s.winnerlinks.net
Open in
urlscan Pro
94.237.93.242
Public Scan
Submitted URL: https://zyd20030.submittrk6.com/
Effective URL: https://s.winnerlinks.net/win_gift?tid=5yxu23mpj5q8wcpn1xykowoww,16998713,5,10263&flow=app&ctrack=1684358244.980359423&p=1...
Submission Tags: https://phish.report @phish_report Search All
Submission: On May 17 via api from FI — Scanned from FI
Effective URL: https://s.winnerlinks.net/win_gift?tid=5yxu23mpj5q8wcpn1xykowoww,16998713,5,10263&flow=app&ctrack=1684358244.980359423&p=1...
Submission Tags: https://phish.report @phish_report Search All
Submission: On May 17 via api from FI — Scanned from FI
Summary
This website contacted 3 IPs
in 3 countries
across 6 domains to perform 12 HTTP transactions.
The main IP is 94.237.93.242, located in
Finland and
belongs to UPCLOUD, FI.
The main domain is s.winnerlinks.net.
TLS certificate: Issued by R3 on April 4th 2023. Valid for: 3 months.
This is the only time s.winnerlinks.net was scanned on urlscan.io!
TLS certificate: Issued by R3 on April 4th 2023. Valid for: 3 months.
This is the only time s.winnerlinks.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 2 | 34.22.240.62 34.22.240.62 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 1 | 18.193.209.105 18.193.209.105 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 1 | 94.237.103.119 94.237.103.119 | 202053 (UPCLOUD) (UPCLOUD) | |
| 10 | 94.237.93.242 94.237.93.242 | 202053 (UPCLOUD) (UPCLOUD) | |
| 1 | 46.4.4.66 46.4.4.66 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 12 | 3 |
2
34.22.240.62
(Brussels, Belgium)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.240.22.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.240.22.34.bc.googleusercontent.com
| zyd20030.submittrk6.com | |
| duct.infralead.net |
1
18.193.209.105
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com
| pridecor-pamins.com |
1
94.237.103.119
(Finland)
ASN202053 (UPCLOUD, FI)
PTR: 94-237-103-119.de-fra1.upcloud.host
ASN202053 (UPCLOUD, FI)
PTR: 94-237-103-119.de-fra1.upcloud.host
| 12663c35b931.tc-network.net |
10
94.237.93.242
(Finland)
ASN202053 (UPCLOUD, FI)
PTR: 94-237-93-242.de-fra1.upcloud.host
ASN202053 (UPCLOUD, FI)
PTR: 94-237-93-242.de-fra1.upcloud.host
| s.winnerlinks.net |
1
46.4.4.66
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.66.4.4.46.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.66.4.4.46.clients.your-server.de
| api.app4dw.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
winnerlinks.net
s.winnerlinks.net |
119 KB |
| 1 |
app4dw.com
api.app4dw.com |
301 B |
| 1 |
tc-network.net
1 redirects
12663c35b931.tc-network.net |
1009 B |
| 1 |
pridecor-pamins.com
1 redirects
pridecor-pamins.com |
641 B |
| 1 |
infralead.net
1 redirects
duct.infralead.net |
575 B |
| 1 |
submittrk6.com
1 redirects
zyd20030.submittrk6.com |
794 B |
| 12 | 6 |
| Domain | Requested by | |
|---|---|---|
| 10 | s.winnerlinks.net |
s.winnerlinks.net
|
| 1 | api.app4dw.com |
s.winnerlinks.net
|
| 1 | 12663c35b931.tc-network.net | 1 redirects |
| 1 | pridecor-pamins.com | 1 redirects |
| 1 | duct.infralead.net | 1 redirects |
| 1 | zyd20030.submittrk6.com | 1 redirects |
| 12 | 6 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.winnerlinks.net R3 |
2023-04-04 - 2023-07-03 |
3 months | crt.sh |
| level23.nl R3 |
2023-04-28 - 2023-07-27 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://s.winnerlinks.net/win_gift?tid=5yxu23mpj5q8wcpn1xykowoww,16998713,5,10263&flow=app&ctrack=1684358244.980359423&p=10263&pi=Exit+traffic+global&click_id=wgmbgm6f9hahqlpoioqtju04&media_type=mainstream
Frame ID: 8C897C66965FF27E26A6FD6043343A31
Requests: 11 HTTP requests in this frame
Frame:
https://api.app4dw.com/mobile-app/set?tracker=5yxu23mpj5q8wcpn1xykowoww,16998713,5,10263
Frame ID: 845D1D7973747F7E4A30F4DACE51DC44
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Congratulations!Page URL History Show full URLs
-
https://zyd20030.submittrk6.com/
HTTP 302
https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_l... HTTP 302
https://pridecor-pamins.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_fi... HTTP 302
https://12663c35b931.tc-network.net/?p=10263&media_type=mainstream&pi=Exit+traffic+global&click_id=wgmbgm6f9hahq... HTTP 302
https://s.winnerlinks.net/win_gift?tid=5yxu23mpj5q8wcpn1xykowoww,16998713,5,10263&flow=app&ctrack=1684... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://zyd20030.submittrk6.com/
HTTP 302
https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&ld_age=&ld_dob=&aff_inc=&externalid=;;;;;;;;;;;;;; HTTP 302
https://pridecor-pamins.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&aff_source=&aff_subsource=&operator=NotMapped&mnc=&ld_dob=&aff_inc=&ld_region_code= HTTP 302
https://12663c35b931.tc-network.net/?p=10263&media_type=mainstream&pi=Exit+traffic+global&click_id=wgmbgm6f9hahqlpoioqtju04 HTTP 302
https://s.winnerlinks.net/win_gift?tid=5yxu23mpj5q8wcpn1xykowoww,16998713,5,10263&flow=app&ctrack=1684358244.980359423&p=10263&pi=Exit+traffic+global&click_id=wgmbgm6f9hahqlpoioqtju04&media_type=mainstream Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
win_gift
s.winnerlinks.net/ Redirect Chain
|
7 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.css
s.winnerlinks.net/css/offers/win_gift/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
default@0.5x.png
s.winnerlinks.net/img/prizes/iphone-14/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.js
s.winnerlinks.net/js/ |
0 215 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.js
s.winnerlinks.net/js/offers/win_gift/ |
256 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
background.svg
s.winnerlinks.net/img/offers/win_gift/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lightburst.png
s.winnerlinks.net/img/offers/win_gift/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
set
api.app4dw.com/mobile-app/ Frame 845D |
548 B 301 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
giftbox-back.svg
s.winnerlinks.net/img/offers/win_gift/ |
701 B 634 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
giftbox-front.svg
s.winnerlinks.net/img/offers/win_gift/ |
880 B 723 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
giftbox-lid.svg
s.winnerlinks.net/img/offers/win_gift/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
09d6a0ce-0d70-4cf4-b303-4c9feec6b84c
https://s.winnerlinks.net/ |
8 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| pd_options object| view14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| duct.infralead.net/tools/SetRedirect | Name: _frmld Value: 1 |
|
| zyd20030.submittrk6.com/ | Name: hexa.sid Value: s%3AESx67kqHvZvz8io0_7xjviqK0ATsGfnV.l7lGb6IwCZsVUXZwAegmi7ozBLl%2BrziQVjDkrpfQ4cs |
|
| .pridecor-pamins.com/ | Name: 5529cebd-836b-4cfb-80e5-c9670cd773ce-v4 Value: ddQrYS4tAuaADNOzcSpBaVh50MOJnAkPyT2-PxmNQ_c |
|
| .pridecor-pamins.com/ | Name: cc-v4 Value: QYJvIkPgisQmyI3ErhTI6aP%2Bv8ZZba%2BZnk1iHVXfnqQu4aG5Kx%2FawvzuX6SS5s0%2FV0AY5AsN2dvI22tSkh3s4ZPkckj1j7mW6tIAG%2BQAoonVaPRVPpnbWOmzo1aOZphl86YLCrfJRB2xjPn1g6iHIg%3D%3D |
|
| .12663c35b931.tc-network.net/ | Name: rts-trck Value: 1 |
|
| .tc-network.net/ | Name: t-uuid Value: 5yxu23mpm1z6ztzutzzi880gc |
|
| .tc-network.net/ | Name: ab Value: B |
|
| .tc-network.net/ | Name: traffic-visited-domain Value: winnerlinks.net |
|
| .tc-network.net/ | Name: traffic-back-ivr Value: ok |
|
| s.winnerlinks.net/ | Name: XSRF-TOKEN Value: eyJpdiI6ImxQNVBrOXF5UFdXODBHVjlEM1ROK3c9PSIsInZhbHVlIjoiK3h2bVFBODNtcGRrQi9lRGRjWUVOdktocGJBeTFXMHcySnQxVHh2MWtsSHNaMWFpV293aXFrQndhOVV4N0d0WXY1ODBKOHJkRGRYT1ZzQ2NPd3VMTC9yT1lzOUdMMjhjMFRCS0tJVFVtS3VLclhiVUJROFRUcmxibVV0cEZ2Y2YiLCJtYWMiOiIzOGE3YmU1OTg1NzZjYzk4MjMwNDY1NmJiYmM2MmExYjJlMDk4YWYxYjQwYWVjMGZjYzc0MzA1NjI3NDlmYWY2IiwidGFnIjoiIn0%3D |
|
| s.winnerlinks.net/ | Name: ivr_offers_session Value: eyJpdiI6IkdpckxzQVc4akZtckczdGJhYlFuV0E9PSIsInZhbHVlIjoiSE9GVlJJUnlIUmdxRmpaY0FkaEUvcHNLUE5hY3ZLdW5qdEU4TVN0b1pFRWk3NnVwaUQ1YlMyanpOT2FQc1QzVHVGN2lBU3ViOGJXSGZaTHB1K2VoelR1ZDZWSVM4UlJ0TFBBTnBDdmY3dk0vb0lxaENCS1NKL3V0bE5leFpobFYiLCJtYWMiOiJlYmQwZTE0Yjk3OTRiMTU4NDBhODI4NWYzYzY3YTlkZDRlZTBlNGYzZWU1ZGQ3OGU4ZjIxNDZhY2E2MzNmYjE1IiwidGFnIjoiIn0%3D |
|
| s.winnerlinks.net/ | Name: SESS_TRAF Value: eyJpdiI6ImJtUDlRV25FL2xmZDBObDNPQjdEYlE9PSIsInZhbHVlIjoiL2FWOG8xbXo3ek55dGlFWHc0cGtmZ1A2V1YycE9mMHQ2bllPcWhhb1hLei9VM3RBMVJhRG9PeEtDMVRhZ3VIc3JyY2lzdjFBNXU2M3JOMEJiMlRrdy9Vb0dRTWg1ZnlNQWhnZjJJYnhQQW53b0xkbUxOUmZFOTRoUzNCMnpReDZNLzM0VCtuQkx4dkpBS05Ja09zUlJpeEVqYWdOY2hkSDU4ZmVqMjZ6Rk1TR2ZtMlhUQmppSTZPenNpV0QzWlFmZkNJWHl4cTI4aExqRVppTCtTSlI5QTVpKzJqL25pN3haNEtVSGlkUDczVGZqYjU4ajltTkx5NU8vd3NDL1UzeHpDdEZCWkkwdlNmNTFIZ2xSeUREbWxja2tnS3lsR1NsUzNKb1ZuM1hWZThBbmUyWHVBeVNBeVVyZjlEeHpYK0h6RDVGeHlDYWpzbHlTL2RCYTBwRFJBPT0iLCJtYWMiOiIwNDE3OGQzMDNmOGM2MTBlN2FkNDMyOWMyYmE0YTEyMTEwNmYxY2M4N2FmYjIzMjIxNTZhMGMzNjU5OGYwOGU5IiwidGFnIjoiIn0%3D |
|
| s.winnerlinks.net/ | Name: visit Value: eyJpdiI6ImhxOUU4TEx5NVc0Q3BoWWM2R1kvL3c9PSIsInZhbHVlIjoiYUdQV2xuVUExbXJkUXZhZ2hwejVPTzhGY3hhSlZMNjc1NmdyOS8xMzJjejZPbWhxdDE2YXBuSGVRdVBqY2hOdCIsIm1hYyI6Ijg1Nzc3YTdhMTVlMmI3OWQzYTJmMzM0NzI0ZjYyNDhiZWU4MzY3YWFhOWM3N2ZhNTFiODM1MGRiNGIyOGY3MzciLCJ0YWciOiIifQ%3D%3D |
|
| s.winnerlinks.net/ | Name: vTk5eAmu3rrODOjBMimvyBml8cqpmDHOpdrSlngK Value: eyJpdiI6Ii9XemNTSjZic2dmNlZkSW1nTHdDRmc9PSIsInZhbHVlIjoiaVpIYUZEWEU0Mnh0cWdxRmtvcng3VWtXWVh5dEVseElNYkJCR2xzRlFzKzJCK0ZVb1BCN2RBeTVPeEJNMFJYYTRDdzhYVmVnQU1qYVVwSTJOUi8zWTI1RWo5OHVEZDMxVktndDY1SUxFRG12MlFoeHMyc1hOS3dNVXFoRDhnckRDQ3NPVEkxcVZEN011VThWaGMwaW45ZE9xcmVSbExRTHdrcEtLOWF0MGFlUHRwanlhcjc3WGF6Q1hNR2sxWDFlVHZpOGZGOXRRMTlrWjZPTGdYRUtxWGlONzMxTktxN1lGL2NLWm9jOEZNNkxSZHlpL1pxb2xEWld2YkQrTkxTYjFJazFRUnF4SGx2ektROHYzVWtwdk41QXduMjZrUjZ4OUVnVUNYbU5JQU5kdldabEQ4NVpsREN2bXdVK3E1c21RNUE5TUxpaEZhSmplZy80Vk8rejZ0dHlzc1gzSHJGQWlFRlluWlJWMllJQzJzUHFoM2d3bjRReWJaUm13SytqS2J3N1pIdlNJckFJNU5ucUlJT1Qyc3l2VnlEUXprdXpUaFVnaCtOaU1jeW04ZDRYMzRwaTh0OXpwMWVxSWx4OVB6WUhCRkovS2FHaEltRmVpVXowMnpuUWtxbnNpMGtiR1dzbVVZb1ZiZ0VQUDhUMkg2d3RVLytVR2NWNC9pQlREN3Y4OGExNng4K25LWEwvQWEzRTdEakFkcktTdS9PQ2trcXA1dEd3TndMS2Y0c2VLRVM4VWRCcFQrQnJDakkwaXg0ZE9KQnRROVkwK2VDcmtqSHV0TTJ0eWYwbXMzY0xHQnlkOHlYc093dVlBUmFWenA0SnpqZDdqazZNMytSaSIsIm1hYyI6ImQ1NDM5OTYzYjYyMzY1NjM5Yjg3N2EwMzk3ZTc3MDg4Mjc4N2VjMWVjY2YyZjBhZDM0OTYzODE1YTJmN2ZiNzgiLCJ0YWciOiIifQ%3D%3D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
12663c35b931.tc-network.net
api.app4dw.com
duct.infralead.net
pridecor-pamins.com
s.winnerlinks.net
zyd20030.submittrk6.com
18.193.209.105
34.22.240.62
46.4.4.66
94.237.103.119
94.237.93.242
47a4ec18ae1815e9bd88b670fcbde0bed80070338bbc7972d48f63edef0136f3
57790ce8aa555434c6cc175c132fabffe72c6f5c3c82eafbe36f3ed816073745
8db659c5c43a1dfb509c9d59ea7f244e384987c3a7848c28687984971a972033
ad789ecb655f8287e9d8356c8f0632a70e7cfeba5cc6d9b0e15e02b81c7c4de3
bd993a3438e817075745276a66be99e3171832ff7496e759b7065061b2a81a26
ce033cecdbaabd46f4cbb8f92326501a3cf44ecaf1c02120b32a7b63d03a5cec
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e2d184b35e5bdc7916d85dca09ef2e4a292563a14cf9cda0eea65a3a9861ac5e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4caace6adf615f7a0be65407c3985e552808c0551262d3fec17d9974d9ba6a1
eafe5d1b674eb514854eb19e6df7e08321922ff6bc0448645e09a1fa67f0e0a6
f30f1ed67ad923647cb5f5a66974dce10979edba3e3b8dc9267e66f19b065fac