tools.luckyorange.com winrisk.digital
45 13

This site contains no links.

Subject Issuer Validity Valid
cpanel.winrisk.digital
R11		 2024-10-08 -
2025-01-06		 3 months crt.sh
luckyorange.com
Amazon RSA 2048 M03		 2023-11-18 -
2024-12-15		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
cdn.mouseflow.com
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
web-sdk.smartlook.com
Amazon RSA 2048 M02		 2024-06-13 -
2025-07-12		 a year crt.sh
settings.luckyorange.com
R11		 2024-10-08 -
2025-01-06		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-01-31 -
2025-03-01		 a year crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2024-07-15 -
2025-08-16		 a year crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2023-10-10 -
2024-11-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://winrisk.digital/
Frame ID: C7A99E1A3818A0E914253648F2F593AE
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Windows code firewall0x268d3x0

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

98 %
HTTPS

38 %
IPv6

10
Domains

13
Subdomains

13
IPs

4
Countries

810 kB
Transfer

1571 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
winrisk.digital/ 		39 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
1a1acabee4bd1e79a57eb76c3a685b4fcf8b6ceb818b20c9e19fff3c0ef15b22

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-length
7234
content-type
text/html
date
Sun, 13 Oct 2024 10:29:36 GMT
etag
"820e6a-98e6-624005088b380-br"
last-modified
Wed, 09 Oct 2024 00:27:10 GMT
server
Apache
vary
Accept-Encoding
lo.js
tools.luckyorange.com/core/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/lo.js?site-id=ea5dba9c
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:2600:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
baedbe79b629b2650542bc6671300a75fc88aaacdfa3faed4975591fefaffa56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-encoding
gzip
etag
"cf826c613ca8817220b27ee016010218"
age
159
x-cache
Hit from cloudfront
x-amz-cf-id
skcpQ-N495jvcCCTiykpKTjXZA_5jccPAg5ImjOAVwSqbY6_xAzgQA==
date
Sun, 13 Oct 2024 10:26:58 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 19 Sep 2024 21:16:34 GMT
cache-control
max-age=3600
via
1.1 7cda9a7fe68f979d43fe743d9fbd0db4.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4675
x-amz-cf-pop
AMS1-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		322 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0C6ND76LGB
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9f4e600d5ddc3090cfa531e33093787807bc7ab16b0bee440fa089a877bd109f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 13 Oct 2024 10:29:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 13 Oct 2024 10:29:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109786
x-xss-protection
0
server
Google Tag Manager
bootstrap.min.css
winrisk.digital/cdn.jsdelivr.net/npm/bootstrap%404.6.0/dist/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/cdn.jsdelivr.net/npm/bootstrap%404.6.0/dist/css/bootstrap.min.css
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://winrisk.digital
Referer
https://winrisk.digital/

Response headers

content-length
315
date
Sun, 13 Oct 2024 10:29:36 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
jquery.min.js
winrisk.digital/cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-length
315
date
Sun, 13 Oct 2024 10:29:36 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
main.css
winrisk.digital/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/main.css
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
733b181fd322493d5a99f4d05e17fc4b1b29e8e0dea3a226c8498f38587b3640

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-encoding
br
etag
"820e7c-2f41-5ffeda704e080-br"
accept-ranges
bytes
content-length
2433
date
Sun, 13 Oct 2024 10:29:36 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
font-awesome.min.css
winrisk.digital/maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-length
315
date
Sun, 13 Oct 2024 10:29:36 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
jquery-1.4.4.min.js
winrisk.digital/code.jquery.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/code.jquery.com/jquery-1.4.4.min.js
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-length
315
date
Sun, 13 Oct 2024 10:29:36 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
background.png
winrisk.digital/ 		223 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winrisk.digital/background.png
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
0d3d36645ffc457b43e604a6e0e0dfde2b9d7eef5cbe9e179b2d30a05483ae2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

accept-ranges
bytes
content-length
228699
etag
"820e87-37d5b-5ffeda704e080"
date
Sun, 13 Oct 2024 10:29:36 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
content-type
image/png
server
Apache
minimize.jpg
winrisk.digital/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winrisk.digital/minimize.jpg
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
a05245b6f7fd752af4a7b0131bbdfdf3eaee6c5a25a81cb498e0f0759189473c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

accept-ranges
bytes
content-length
2247
etag
"820e7f-8c7-5ffeda704e080"
date
Sun, 13 Oct 2024 10:29:36 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
content-type
image/jpeg
server
Apache
microsoft.png
winrisk.digital/ 		700 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winrisk.digital/microsoft.png
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
81e528ea37468236da238a66c1539207d5eca2db4dbeb429bb0e67b80f04a9bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

accept-ranges
bytes
content-length
700
etag
"820e7e-2bc-5ffeda704e080"
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
content-type
image/png
server
Apache
setting.png
winrisk.digital/ 		364 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winrisk.digital/setting.png
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

accept-ranges
bytes
content-length
364
etag
"820e83-16c-5ffeda7236500"
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:20 GMT
content-type
image/png
server
Apache
que.png
winrisk.digital/ 		349 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winrisk.digital/que.png
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

accept-ranges
bytes
content-length
349
etag
"820e82-15d-5ffeda704e080"
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
content-type
image/png
server
Apache
virus-scan.png
winrisk.digital/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winrisk.digital/virus-scan.png
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

accept-ranges
bytes
content-length
25871
etag
"820e85-650f-5ffeda7236500"
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:20 GMT
content-type
image/png
server
Apache
bell.png
winrisk.digital/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winrisk.digital/bell.png
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

accept-ranges
bytes
content-length
1108
etag
"820e89-454-5ffeda704e080"
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
content-type
image/png
server
Apache
pc.png
winrisk.digital/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winrisk.digital/pc.png
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

accept-ranges
bytes
content-length
4949
etag
"820e81-1355-5ffeda704e080"
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
content-type
image/png
server
Apache
def.png
winrisk.digital/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winrisk.digital/def.png
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

accept-ranges
bytes
content-length
3834
etag
"820e8c-efa-5ffeda704e080"
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
content-type
image/png
server
Apache
cross.png
winrisk.digital/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winrisk.digital/cross.png
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

accept-ranges
bytes
content-length
44098
etag
"820e8b-ac42-5ffeda704e080"
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
content-type
image/png
server
Apache
virus-images.jpg
winrisk.digital/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winrisk.digital/virus-images.jpg
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

accept-ranges
bytes
content-length
8196
etag
"820e84-2004-5ffeda7236500"
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:20 GMT
content-type
image/jpeg
server
Apache
modernizr.html
winrisk.digital/ 		775 B
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/modernizr.html
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
96483d480ee9324767468b6d4d5066352dac3e1c359da7987a8a567def6570a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-encoding
br
etag
"820e80-141-600508f30fd00-br"
accept-ranges
bytes
content-length
432
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Wed, 12 Jul 2023 21:04:20 GMT
vary
Accept-Encoding
server
Apache
content-type
text/html
bootstrap.js
winrisk.digital/ 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/bootstrap.js
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://winrisk.digital
Referer
https://winrisk.digital/

Response headers

content-encoding
br
etag
"820e8a-1499a-5ffeda704e080-br"
accept-ranges
bytes
content-length
21001
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
fullscreen.js
winrisk.digital/ 		245 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/fullscreen.js
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-encoding
br
etag
"820e8d-f5-5ffeda704e080-br"
accept-ranges
bytes
content-length
123
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
before.js
winrisk.digital/ 		366 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/before.js
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-encoding
br
etag
"820e88-16e-5ffeda704e080-br"
accept-ranges
bytes
content-length
157
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
main.js
winrisk.digital/ 		1 KB
380 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/main.js
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
8d5d7f0a7361ea45135e12c3f9b4a9249abd119d0df47d83c765c2389410c389

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-encoding
br
etag
"820e7d-50a-5ffeda704e080-br"
accept-ranges
bytes
content-length
323
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
light.js
winrisk.digital/ 		503 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/light.js
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-encoding
br
etag
"820e7b-1f7-5ffeda704e080-br"
accept-ranges
bytes
content-length
204
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:18 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
105 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Server
23.53.42.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-encoding
gzip
x-amz-meta-version
0.4.7
etag
"6a7950cc31489069917bf817b62b2bfe"
x-amz-version-id
4pexUB2ckSZgPfbjokD3loiC8DEV2lsi
expires
Sun, 13 Oct 2024 10:59:37 GMT
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Tue, 24 Sep 2024 20:55:06 GMT
content-type
text/javascript
vary
Accept-Encoding
x-amz-id-2
QzDvbQPoC/yd79cRYoiDycnbcXh2pSFm1kZVkCYVTGf1LaJCMTtIuUb9W5RhaUG/ykPbw3BtR3s=
cache-control
max-age=1800
timing-allow-origin
*
x-amz-request-id
VGKSC2ZC5C6TW48G
accept-ranges
bytes
access-control-allow-origin
*
content-length
20968
x-amz-server-side-encryption
AES256

Redirect headers

expires
Mon, 13 Oct 2025 10:29:37 GMT
cache-control
max-age=31536000
location
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
content-length
0
access-control-allow-origin
*
date
Sun, 13 Oct 2024 10:29:37 GMT
timing-allow-origin
*
edf61398-6cc6-423b-9013-6cdc55242613.js
cdn.mouseflow.com/projects/ 		172 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/edf61398-6cc6-423b-9013-6cdc55242613.js
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d446a7b60d1f37cfc730f0cf4b13a0877a7553eb807fb7f2ec885027e1085dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
HIT
etag
W/"e15db85cac66da1:0"
age
76753
x-mf-country
DE
x-content-type-options
nosniff
expires
Mon, 14 Oct 2024 10:29:37 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 10:29:37 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Fri, 23 Feb 2024 23:02:23 GMT
x-cache-status
MISS
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-mf-continent
EU
cache-control
public, max-age=86400
cf-ray
8d1ea64dad0390e2-FRA
access-control-allow-origin
*
x-mf-script-region
enforced-privacy
server
cloudflare
hotjar-3584119.js
static.hotjar.com/c/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3584119.js?sv=6
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
fb399960fc199d6d9c917379b9aaa97685de9d02604799dfdc224738666675d9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/37903dc8bbbe633be95432ec37a9e6ae
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
x-amz-cf-id
uHXQ2mhRVpQWI8PxqTNcK2aENdVEKkBd_DbVwTkfBaoj5wIcuYIb_g==
date
Sun, 13 Oct 2024 10:29:37 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
recorder.js
web-sdk.smartlook.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-8.fra60.r.cloudfront.net
Software
/
Resource Hash
97dcb6a96015a160afbdb07b726513ec3cedb87b2d92ecaa8afe98e853c74729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-encoding
gzip
etag
W/"66e83fcf-17d1"
age
1740
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Y7bm7BcPcdt7EM5L8wSKDPB2S-RcdYB2elfaCaOPVENrGGyRdXuaAA==
date
Sun, 13 Oct 2024 10:00:37 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 14:25:19 GMT
vary
Accept-Encoding, Origin
strict-transport-security
max-age=31536000, max-age=31536000
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
ea5dba9c
settings.luckyorange.com/ 		149 B
239 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/ea5dba9c
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=ea5dba9c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash
3ab670e2aed1fcca69badb78fb9d06bdbf72e9d442121c0b24c0f9290306a64e

Request headers

x-lucky-uid
undefined
Referer
https://winrisk.digital/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-lucky-referrer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://winrisk.digital
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
date
Sun, 13 Oct 2024 10:29:37 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
ea5dba9c
settings.luckyorange.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/ea5dba9c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://winrisk.digital
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://winrisk.digital
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 13 Oct 2024 10:29:37 GMT
via
1.1 google
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0C6ND76LGB&gtm=45je4a90v9135428356za200&_p=1728815376827&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101671035~101686685&cid=667201074.1728815377&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728815377&sct=1&seg=0&dl=https%3A%2F%2Fwinrisk.digital%2F&dt=Windows%20code%20firewall0x268d3x0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1759
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0C6ND76LGB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://winrisk.digital
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 13 Oct 2024 10:29:37 GMT
content-type
text/plain
server
Golfe2
wa0lDErtm0s.mp3
winrisk.digital/ 		196 KB
196 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/wa0lDErtm0s.mp3
Requested by
Host: winrisk.digital
URL: https://winrisk.digital/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Request headers

Referer
https://winrisk.digital/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"820e86-31080-5ffeda7236500"
Content-Range
bytes 0-200831/200832
accept-ranges
bytes
Content-Length
200832
date
Sun, 13 Oct 2024 10:29:37 GMT
last-modified
Fri, 07 Jul 2023 23:04:20 GMT
vary
Accept-Encoding
server
Apache
content-type
audio/mpeg
init.ad44f664f3f5036296b3.js
web-sdk.smartlook.com/es6/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.ad44f664f3f5036296b3.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.122.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-8.fra60.r.cloudfront.net
Software
/
Resource Hash
04141afdab689e2b012ca83a927304631f08e9b9b7363fe2791668d6be5c73b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://winrisk.digital
Referer
https://winrisk.digital/

Response headers

content-encoding
br
etag
W/"66e83fcf-11b2f"
age
2073395
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
6pwoX4fvC7cOxLkRaYJbGrQGLUFOQkPnFoIHBiHFqAEEuBLHHMGd3Q==
date
Thu, 19 Sep 2024 10:33:01 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 14:25:19 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000, max-age=31536000
cache-control
public, max-age=31536000, immutable
cross-origin-resource-policy
cross-origin
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P2
modules.720d0264984b164946ff.js
script.hotjar.com/ 		224 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.720d0264984b164946ff.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3584119.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-74.fra60.r.cloudfront.net
Software
/
Resource Hash
c1eec6939693de2560a7cd2cb9bd833745efddbaa9887d4fa32464c44a3fbd33
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

x-robots-tag
none
content-encoding
br
etag
"2bc2d25972a7d1d4abf498f97b5d89f1"
age
335431
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
mrSDhZ9AmEmSEUKeJVAPJR5x0v9L86E4aYa_X-iTHOcW6k8GKdusCw==
date
Wed, 09 Oct 2024 13:19:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 09 Oct 2024 13:18:39 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56538
x-amz-cf-pop
FRA60-P9
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3584119&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.720d0264984b164946ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.248.145.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-145-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
99bd86b8c864022e9d967289577167ccdc592c09544b3b07c17fd63288b20a21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://winrisk.digital/

Response headers

access-control-max-age
86400
access-control-allow-origin
*
content-length
56
date
Sun, 13 Oct 2024 10:29:38 GMT
content-type
application/json
event
events.api.secureserver.net/t/1/tl/ 		43 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=winrisk.digital&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.7&vg=c3b4daa4-ff87-44bb-88e7-5ef70a4e8997&vtg=c3b4daa4-ff87-44bb-88e7-5ef70a4e8997&dp=%2F&trace_id=b36fb4cfc2b345dc9a44f2ec6d35a423&cts=2024-10-13T10%3A29%3A37.966Z&hit_id=24e92d71-f082-4165-b9f9-e64640c399ef&ht=pageview&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl505204%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%2210080879%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=596903933&z=637028463
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:d::210:f149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-robots-tag
noindex, nofollow
cache-control
private
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://winrisk.digital
content-length
43
x-xss-protection
1; mode=block
date
Sun, 13 Oct 2024 10:29:39 GMT
content-type
image/gif
x-frame-options
DENY
a
www.googletagmanager.com/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=1642002144&rv=4a90&tag_exp=101533422~101671035~101686685&u=AAAAAAAAAAAAACCA&h=Ag&gtm=45je4a90v9135428356za200&ccid=135428356&cid=G-0C6ND76LGB&l=L1338.S21.Y11.B138.E2079.I2483.EC7.TC15.HTC0~gtm.init.S15.V0.E135.TS5ogt1pdatav2.TI4.TE4.TS5ccdgalast.TI6.TE0.TS5ccdautoredact.TI7.TE0.TS5ccdconversionmarking.TI8.TE0.TS5ccdemvideo.TI9.TE0.TS5ccdemsitesearch.TI10.TE0.TS5ccdemscroll.TI11.TE0.TS5ccdempageview.TI12.TE0.TS5ccdemoutboundclick.TI13.TE0.TS5ccdemform.TI14.TE0.TS5ccdemdownload.TI15.TE1.TS5ccdgaregscope.TI16.TE8.TS5setproductsettings.TI17.TE0.TS5ccdgafirst.TI18.TE0~gtm.js.S4.V0.E98.TS5gct.TI1.TE0~*~gtm.scrollDepth.S0.V0.E17~gtm.dom.S0.V0.E1~gtm.load.S0.V0.E15~gtm.init_consent.S19.V18.E137~GA420.437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sun, 13 Oct 2024 10:29:39 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
event
events.api.secureserver.net/t/1/tl/ 		43 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=winrisk.digital&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.7&vg=c3b4daa4-ff87-44bb-88e7-5ef70a4e8997&vtg=c3b4daa4-ff87-44bb-88e7-5ef70a4e8997&dp=%2F&trace_id=b36fb4cfc2b345dc9a44f2ec6d35a423&cts=2024-10-13T10%3A29%3A39.175Z&hit_id=f38afd85-e8fe-41ee-b32a-4d3365a0c286&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl505204%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%2210080879%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=596903933&z=403168952&tce=1728815376239&tcs=1728815375807&tdc=1728815379171&tdclee=1728815377972&tdcles=1728815377972&tdi=1728815377972&tdl=1728815376620&tdle=1728815375757&tdls=1728815375489&tfs=1728815375488&tns=1728815375488&trqs=1728815376275&tre=1728815376587&trps=1728815376501&tles=1728815379171&tlee=0&nt=navigate&LCP=2441&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:d::210:f149 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-robots-tag
noindex, nofollow
cache-control
private
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://winrisk.digital
content-length
43
x-xss-protection
1; mode=block
date
Sun, 13 Oct 2024 10:29:39 GMT
content-type
image/gif
x-frame-options
DENY
favicon.ico
winrisk.digital/ 		315 B
366 B 		Other
General
Check archive.org
Download Go to
Full URL
https://winrisk.digital/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.113.218 Ashburn, United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
218.113.180.107.host.secureserver.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

content-length
315
date
Sun, 13 Oct 2024 10:29:39 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
eventbus
csp.secureserver.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89a::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Authorization
api-key b18ef4f046435b64a469b32c3c1c20a3
Referer
https://winrisk.digital/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
Cache-Control
max-age=0, no-cache, no-store
x-amz-apigw-id
flYbJGz8oAMEIwA=
x-envoy-upstream-service-time
87
Pragma
no-cache
x-amzn-trace-id
Root=1-670ba113-0793ee47276ce50d0d41e6f6
Connection
keep-alive
x-amzn-requestid
32b3a47e-ab96-48d7-bd4d-01b9f9fab953
Expires
Sun, 13 Oct 2024 10:29:39 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sun, 13 Oct 2024 10:29:39 GMT
Content-Type
application/json
eventbus
csp.secureserver.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89a::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Authorization
api-key 8da2217409854bee82e12dc4ca0b39fb
Referer
https://winrisk.digital/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
Cache-Control
max-age=0, no-cache, no-store
x-amz-apigw-id
flYbJHj3oAMEkEA=
x-envoy-upstream-service-time
85
Pragma
no-cache
x-amzn-trace-id
Root=1-670ba113-191c0e6f052dc71e4f417dca
Connection
keep-alive
x-amzn-requestid
23c632e9-e6de-44c6-8bfa-c60694134b34
Expires
Sun, 13 Oct 2024 10:29:39 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sun, 13 Oct 2024 10:29:39 GMT
Content-Type
application/json
eventbus
csp.secureserver.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89a::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://winrisk.digital
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Sun, 13 Oct 2024 10:29:39 GMT
Expires
Sun, 13 Oct 2024 10:29:39 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
flYbHHbmoAMEJyg=
x-amzn-requestid
5e2d7ddd-dd29-4d0c-93b7-45040b4e2e16
x-amzn-trace-id
Root=1-670ba113-5e3529a40f37660b2711a85a
x-envoy-upstream-service-time
5
eventbus
csp.secureserver.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89a::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://winrisk.digital
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Sun, 13 Oct 2024 10:29:39 GMT
Expires
Sun, 13 Oct 2024 10:29:39 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
flYbHFqSoAMEa6g=
x-amzn-requestid
1a53e0ef-e8c3-449f-a8bc-e68eee967806
x-amzn-trace-id
Root=1-670ba113-55e0b1da5d390f181056123a
x-envoy-upstream-service-time
6
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0C6ND76LGB&gtm=45je4a90v9135428356za200&_p=1728815376827&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101671035~101686685&cid=667201074.1728815377&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1728815377&sct=1&seg=0&dl=https%3A%2F%2Fwinrisk.digital%2F&dt=Windows%20code%20firewall0x268d3x0&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6777
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0C6ND76LGB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winrisk.digital/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://winrisk.digital
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 13 Oct 2024 10:29:42 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer object| _mfq function| hj object| _hjSettings function| smartlook object| LO object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| getVariableFromURl object| bootstrap boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow function| addEvent object| _trfd object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| scc-c2 object| webpackChunk_smartlook_recorder object| _trfq

7 Cookies

Domain/Path Name / Value
.winrisk.digital/ Name: _ga
Value: GA1.1.667201074.1728815377
.winrisk.digital/ Name: _ga_0C6ND76LGB
Value: GS1.1.1728815377.1.0.1728815377.0.0.0
.winrisk.digital/ Name: _tccl_visitor
Value: c3b4daa4-ff87-44bb-88e7-5ef70a4e8997
.winrisk.digital/ Name: _tccl_visit
Value: c3b4daa4-ff87-44bb-88e7-5ef70a4e8997
.winrisk.digital/ Name: _scc_session
Value: pc=1&C_TOUCH=2024-10-13T10:29:37.965Z
.winrisk.digital/ Name: _hjSessionUser_3584119
Value: eyJpZCI6ImM1MWI3NzFlLTgzZTctNWFjYi1hODUzLWI5NjczMDkwYWJhMiIsImNyZWF0ZWQiOjE3Mjg4MTUzNzgxMjIsImV4aXN0aW5nIjp0cnVlfQ==
.winrisk.digital/ Name: _hjSession_3584119
Value: eyJpZCI6ImVjM2U2OWNlLWI3MTEtNDU0Yy04YTI3LTE2MDI0YjY2ODFjMiIsImMiOjE3Mjg4MTUzNzgxMjMsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

5 Console Messages

Source Level URL
Text
network error URL: https://winrisk.digital/cdn.jsdelivr.net/npm/bootstrap%404.6.0/dist/css/bootstrap.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://winrisk.digital/maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://winrisk.digital/code.jquery.com/jquery-1.4.4.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://winrisk.digital/cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://winrisk.digital/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mouseflow.com
content.hotjar.io
csp.secureserver.net
events.api.secureserver.net
img1.wsimg.com
region1.google-analytics.com
script.hotjar.com
settings.luckyorange.com
static.hotjar.com
tools.luckyorange.com
web-sdk.smartlook.com
winrisk.digital
www.googletagmanager.com
104.18.27.50
107.180.113.218
13.33.187.74
18.66.102.11
18.66.122.8
2001:4860:4802:32::36
23.53.42.211
2600:9000:25e8:2600:18:6c16:27c0:93a1
2a00:1450:4001:82f::2008
2a02:26f0:3500:89a::228b
2a02:26f0:480:d::210:f149
34.107.203.234
34.248.145.195
04141afdab689e2b012ca83a927304631f08e9b9b7363fe2791668d6be5c73b0
0d3d36645ffc457b43e604a6e0e0dfde2b9d7eef5cbe9e179b2d30a05483ae2b
1a1acabee4bd1e79a57eb76c3a685b4fcf8b6ceb818b20c9e19fff3c0ef15b22
1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49
31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701
3ab670e2aed1fcca69badb78fb9d06bdbf72e9d442121c0b24c0f9290306a64e
3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887
43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0
5d446a7b60d1f37cfc730f0cf4b13a0877a7553eb807fb7f2ec885027e1085dc
733b181fd322493d5a99f4d05e17fc4b1b29e8e0dea3a226c8498f38587b3640
81e528ea37468236da238a66c1539207d5eca2db4dbeb429bb0e67b80f04a9bb
8d5d7f0a7361ea45135e12c3f9b4a9249abd119d0df47d83c765c2389410c389
96483d480ee9324767468b6d4d5066352dac3e1c359da7987a8a567def6570a2
97dcb6a96015a160afbdb07b726513ec3cedb87b2d92ecaa8afe98e853c74729
99bd86b8c864022e9d967289577167ccdc592c09544b3b07c17fd63288b20a21
9f4e600d5ddc3090cfa531e33093787807bc7ab16b0bee440fa089a877bd109f
a05245b6f7fd752af4a7b0131bbdfdf3eaee6c5a25a81cb498e0f0759189473c
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e
baedbe79b629b2650542bc6671300a75fc88aaacdfa3faed4975591fefaffa56
c1eec6939693de2560a7cd2cb9bd833745efddbaa9887d4fa32464c44a3fbd33
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb399960fc199d6d9c917379b9aaa97685de9d02604799dfdc224738666675d9
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65