client2.winvestock.com Open in urlscan Pro
167.235.135.175  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response client2.winvestock.com/	5 KB 2 KB	53ms 4ms	Document text/html	167.235.135.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://client2.winvestock.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.235.135.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.175.135.235.167.clients.your-server.de Software nginx / Resource Hash 6756d481ae880d33e8ef63e429d25fa464a63b7750491c6fd99e0ee32be5f998 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=utf-8 date Fri, 09 Sep 2022 10:27:18 GMT etag W/"631b14e4-156e" last-modified Fri, 09 Sep 2022 10:26:44 GMT server nginx vary Accept-Encoding
GET H2	200	app.css wd.supracrm.com/clientarea/css/	22 KB 6 KB	148ms 78ms	Stylesheet text/css	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wd.supracrm.com/clientarea/css/app.css?v=1 Requested by Host: client2.winvestock.com URL: https://client2.winvestock.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 490480fada4c484832724dd4bf6f3b198069a675c110e684204e47bbe646766f Request headers accept-language de-DE,de;q=0.9 Referer https://client2.winvestock.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:27:18 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 03 Dec 2021 09:06:16 GMT server cloudflare etag W/"61a9de08-58df" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLQ3UczjB2OYqidsuIKxeLQTvTL4CzcXPcPplQdtzjH2q2%2F3S7BBksuLj8VcuoZnHAlxG1xmqHjX3wR3KcQTLjMEFdGYUluH3HU%2FRCFlaMJfzyyAEW2Zf0rMykjRYt5hGPJ9MTojQGNUU8%2BPStM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=315360000 access-control-allow-credentials true cf-ray 747f3b076ac9bb7a-FRA access-control-allow-headers * expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	404	style.css client2.winvestock.com/	0 0	5ms 4ms	Stylesheet text/html	167.235.135.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://client2.winvestock.com/style.css Requested by Host: client2.winvestock.com URL: https://client2.winvestock.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.235.135.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.175.135.235.167.clients.your-server.de Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://client2.winvestock.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:27:18 GMT content-encoding gzip server nginx etag W/"631b14bf-ce6" vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/	85 KB 27 KB	32ms 13ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js Requested by Host: client2.winvestock.com URL: https://client2.winvestock.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin https://client2.winvestock.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:27:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1567909 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27277 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-15283" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cr2XTa%2FgEW%2FIBTeu%2BoUPNKFQfndeujQRF14sQhcZ21cv4Ifjqxm%2BEhxYKHALklIEix4Egau66iaYGujrhg3YxmzN5vcxnZq5xGY0SRjRNy7wCLKAf4aTJkhpOdIgqdYA6B3ESqokb9YBBpZko7uf6HOU"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 747f3b0718625c85-FRA expires Wed, 30 Aug 2023 10:27:18 GMT
GET H2	200	jquery.fancybox.min.css cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/	12 KB 3 KB	47ms 28ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css Requested by Host: client2.winvestock.com URL: https://client2.winvestock.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://client2.winvestock.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:27:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 278616 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2695 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:00 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e58-31fb" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nFGyf7GMzz1bUu4Xim0N%2BG3qphE7OZ9cuREJf5%2BFC0rSq1ahaQqrpCCNqFrMCQuZ12u%2B5tS2rOFL3K5leB05ZYnFQl4Xh0a8AaTo1BtOU8oEc%2ByKEhKjPDWT3JW4z2gGb0JHXkQX2yHCQVu8R%2FOsUA9"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 747f3b071a3a9a18-FRA expires Wed, 30 Aug 2023 10:27:18 GMT
GET H2	200	jquery.fancybox.min.js Show response cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/	67 KB 19 KB	42ms 23ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js Requested by Host: client2.winvestock.com URL: https://client2.winvestock.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://client2.winvestock.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:27:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 63200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 19249 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:00 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e58-10a9d" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAj8ZhpPSxO%2BoPiS1Ap5p3JU%2FFPea48nIVG%2Br7AHUNm9BM%2FKR8mOQMs38LDYSND9lz4KqsSYpy1fxWZ5ukhJsi926Z%2FxumWNqWcblq1Pg9%2FcpMbSnnzEVxGX%2F0CrCgAXw6a1vpHd8wuyEQXkIhTgbgyr"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 747f3b071a3f9a18-FRA expires Wed, 30 Aug 2023 10:27:18 GMT
GET H2	200	sign-up-form Show response wd.supracrm.com/	1 KB 1 KB	220ms 151ms	Script text/html	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wd.supracrm.com/sign-up-form?token=cU9L9f4Za0RVpASAgcaeta89Req3RgazH1o9pSlHGbqKXa Requested by Host: client2.winvestock.com URL: https://client2.winvestock.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bc5d4c1935448da4070cc0a5207bee993327804900beecd77d4153026494bae Request headers Referer https://client2.winvestock.com/ Origin https://client2.winvestock.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:27:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma no-cache server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDOC9qyOE750Obw7xqY2CeUwCxYS6E5SHT%2Fe42Nf%2ByHpvfOY44LFrrHI6np47R9f%2Bk0crqvXIte5l1E47Z55qQu4I4tXIZLk0IVMdL4Adi5SnQd%2BRkgLJgCZw8WRsH%2BX04Zkx8yiZL3da%2BMFYgQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, must-revalidate access-control-allow-credentials true cf-ray 747f3b07688fbb41-FRA access-control-allow-headers * expires -1
GET H2	200	app.js Show response wd.supracrm.com/clientarea/scripts/	555 KB 150 KB	218ms 150ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wd.supracrm.com/clientarea/scripts/app.js Requested by Host: client2.winvestock.com URL: https://client2.winvestock.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 478a05321fcf74cf7df4af018f3ddf739d109a4e815415806b51fb50f039f745 Request headers accept-language de-DE,de;q=0.9 Referer https://client2.winvestock.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:27:18 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 07 Jul 2022 14:28:53 GMT server cloudflare etag W/"62c6eda5-8ac71" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBjXPwr9nBh8vZBuAnbeKEzam07h48nMBO5oQxTUkKT63hn9ytcHC%2BYdMkmVjYvr%2BCj2KiU2k%2BWJTblPV4K5nYerUS2QJM8GED4Pab5Mg18ch4Fzpn0kHTzClNvXLscmql%2FB9Xx56%2B%2BQWiDW8Ek%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 access-control-allow-credentials true cf-ray 747f3b076acbbb7a-FRA access-control-allow-headers * expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	css2 fonts.googleapis.com/	6 KB 1 KB	41ms 17ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;700&display=swap Requested by Host: wd.supracrm.com URL: https://wd.supracrm.com/clientarea/css/app.css?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1d189d5d1473072b4379d9b0714d2640a979099c205524bad45706ce75585295 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wd.supracrm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 09 Sep 2022 09:44:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 09 Sep 2022 10:27:18 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 09 Sep 2022 10:27:18 GMT
GET H2	200	app.js Show response wd.supracrm.com/plugins/bm/widget/assets/signupform/scripts/	425 KB 115 KB	23ms 22ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wd.supracrm.com/plugins/bm/widget/assets/signupform/scripts/app.js?ver=1.0.0 Requested by Host: wd.supracrm.com URL: https://wd.supracrm.com/sign-up-form?token=cU9L9f4Za0RVpASAgcaeta89Req3RgazH1o9pSlHGbqKXa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e777f4783ba5505f03379a1ecf115a52c83241225e21b99715438737f929d888 Request headers accept-language de-DE,de;q=0.9 Referer https://client2.winvestock.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:27:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 32 access-control-allow-methods * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 27 Jun 2022 10:44:15 GMT server cloudflare etag W/"62b989ff-6a249" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufFe%2BJoxvoqMU8OyrcGy27L4IPlcNBHfH5z9qJgEUIkFBneBGivs7LEVdzMErSeZ4WOfSSJf94sOaBBz0Nxqe7ScKIZQf%2BdAkCXsf0CkCDaqFqRRrmDlMch5rcqG80%2BUsKOcCaMMZaRLozW2ldM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 access-control-allow-credentials true cf-ray 747f3b086c2abb7a-FRA access-control-allow-headers * cf-bgj minify
GET H2	200	app.css wd.supracrm.com/plugins/bm/widget/assets/signupform/styles/	25 KB 4 KB	20ms 20ms	Stylesheet text/css	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wd.supracrm.com/plugins/bm/widget/assets/signupform/styles/app.css?ver=1.0.0 Requested by Host: wd.supracrm.com URL: https://wd.supracrm.com/sign-up-form?token=cU9L9f4Za0RVpASAgcaeta89Req3RgazH1o9pSlHGbqKXa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a830439e70db9a3798b554ed40fab1439bbe853206e5e6e366c19953ce5470c1 Request headers accept-language de-DE,de;q=0.9 Referer https://client2.winvestock.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:27:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 32 cf-polished origSize=25240 access-control-allow-methods * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 03 Dec 2021 07:11:58 GMT server cloudflare etag W/"61a9c33e-6298" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvZVKMzSV0V5Ni1BQVSfrDOUAnqKQm%2BtxnhPKshJxHdJvy0gaYFvcOxfgWkitYTLu263XoNQK2Q%2Ft06X4A4x4QSF6dQjr8ssswIPUX1URyIPcPuAeNbfHgblE6zQSJ6CtaxvxgyJLkyXv92S6T4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 access-control-allow-credentials true cf-ray 747f3b086c2bbb7a-FRA access-control-allow-headers * cf-bgj minify
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	32ms 8ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://client2.winvestock.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Mon, 05 Sep 2022 19:07:55 GMT x-content-type-options nosniff age 314363 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 05 Sep 2023 19:07:55 GMT
GET H3	200	css2 fonts.googleapis.com/	6 KB 688 B	34ms 17ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap Requested by Host: wd.supracrm.com URL: https://wd.supracrm.com/plugins/bm/widget/assets/signupform/styles/app.css?ver=1.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 48f3941ff683ad084b452d3409e9afa51399c151e3a8a3599070f6d58e25d243 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wd.supracrm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 09 Sep 2022 09:17:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 09 Sep 2022 10:27:18 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 09 Sep 2022 10:27:18 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	916 B 996 B	41ms 17ms	Script text/javascript	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit Requested by Host: wd.supracrm.com URL: https://wd.supracrm.com/plugins/bm/widget/assets/signupform/scripts/app.js?ver=1.0.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 99323202095f07374d0d12a4f156107930c0f161d4da3a7cfef949d16ac8378b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://client2.winvestock.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:27:18 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 583 x-xss-protection 1; mode=block expires Fri, 09 Sep 2022 10:27:18 GMT
POST H3	200	get-count-requests Show response wd.supracrm.com/sign-up-form/	21 B 545 B	178ms 151ms	XHR text/html	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wd.supracrm.com/sign-up-form/get-count-requests?token=cU9L9f4Za0RVpASAgcaeta89Req3RgazH1o9pSlHGbqKXa Requested by Host: wd.supracrm.com URL: https://wd.supracrm.com/plugins/bm/widget/assets/signupform/scripts/app.js?ver=1.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3bffe983433b67911cb580ba1e69b9c31d95516c8a8cda2ee9f0d12f013bd45 Request headers Accept application/json, text/plain, */* Referer https://client2.winvestock.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:27:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma no-cache server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1o%2Bp4ddyG0ahuW3J4GZqezuQz1xHZEV6h9bVdckneq44WWrUNrp0sHxAXgzdz0aVdnMrkPz37HJjXeH0SpklIuy02YoLtwyLSu8WNJeuzk2kosz7TUlpfHOTNPUrrNjUTXddrpZP4LkUaLpzlE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, must-revalidate access-control-allow-credentials true cf-ray 747f3b096edfbbec-FRA access-control-allow-headers * expires -1
GET H/1.1	200 OK	s Show response ip2c.org/	16 B 217 B	164ms 50ms	XHR text/html	77.55.216.90 NAZWA
General Check archive.org Show headers Download Go to Full URL https://ip2c.org/s Requested by Host: wd.supracrm.com URL: https://wd.supracrm.com/plugins/bm/widget/assets/signupform/scripts/app.js?ver=1.0.0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 77.55.216.90 , Poland, ASN15967 (NAZWA, PL), Reverse DNS dedicated-aii90.rev.nazwa.pl Software nginx / Resource Hash 7078ee46e8af3a161a3fba62f74bab02ebf7ca34b6df175e44d99038d2cf89df Request headers Accept application/json, text/plain, */* Referer https://client2.winvestock.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 09 Sep 2022 10:27:18 GMT Server nginx Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	logo.png winvestock.com/images/	17 KB 17 KB	285ms 247ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winvestock.com/images/logo.png Requested by Host: client2.winvestock.com URL: https://client2.winvestock.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58a0591bf34c87d2d885469e22bdfedfa3d29a9be6d15a4d81351984f3bf6644 Request headers accept-language de-DE,de;q=0.9 Referer https://client2.winvestock.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:27:18 GMT cf-cache-status MISS last-modified Tue, 06 Sep 2022 13:26:50 GMT server cloudflare etag "43d0-5e802261ad065" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1qvTgN9REwXL8va%2FS2P%2BzR9zyYhf0PR%2BgAsJ9NDh9sfLWr2NfC8cABGibFcBoFd98tJ%2BR7OSX5d3XJz7GN3IhK%2B9sY0KrnMc3TCysZvzkQgO8Bp%2FNzpS6S7OHkdCjPR0bv2w6pYYcEB20lE4g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=300 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 747f3b098a9e9b9b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17360
GET DATA	200 OK	truncated /	355 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bce750ed5aeb4bd7f19f46246775e87b56dbd2dbea8ebd237ea18d2236a1b71e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/	392 KB 157 KB	48ms 10ms	Script text/javascript	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://client2.winvestock.com/ Origin https://client2.winvestock.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:18:15 GMT content-encoding gzip x-content-type-options nosniff age 543 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 159560 x-xss-protection 0 last-modified Fri, 02 Sep 2022 18:40:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 09 Sep 2023 10:18:15 GMT

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| script object| style string| signUpToken object| App function| getUserAccounts object| clientAreaSettings object| clientAreaEvents function| loginSuccessCallback function| logoutCallback function| clickJoinUsCallback function| selectAccount function| createAccountsList function| setImmediate function| clearImmediate function| Vue object| Vuex function| claxios object| Moment boolean| loginSuccess function| axios object| intlTelInputGlobals object| intlTelInputUtils function| vueRecaptchaApiLoaded object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://client2.winvestock.com/style.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
client2.winvestock.com
fonts.googleapis.com
fonts.gstatic.com
ip2c.org
wd.supracrm.com
winvestock.com
www.google.com
www.gstatic.com
167.235.135.175
2606:4700::6811:180e
2a00:1450:4001:806::2003
2a00:1450:4001:808::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a06:98c1:3120::c
77.55.216.90
1d189d5d1473072b4379d9b0714d2640a979099c205524bad45706ce75585295
478a05321fcf74cf7df4af018f3ddf739d109a4e815415806b51fb50f039f745
48f3941ff683ad084b452d3409e9afa51399c151e3a8a3599070f6d58e25d243
490480fada4c484832724dd4bf6f3b198069a675c110e684204e47bbe646766f
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
58a0591bf34c87d2d885469e22bdfedfa3d29a9be6d15a4d81351984f3bf6644
5bc5d4c1935448da4070cc0a5207bee993327804900beecd77d4153026494bae
6756d481ae880d33e8ef63e429d25fa464a63b7750491c6fd99e0ee32be5f998
7078ee46e8af3a161a3fba62f74bab02ebf7ca34b6df175e44d99038d2cf89df
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
99323202095f07374d0d12a4f156107930c0f161d4da3a7cfef949d16ac8378b
a830439e70db9a3798b554ed40fab1439bbe853206e5e6e366c19953ce5470c1
bce750ed5aeb4bd7f19f46246775e87b56dbd2dbea8ebd237ea18d2236a1b71e
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088
e777f4783ba5505f03379a1ecf115a52c83241225e21b99715438737f929d888
f3bffe983433b67911cb580ba1e69b9c31d95516c8a8cda2ee9f0d12f013bd45
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615