r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fb20c18681040b740ab1730562beb45c
abedefb801b0e13987d6619a77e0368771f9dfcb
288c1832db391da57e3d74ffa893ec2c47ef9c1945f85b88473c563b55a3dfb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "288C1832DB391DA57E3D74FFA893EC2C47EF9C1945F85B88473C563B55A3DFB3"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7205
Expires: Mon, 26 Dec 2022 20:52:45 GMT
Date: Mon, 26 Dec 2022 18:52:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9cce060ddc316540d079e6816a1e7412
709a74969d1996d2b35ef0f7f34ae18455169f1e
6d58b895476c9ab451d8fc51df98809adca445bc6e9d720430e80a0c85242879
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D58B895476C9AB451D8FC51DF98809ADCA445BC6E9D720430E80A0C85242879"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4142
Expires: Mon, 26 Dec 2022 20:01:42 GMT
Date: Mon, 26 Dec 2022 18:52:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 26 Dec 2022 18:35:02 GMT
content-type: application/json
age: 1058
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b2d59bdbb1ca6324590988ec031cf1fc
bfd4e25af37dcde4bac38d9b178c5ac8e50f8834
cef2180120ef42ff09d54577229c058d41d2c569d485f5a6dcfadc74bf8aa647
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF2180120EF42FF09D54577229C058D41D2C569D485F5A6DCFADC74BF8AA647"
Last-Modified: Mon, 26 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3329
Expires: Mon, 26 Dec 2022 19:48:09 GMT
Date: Mon, 26 Dec 2022 18:52:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DLAMgHkci52Sm6NRa76R4AL1w1ecH0i4b/VMQT3yI9CwWwj1Zyk9y4QVUx9fgHGjI835UtStGm8=
x-amz-request-id: 6R172X84G2G8ECR6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Dec 2022 17:57:32 GMT
age: 3308
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 18:52:40 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 26 Dec 2022 18:33:30 GMT
age: 1150
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
winnerinvestgroup.com/
162.241.253.159200 OK 19 kB IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2356)
Hash 5b02209b47b4ed1dcd27e126d3452388
b49ea7da3c2e2c7bc8aba78d639fc82ba5b9a357
2f923635e93b164ef32d55f3a8c0d78c1be8ee0bfcafaf492a9f2a837be67124
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET / HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:40 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 17 Feb 2022 09:31:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ae893eec23998fe856d6ee3df2163a80
d98cb1a1c82c429c2f6fdbbfb7461713c790da7a
24167e8036371493799d6fe42f5e00a0ea2e4a5b7eb70636a269a9aa78d1f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 18:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
winnerinvestgroup.com/wp-content/plugins/wp-live-chat-software-for-wordpress/plugin_files/css/livechat-icons62d0.css?ver=4.5.3
162.241.253.159200 OK 338 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/wp-live-chat-software-for-wordpress/plugin_files/css/livechat-icons62d0.css?ver=4.5.3
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 658cd2ab3356e16ad6bb64a1f77cb91a
9fd9cdcc561cd1f96495814c43752c9873e21681
92aab001770e96d1f9d1b3c8273d7e8d053625085c6aa600e2d3012fce9fc9ee
GET /wp-content/plugins/wp-live-chat-software-for-wordpress/plugin_files/css/livechat-icons62d0.css?ver=4.5.3 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 338
Keep-Alive: timeout=5, max=75
Content-Type: text/css
winnerinvestgroup.com/wp-includes/css/dist/block-library/style.min080f.css?ver=5.8.2
162.241.253.159200 OK 15 kB URL HTTP/1.1 winnerinvestgroup.com/wp-includes/css/dist/block-library/style.min080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 6ebc7a4d773cb1f29a93f605933fba76
b113ca39afc5fd44cbc06dca58945bb5e9fb771e
7a12133f8cb48c1b5b4631ee9e9a0eebe36bbf2bbe1eb792b0f9fc630c18bd76
GET /wp-includes/css/dist/block-library/style.min080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 14560
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style5c45.css?ver=6.3.3
162.241.253.159200 OK 1.7 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style5c45.css?ver=6.3.3
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5305), with no line terminators
Hash 0332c949167f256eaeb32063c28950ae
55d38da2c11e1b193de19a9fa3a6a275a4accdfe
1c1dcbb08352422a98b8dd9632753b904e9040eea0a538dc2d169935e7fa5fb3
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style5c45.css?ver=6.3.3 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1723
Keep-Alive: timeout=5, max=75
Content-Type: text/css
winnerinvestgroup.com/wp-content/plugins/formcraft/dist/formcraft-common3430.css?ver=3.7.5
162.241.253.159200 OK 8.1 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/formcraft/dist/formcraft-common3430.css?ver=3.7.5
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (28207), with no line terminators
Hash 5b2863f7a32d92a6e2599ccdf8087ca3
364cd39b56a8c7e773b22677aa11fb6359bd12f7
b36261df7fb6eed4a395bd7f8f0cdaf504d91aac9fc12f7f1e2f872b84a0fdfe
GET /wp-content/plugins/formcraft/dist/formcraft-common3430.css?ver=3.7.5 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 8070
Keep-Alive: timeout=5, max=75
Content-Type: text/css
winnerinvestgroup.com/wp-content/plugins/revslider/public/assets/css/settings23da.css?ver=5.4.8
162.241.253.159200 OK 12 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/revslider/public/assets/css/settings23da.css?ver=5.4.8
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 420d3926527788e79d29df1d6d25abb2
04117609e648756b5f601e11c01897d891d40b02
96ab3795c52e1ef8cc82db93ab81508ed2a44a18ea887b3e49f5a01108e2a6d5
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/settings23da.css?ver=5.4.8 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 12204
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 508c2c991a10f5f048c213f732698d4c
5a43bb96597ada2c1a16fb35c6cd74529bb306c4
bdf5e18cacb564fe4be4448d268ecee27b7139b91109b6d0727f2b809c6b5f3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 18:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
winnerinvestgroup.com/wp-content/themes/suprema/style080f.css?ver=5.8.2
162.241.253.159200 OK 266 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/style080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 1bbd43196c4f9f2c694cd69102981d53
b8243fd85d46dba227df6447dbcaa99c9c89bd89
ea801c02e1131579633a750cd67b5812ff23ba9c49d1d17ae84f46863c782f55
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/suprema/style080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 266
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/plugins.min080f.css?ver=5.8.2
162.241.253.159200 OK 12 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/plugins.min080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (50028), with no line terminators
Hash df0057003c0ac5caffb3d20aa199b45b
ea58364eea08896cc2e4c6d7895d563eda1d7fd1
39a0f4f8888b43c55921723d22b70575287f0bcfcc45749ba21fdab6ba71581d
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/suprema/assets/css/plugins.min080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 12156
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/plugins/formcraft/dist/form3430.css?ver=3.7.5
162.241.253.159200 OK 14 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/formcraft/dist/form3430.css?ver=3.7.5
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (63972), with no line terminators
Hash 198ff6350423a9bc12fc8e87ac052402
b357b061c50a2265987bfc13272de9274808f87b
6d6f64f8f3ec9c3aab3e7b783c4aa3a378a5361b43e762879bae8b2c99643694
GET /wp-content/plugins/formcraft/dist/form3430.css?ver=3.7.5 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 13458
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style5c45.css?ver=6.3.3
162.241.253.159200 OK 43 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style5c45.css?ver=6.3.3
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 1f01e4fcdb4069de3fd921d26ce3602f
6a020807d4eb6237aa59b2299ee918d84dcb0a2a
f41a5ef41bd88365d1a5ec57f44fd75116ccaa2460b33f5493036b414e44dc9d
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style5c45.css?ver=6.3.3 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/modules.min080f.css?ver=5.8.2
162.241.253.159200 OK 65 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/modules.min080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 06058c990880efce66c707a432e274c7
3196fc3cd13eec178d064a87889300f2585c5d0a
1365213ada0f6d5dc04dbdd397bc87a48bc72db338e21092ab34d3d825a7561d
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/suprema/assets/css/modules.min080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/font-awesome/css/font-awesome.min080f.css?ver=5.8.2
162.241.253.159200 OK 7.1 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/font-awesome/css/font-awesome.min080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30861)
Hash 5035fadc46ccb6830038f796315f1c5d
6a411c58194159cb76b34bbab796f23371716a31
c7dc9cc6cd68208b505c17295512889ae0a77aeb1e9989b2ec2076456f3d7291
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/suprema/assets/css/font-awesome/css/font-awesome.min080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 7121
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/elegant-icons/style.min080f.css?ver=5.8.2
162.241.253.159200 OK 4.9 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/elegant-icons/style.min080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21773), with no line terminators
Hash dffd20fd9d5e9811944dfee3e9dfcc58
2bdece6d6983a6f842b58b301d8a75db71e0f744
33f6995616e85c00811368e58a7784db3dd89339da3a6855398ad7fd3c7ac5da
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/suprema/assets/css/elegant-icons/style.min080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4851
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/ion-icons/css/ionicons.min080f.css?ver=5.8.2
162.241.253.159200 OK 8.8 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/ion-icons/css/ionicons.min080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (50826)
Hash c829ddea8f5aa971ec978dd14f42ac4e
70278f25cb0ead0688980ec98c7c31cc4675d8f9
66444f9ae6768cf7bd574ccd90d6a7ea44a5ff355407485ccec436b77bb25e32
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/suprema/assets/css/ion-icons/css/ionicons.min080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 8822
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/plugins/contact-form-7/includes/css/styles5697.css?ver=5.5.3
162.241.253.159409 Conflict 83 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/contact-form-7/includes/css/styles5697.css?ver=5.5.3
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/css/styles5697.css?ver=5.5.3 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 409 Conflict
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 68ee4e2891b5a52719997e4ef8cb7aab
ae2e49eff010551d7f3dcf005a51530ee2910480
2bae50a834a34f248f6a79cf6f191dcf709c24b884f2d3da7fa43985c6b2d48b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1766
Cache-Control: max-age=139413
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 18:52:41 GMT
Etag: "63a96428-1d7"
Expires: Wed, 28 Dec 2022 09:36:14 GMT
Last-Modified: Mon, 26 Dec 2022 09:06:48 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/linea-icons/style080f.css?ver=5.8.2
162.241.253.159200 OK 9.4 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/linea-icons/style080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (373)
Hash 638a0d61050791a224b969b2b85c68b3
758cfe433ae5d74eb5926f30fae34f0da90c488f
c020583ef13d1367b4bb87419cf86dba38a88607601f2ab8804dcffed3c49acd
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/suprema/assets/css/linea-icons/style080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 9355
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/linear-icons/style080f.css?ver=5.8.2
162.241.253.159200 OK 1.6 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/linear-icons/style080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a92661342b41e9f0059a69c69b4f1156
a3c996f0de892b10f2753949b7b2aa61ec94caf9
76d13128c12ad524b37585db197bd787302ad3ef4bb9082a5ac1815a1ad1970d
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/suprema/assets/css/linear-icons/style080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1616
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 508c2c991a10f5f048c213f732698d4c
5a43bb96597ada2c1a16fb35c6cd74529bb306c4
bdf5e18cacb564fe4be4448d268ecee27b7139b91109b6d0727f2b809c6b5f3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 18:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/simple-line-icons/simple-line-icons080f.css?ver=5.8.2
162.241.253.159200 OK 2.9 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/simple-line-icons/simple-line-icons080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (364)
Hash c248c10cb8c51c54d8cdda4264ab335e
abc16c4927d61ba3ca5e074b90176bd48a55d182
55dd153d1e54059d055064683428e0d444ec387311e4e6216b59544056d0001c
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/suprema/assets/css/simple-line-icons/simple-line-icons080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 2886
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/dripicons/dripicons080f.css?ver=5.8.2
162.241.253.159200 OK 1.1 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/dripicons/dripicons080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 81803447aaf14289fa1a388753aec45e
0bc6b85c5ac981de1156f6723761e3953c897054
5afa74077c9dd3ef2445cf70d05285888ee0dca71cd2f98395dbf3432ec91bcd
GET /wp-content/themes/suprema/assets/css/dripicons/dripicons080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1128
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/style_dynamicf3cb.css?ver=1635076614
162.241.253.159200 OK 571 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/style_dynamicf3cb.css?ver=1635076614
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash dbb0ca05f6882adb2a2cc0a81d4f6254
3a2b15683d957e2dbbf3d1cf74eec63b1f6f2471
2165fb43e3510c05543594df0eaba340dbfe6aa5d4aa7105f90391c25a731444
GET /wp-content/themes/suprema/assets/css/style_dynamicf3cb.css?ver=1635076614 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 571
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/blog-responsive.min080f.css?ver=5.8.2
162.241.253.159200 OK 467 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/blog-responsive.min080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2349), with no line terminators
Hash 0626f867ca948c9fce788562bfade2a8
7aa3549accc3d28a5cfd190b01d5c9cb84c65764
dc4996599f2a2782638e56459dade56e04dd422d1409b777f9e3d0356f763874
GET /wp-content/themes/suprema/assets/css/blog-responsive.min080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 467
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
35.162.125.72101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.125.72:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rX15N3/zd3PSsQIN8RxrsQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KE1vY6BRn4PB9A0krWLXcI741xs=
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/style_dynamic_responsivef3cb.css?ver=1635076614
162.241.253.159200 OK 257 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/style_dynamic_responsivef3cb.css?ver=1635076614
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b69b9974ac4564d1b1bc00071d69a7f2
ec1761ab929a46e3d408768056f2663952bd754d
e5c0a9e31504507f81c18f5fcec3b37275090cdbf676b4860e3a8cdcff76e454
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/suprema/assets/css/style_dynamic_responsivef3cb.css?ver=1635076614 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 257
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min05c8.css?ver=5.13.0
162.241.253.159200 OK 3.9 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min05c8.css?ver=5.13.0
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18878)
Hash 367a096773d48d1c464796147972276b
2474963db9a332fe07b14cab78fda5ce3ed33604
6c8928eb5e25cd2ab7ba29bbc738beef84b186587f699b3121cc09e9e31f5f75
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min05c8.css?ver=5.13.0 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 3928
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/themes/suprema/assets/css/modules-responsive.min080f.css?ver=5.8.2
162.241.253.159200 OK 4.6 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/css/modules-responsive.min080f.css?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (28080), with no line terminators
Hash c36bc7d5566bf39491e8b9d37d9daa4a
5cfa43db7e00a5557fab1d6f9e00cd901c79ee94
53616e16a65e8b33dfeb51b460e86c53603ea1ddf86170279b96f13f167fc04a
GET /wp-content/themes/suprema/assets/css/modules-responsive.min080f.css?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4585
Keep-Alive: timeout=5, max=75
Content-Type: text/css
winnerinvestgroup.com/wp-content/plugins/elementor/assets/css/frontend-lite.min9d52.css?ver=3.5.1
162.241.253.159200 OK 19 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/elementor/assets/css/frontend-lite.min9d52.css?ver=3.5.1
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65497)
Hash 8933757801bc90937f96ce2dcefdb57f
6dac3f046ef18647384576e30d231134abe659d9
5dfebbb8db9f2e239634d2ae4b4a4a0119459d335da2d2b6d17cffc5dcef10fa
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min9d52.css?ver=3.5.1 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
winnerinvestgroup.com/wp-content/uploads/elementor/css/post-7d36c.css?ver=1640048428
162.241.253.159200 OK 328 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/elementor/css/post-7d36c.css?ver=1640048428
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (946), with no line terminators
Hash 0a518f91e70a77d29ecddb02aeb36fb7
2e0c9f13a37a5611b0677dc6355c1a3a26035d47
68e84b59f91bbcd3b6ed804c9825f6aa1fcd338100d3ba57cd567cf40edb19ec
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/uploads/elementor/css/post-7d36c.css?ver=1640048428 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 328
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.mine485.css?ver=3.3.6
162.241.253.159200 OK 8.9 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.mine485.css?ver=3.3.6
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (50841)
Hash 51b78b3a716be44c7ee227088e61bbb3
86e47ce132f2b79a3f6caff63d4a373bcc9d3795
a5b1d50d2520f5989609794e998a6c791fd5a416f64192d579060ea76e21fc65
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.mine485.css?ver=3.3.6 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 8876
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/uploads/elementor/css/globald36c.css?ver=1640048428
162.241.253.159200 OK 5.1 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/elementor/css/globald36c.css?ver=1640048428
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23067)
Hash 888f8af79730f28cbfd2c6a09ba3cc88
b5cb9e92c7546ab160b051e5616584d702540d0e
dd4d71a3cbdf6155eb30d139222858d2f1d50ab89b3bf9a283def6b4ec296b11
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/uploads/elementor/css/globald36c.css?ver=1640048428 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 5067
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/plugins/js_composer/assets/css/js_composer.min4245.css?ver=5.5.2
162.241.253.159200 OK 61 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/js_composer/assets/css/js_composer.min4245.css?ver=5.5.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash ec70e8267359ed786100384dcf614bd8
1603fb77efd3b2f3df41d581ceb914ee04469e71
2c6cf2af6e68f9d792c7fd8554d9909208b100f7eb123a8052dadd7d35f92e81
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min4245.css?ver=5.5.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:41 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
winnerinvestgroup.com/wp-content/uploads/elementor/css/post-1568df.css?ver=1640057588
162.241.253.159200 OK 1.4 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/elementor/css/post-1568df.css?ver=1640057588
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12471), with no line terminators
Hash 85832a1470f1cd7f39742409ceb7473d
17cf879fd6d10eb6f35cbc7320c91831c478ec06
a8bb3aca02aefd96d48a91fda0dddc13470e0ef5e99d67933147336b2c807694
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/uploads/elementor/css/post-1568df.css?ver=1640057588 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1383
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-content/plugins/wp-live-chat-software-for-wordpress/plugin_files/css/livechat-contact-button62d0.css?ver=4.5.3
162.241.253.159409 Conflict 83 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/wp-live-chat-software-for-wordpress/plugin_files/css/livechat-contact-button62d0.css?ver=4.5.3
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/wp-live-chat-software-for-wordpress/plugin_files/css/livechat-contact-button62d0.css?ver=4.5.3 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 409 Conflict
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
winnerinvestgroup.com/wp-content/plugins/wp-live-chat-software-for-wordpress/plugin_files/css/livechat-quality-badge62d0.css?ver=4.5.3
162.241.253.159200 OK 102 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/wp-live-chat-software-for-wordpress/plugin_files/css/livechat-quality-badge62d0.css?ver=4.5.3
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 37b00e19cecec9d175e9292e27c0a576
8b7943be32b27e28c4d08f9c32bfc5cceca72d1e
c96a8ba536b796af787e45fc465b6c3951de8afd427436ce1e0f1340485f5de3
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/wp-live-chat-software-for-wordpress/plugin_files/css/livechat-quality-badge62d0.css?ver=4.5.3 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 102
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
winnerinvestgroup.com/wp-includes/js/jquery/jquery.minaf6c.js?ver=3.6.0
162.241.253.159200 OK 39 kB URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/jquery/jquery.minaf6c.js?ver=3.6.0
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash feb933ceca72e1d76b471ed9db278b0d
6179e8f9c9876a6c4df5e3138e9f8ee2ac25bcd1
9a525fa92f98fd5ac754d60ea6f3676bcaa3870dd9bf057c8c668399922c9bd0
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/jquery/jquery.minaf6c.js?ver=3.6.0 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
winnerinvestgroup.com/wp-includes/js/jquery/jquery-migrate.mind617.js?ver=3.3.2
162.241.253.159200 OK 4.6 kB URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/jquery/jquery-migrate.mind617.js?ver=3.3.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.mind617.js?ver=3.3.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4618
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min23da.js?ver=5.4.8
162.241.253.159200 OK 48 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min23da.js?ver=5.4.8
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash fe66852317d3b1d655047ff6c1ce7e14
8acebb58b1bb5a6b3ff6e6bd82513c013d232958
a1750da9d5a0da96696da5df8c1be75eec0fef47f0ded3df4d337a2f34b66e93
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min23da.js?ver=5.4.8 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
winnerinvestgroup.com/connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/contact-button62d0.js?ver=4.5.3
162.241.253.159409 Conflict 83 B URL HTTP/1.1 winnerinvestgroup.com/connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/contact-button62d0.js?ver=4.5.3
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/contact-button62d0.js?ver=4.5.3 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 409 Conflict
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
winnerinvestgroup.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart4245.js?ver=5.5.2
162.241.253.159200 OK 319 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart4245.js?ver=5.5.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (533)
Hash 9134e46ef62f5577151ba78a38d2408e
7d2b83fd2ca075b180b994559643f26637924c8b
0348c562113e315e24967fdc3d6b5939c3d40f29df797bcfad0869779a17c83b
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart4245.js?ver=5.5.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 319
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min23da.js?ver=5.4.8
162.241.253.159200 OK 24 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min23da.js?ver=5.4.8
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (64653), with CRLF line terminators
Hash ce01d2625e12d9fa5d59d71514c0e115
4ab9246c1f756bb743b837b654fe5d0a6d1f6ef8
35f902457105a106f3708dcb25dae4cd71d44c396333cff2c9347c6c136117b0
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min23da.js?ver=5.4.8 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
winnerinvestgroup.com/connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/quality-badge62d0.js?ver=4.5.3
162.241.253.159404 Not Found 315 B URL HTTP/1.1 winnerinvestgroup.com/connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/quality-badge62d0.js?ver=4.5.3
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/quality-badge62d0.js?ver=4.5.3 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 404 Not Found
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
winnerinvestgroup.com/connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/widget5ebf.js?lcv=33a73482-4b6e-40fc-8b17-a4949cce2d1b
162.241.253.159404 Not Found 315 B URL HTTP/1.1 winnerinvestgroup.com/connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/widget5ebf.js?lcv=33a73482-4b6e-40fc-8b17-a4949cce2d1b
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/widget5ebf.js?lcv=33a73482-4b6e-40fc-8b17-a4949cce2d1b HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 404 Not Found
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
winnerinvestgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.minaf8e.js?ver=6.0.0
162.241.253.159200 OK 1.2 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.minaf8e.js?ver=6.0.0
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 57b5945094a547e06221f8f949e6d335
76fc7361f00684ea29ffbf4b7d46e5429b8c245a
f9d0da987075df31cc4cf8aed46bc193467ce7165568d83c8016e6fe904e72c3
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.minaf8e.js?ver=6.0.0 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1200
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18186
Expires: Mon, 26 Dec 2022 23:55:48 GMT
Date: Mon, 26 Dec 2022 18:52:42 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18186
Expires: Mon, 26 Dec 2022 23:55:48 GMT
Date: Mon, 26 Dec 2022 18:52:42 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18186
Expires: Mon, 26 Dec 2022 23:55:48 GMT
Date: Mon, 26 Dec 2022 18:52:42 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18186
Expires: Mon, 26 Dec 2022 23:55:48 GMT
Date: Mon, 26 Dec 2022 18:52:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90be501d-93e5-40ba-98d6-b790fc50966b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90be501d-93e5-40ba-98d6-b790fc50966b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d780f4b4a5928afafeea1348a117ab7
f0623d0355e6b57a5b9bed048b93e1b6b102dfe9
ad6dd8216b30147c99abfff2d1672d731ff940b2fb1da015d3fd5b0b96d11d0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90be501d-93e5-40ba-98d6-b790fc50966b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10502
x-amzn-requestid: 52ecc48a-9ba2-45ce-b4d4-a05b6bd49214
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dlFHaFnfoAMF6wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a51bc8-527601d115cb2f6d76d14958;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 03:08:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5obtiiP91WkrOa9NATTuqVwUG64JoT_PbMfG7rmw6BdgGhilopoCGA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 03:14:54 GMT
age: 56268
etag: "f0623d0355e6b57a5b9bed048b93e1b6b102dfe9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
winnerinvestgroup.com/wp-includes/js/dist/vendor/wp-polyfill.min2c7c.js?ver=3.15.0
162.241.253.159200 OK 6.9 kB URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/dist/vendor/wp-polyfill.min2c7c.js?ver=3.15.0
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (16323)
Hash 122fe79a1d53d10946cded540d2e219f
6271fdf889afe8a13d7c69efea9b40cbd0d81939
94cb1b0ca86f7f0bb7bcc81b42a06b6199bd37ff77ca88dccf3acc92683f3e24
GET /wp-includes/js/dist/vendor/wp-polyfill.min2c7c.js?ver=3.15.0 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 6935
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e38d94b0be1b10ecac941b497f57c861
12911cd039f5c7b05013ebbc369aec5613134906
38a41df0d4f4405e8ecf6b379431bdb87eaed40e20481262b43d1fd127c010fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9452
x-amzn-requestid: 41b87e86-25f2-4d3b-a4ac-ae9a933a75b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duMupEMdIAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c190-22b2693c043757fb5d58dda7;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:33:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: StP3cRZB5uQq5vj2oEZZmxAsLlu-nsnDNjQBdeb_o6Rd3YsP7p2Qlg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 22:06:41 GMT
etag: "12911cd039f5c7b05013ebbc369aec5613134906"
content-type: image/jpeg
age: 74761
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb12e2114-0241-4da7-bd1e-899e349748e5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb12e2114-0241-4da7-bd1e-899e349748e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d168ba736203efdefa90d8882fc40505
c661ff487be1f6c6d8fbe8fd671aa55159052b13
03154c7d275e14a4a2174e710e0a8be4ffee79070052f210e3496f0c0b5f37c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb12e2114-0241-4da7-bd1e-899e349748e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12097
x-amzn-requestid: aae402bd-c19f-4245-98e9-e89ca85c4d25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duNcOHqcIAMFpYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c2b4-0038899d5108109039e9d46a;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N54ZNk6rFLXw2TwRtNLAt4e1gBHqKMZ4uN0_fD5Fm7wtofseV-IgWQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 21:51:30 GMT
age: 75672
etag: "c661ff487be1f6c6d8fbe8fd671aa55159052b13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0de44af9-689c-433b-9291-b5e6c980e352.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0de44af9-689c-433b-9291-b5e6c980e352.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba61b2beeb64bfb5c38d0c7fd7c82a32
6bdbfc5daa929523a27de45683928e742431d537
573288644cb5ec3f13d0d19b84dd1dabe7cb834ba87704593af63dbd5b9d4f07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0de44af9-689c-433b-9291-b5e6c980e352.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10094
x-amzn-requestid: 6937578a-43e6-4c68-a953-5f457b3f70e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duNbuEXioAMFV8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c2b1-09b3de421c367dbd09f8cf7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QMPD3U33gWb-LUXYnu6kfmGPFtst_gao0dNc1dvvsliZkTOyCO11tw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 22:06:44 GMT
age: 74758
etag: "6bdbfc5daa929523a27de45683928e742431d537"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a5f634-727e-4b8d-ab9e-15f34604a3d6.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a5f634-727e-4b8d-ab9e-15f34604a3d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d56ed7f66802ac154bc856e5bb69c13
3fc1162af1229f939cc1253aa86d476da51950cd
e10eed5b4c912f9730169ac07f9ba6c471f1d27c8d0efdfed8bb4a6cb5880869
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a5f634-727e-4b8d-ab9e-15f34604a3d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6073
x-amzn-requestid: 69e21df1-a420-4ad7-b0bf-4d9eacb5bee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duOGEGvmIAMFoag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c3c0-6b8069e3057cf71d7284fbf7;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:42:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgxS2QNcD1b_3t2BTbbnUpDp8F9GM--NIw4cVzoKxXL3btqDf9h-9A==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 21:57:13 GMT
age: 75329
etag: "3fc1162af1229f939cc1253aa86d476da51950cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb995026c-9c36-40df-864d-b3c2b7e5482b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb995026c-9c36-40df-864d-b3c2b7e5482b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2665a6ae98ace2eab671f9e8a9f0978
d1b0b2b7bf8c8bf2e9765e9103908aba36989727
ae9125caee2dc267c67bf4f31f2669e03f65c47a43f2d0ab83081eb043d23d85
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb995026c-9c36-40df-864d-b3c2b7e5482b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9932
x-amzn-requestid: 280fdeaa-a0e1-4306-9adb-52c0f28b4002
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duNZzGcjoAMF5wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c2a4-73e3e4b34b67da2d2dbb8020;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nR7WiQ1kUfI129AOECPfR181bNjexz6B7BEIYxDRiGNqfKCQPiBKOQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 21:57:09 GMT
age: 75333
etag: "d1b0b2b7bf8c8bf2e9765e9103908aba36989727"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
winnerinvestgroup.com/wp-content/plugins/contact-form-7/includes/js/index5697.js?ver=5.5.3
162.241.253.159409 Conflict 83 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/contact-form-7/includes/js/index5697.js?ver=5.5.3
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/index5697.js?ver=5.5.3 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 409 Conflict
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
winnerinvestgroup.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.mineff6.js?ver=2.1.4-wc.6.0.0
162.241.253.159200 OK 1.0 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.mineff6.js?ver=2.1.4-wc.6.0.0
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash 0bebfb5722cbc8ac04e62aa40698be49
3bc5e4f29cb19a2d80d46dee242dabf7e42c0fd3
70d02eabbadbe176455a2bb53d8d567feca69847c067a5274987a8bdc65e3c05
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.mineff6.js?ver=2.1.4-wc.6.0.0 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1000
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.minaf8e.js?ver=6.0.0
162.241.253.159200 OK 792 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.minaf8e.js?ver=6.0.0
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2139), with no line terminators
Hash 1ca3f41c13e0027acc45f0601f8b640f
cced34af0c6a59e9cee4229faa66ab39c7031506
d3bc5eaf4c6be9473dbba690825cce9a1a6f4accb6721dae7875efef54942f41
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.minaf8e.js?ver=6.0.0 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 792
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.minaf8e.js?ver=6.0.0
162.241.253.159200 OK 1.1 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.minaf8e.js?ver=6.0.0
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash 769e9d3f7fc383ec1a02024e39730474
4f5a5edf28ed19b48c5e40747ec6896f0df8f09e
4636689d57889e984a7a1a1c6e2516b7a2d951407ca826aaf505c50002e2b486
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.minaf8e.js?ver=6.0.0 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1093
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-includes/js/dist/vendor/regenerator-runtime.minb36a.js?ver=0.13.7
162.241.253.159200 OK 2.6 kB URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/dist/vendor/regenerator-runtime.minb36a.js?ver=0.13.7
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6406), with no line terminators
Hash 340db4973d1ee14c5348599f661a3220
d4cf31e2af7774c276d7a883733a8392e232df49
85d0de0d6dbe1f487407829c52413d7e81c7c9ed28bc3ae9079c19303e91f678
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.minb36a.js?ver=0.13.7 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 2635
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
winnerinvestgroup.com/wp-includes/js/jquery/ui/core.min35d0.js?ver=1.12.1
162.241.253.159200 OK 8.2 kB URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/jquery/ui/core.min35d0.js?ver=1.12.1
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7973)
Hash 6e3b0317803aa9f226979ad7a7e77593
c95b4f532fd03f3754bf63139a57aab65fbe8a25
84520e8f7a292cb992fa9c62932245f598c6fa043fd4e19eadb6ad9a767dca6f
GET /wp-includes/js/jquery/ui/core.min35d0.js?ver=1.12.1 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 8223
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-includes/js/jquery/ui/accordion.min35d0.js?ver=1.12.1
162.241.253.159200 OK 3.2 kB URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/jquery/ui/accordion.min35d0.js?ver=1.12.1
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8481)
Hash bb60660eb418fb4922e6ceed6028e5ae
7256a6f744a9f170fd72e078f0584840a9593e66
f1d8fde90617438fea283c1514e9f8ec63b728b2093610e1e270a5a302fb8d6a
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/jquery/ui/accordion.min35d0.js?ver=1.12.1 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 3247
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-includes/js/mediaelement/mediaelement-migrate.min080f.js?ver=5.8.2
162.241.253.159200 OK 544 B URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/mediaelement/mediaelement-migrate.min080f.js?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1193), with no line terminators
Hash f5a258ea9f1581ecbb0e72cc6665c1c3
a85af53230df5278128438f9dd3539356d65b92f
c91bcf01aa9b5858ce368bdf176b93ebe701ce72ee09f4ef132e7fa3df1b1d98
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min080f.js?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 544
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-includes/js/mediaelement/mediaelement-and-player.min08e1.js?ver=4.2.16
162.241.253.159200 OK 57 kB URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/mediaelement/mediaelement-and-player.min08e1.js?ver=4.2.16
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65266)
Hash fe45d699c39cfe0d6d8c1796c6b7b54a
2a47a68ce601acbddfbc25ceab2f4af1adbad289
99aa2aab21a779e0e91431ee0a78efe4e620cef0650507256ba240d52ba9ea3c
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min08e1.js?ver=4.2.16 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
winnerinvestgroup.com/wp-includes/js/mediaelement/wp-mediaelement.min080f.js?ver=5.8.2
162.241.253.159200 OK 483 B URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/mediaelement/wp-mediaelement.min080f.js?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash 961b384bf5b28ac673051be024563f79
606ebba9fa8aec74cf413098b084500c8b16b85c
a9c17b0e5a9c12428c6ed8d0c4622ddbae112a9ac19bccf451f125972cd91935
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min080f.js?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 483
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-includes/js/jquery/ui/tabs.min35d0.js?ver=1.12.1
162.241.253.159200 OK 4.7 kB URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/jquery/ui/tabs.min35d0.js?ver=1.12.1
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11738)
Hash e75316d4188ff262734321ba233f94d9
7dcac4408194b7e1faa68a94938111059820fc6b
06af2a413b8586dda3634d04e439fff7045855ca680fdf724e38e77fcba05257
GET /wp-includes/js/jquery/ui/tabs.min35d0.js?ver=1.12.1 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4746
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min4245.js?ver=5.5.2
162.241.253.159200 OK 13 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min4245.js?ver=5.5.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32004)
Hash 9dcdc4e813ceb6f7dfcf8ff917556033
8ccb6e59a5919728dd495afbf172f3d576e69aa9
8be1d18337874c4b9a76de6b95e69c92ddc2063d779cd79e673ee8fb068087c4
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min4245.js?ver=5.5.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 13109
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/themes/suprema/assets/js/modules.min080f.js?ver=5.8.2
162.241.253.159200 OK 26 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/js/modules.min080f.js?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31967)
Hash 571885b1d6d75080dc5edc837d1eaaf3
5b809ffbf0317d1e34272e58886128cca1a9aa51
db0125981cac6a8382456a7cdf9c7fc8a2c39aff8b2ebbc2ad1b373ae265837d
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/suprema/assets/js/modules.min080f.js?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
winnerinvestgroup.com/wp-includes/js/comment-reply.min080f.js?ver=5.8.2
162.241.253.159200 OK 1.5 kB URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/comment-reply.min080f.js?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2949)
Hash 2758412411a9bec9055c038b049ebf3b
7dfd2d35de1e8c1c5b21bc8523b108c691ee7d76
8f0191fcced17d7eb5cee3633bb87e74f496a045ba1038ab7a2ef14a08cf1b4c
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/comment-reply.min080f.js?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1472
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/themes/suprema/assets/js/third-party.min080f.js?ver=5.8.2
162.241.253.159200 OK 134 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/js/third-party.min080f.js?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (31998)
Size 134 kB (133576 bytes)
Hash f3d2b8dea3b8ce7d2b80e8b8206078dd
e547048d3561efad541a8ad8c25061303b024f3d
25bbcae9bcd8847c01b8f4b45195ee992fd6934e4b417c99f194cea8ec5cd627
GET /wp-content/themes/suprema/assets/js/third-party.min080f.js?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/themes/suprema/assets/js/like.min5152.js?ver=1.0
162.241.253.159200 OK 411 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/themes/suprema/assets/js/like.min5152.js?ver=1.0
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (712), with no line terminators
Hash f059f63b17aaed7797d3495bed44af45
33dccf09fabdf589a40658bf76854e0679e83569
729277743b91072665384f59ac6965364943a024a2f5e4fa42996f2fb91f4bc8
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/suprema/assets/js/like.min5152.js?ver=1.0 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 411
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/woocommerce/assets/js/select2/select2.full.minae68.js?ver=4.0.3-wc.6.0.0
162.241.253.159200 OK 27 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/woocommerce/assets/js/select2/select2.full.minae68.js?ver=4.0.3-wc.6.0.0
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (64065)
Hash 3c1bb0faee42c0c5b161089e2f47b940
671c384c81f91af681ce45f9d5250ae939001190
57e965ed60cec5b8ab345f286e3d2c9b1147adcc384d0676f22914d951d2e64f
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/select2/select2.full.minae68.js?ver=4.0.3-wc.6.0.0 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:42 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
winnerinvestgroup.com/wp-includes/js/wp-embed.min080f.js?ver=5.8.2
162.241.253.159200 OK 777 B URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/wp-embed.min080f.js?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391)
Hash 06ece4d01ee88297957c9f4cdcaa4df5
2b3321654a8ead1e1493eac9b5f1fdfb65e2037f
0b17eb6ab02e69f50ac52ca157375bd69853ae4f4796eb48a35eb4a12fc7af8b
GET /wp-includes/js/wp-embed.min080f.js?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 777
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.mine485.js?ver=3.3.6
162.241.253.159200 OK 2.6 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.mine485.js?ver=3.3.6
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5419)
Hash b917e6724841ce7329d3bef5e83b5873
e9ab2e871978bd8247aa67af81cb6d92e0522e32
aac1715a742a36031e0e74422b42ffa15d43087c2fd9d7e098049d1bdf3deb17
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.mine485.js?ver=3.3.6 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 2578
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min9d52.js?ver=3.5.1
162.241.253.159200 OK 2.3 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min9d52.js?ver=3.5.1
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4866)
Hash 33a62888c5d1cbbb4a46c492568bea5d
3cc55ff75dde60b415a2b9537f53f51cb105a54a
b3c4cf3c8913c3cc69b0518b050bd4edced2949ddcbb00d1d796b45c841a3cd6
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min9d52.js?ver=3.5.1 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 2287
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/elementor/assets/js/frontend-modules.min9d52.js?ver=3.5.1
162.241.253.159200 OK 5.6 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/elementor/assets/js/frontend-modules.min9d52.js?ver=3.5.1
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14196)
Hash db9b887828ad1612ca5d41e33286e82f
994e84a58f0fdff2b40f1df8447afb77f643b8e1
8265e213ba1f8f3a11616d589fae7874ef52459f5dbaa1fcf46c307f4aefd42a
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min9d52.js?ver=3.5.1 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 5628
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/elementor-pro/assets/js/frontend.mine485.js?ver=3.3.6
162.241.253.159200 OK 23 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/elementor-pro/assets/js/frontend.mine485.js?ver=3.3.6
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (58848)
Hash 9e37eb383b7c451453874019f869e706
87c2e1e4d6c49c318350b21ed1c83583c6d3a16d
1031d0a8856db8fe437f8f5d268efa02532005c96348ab819838a60e558b2437
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/frontend.mine485.js?ver=3.3.6 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min05da.js?ver=4.0.2
162.241.253.159200 OK 3.7 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min05da.js?ver=4.0.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min05da.js?ver=4.0.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 3747
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/elementor/assets/js/frontend.min9d52.js?ver=3.5.1
162.241.253.159200 OK 14 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/elementor/assets/js/frontend.min9d52.js?ver=3.5.1
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (36853)
Hash abd0e339b23fee4dcec0a3eaeb61bdd5
9bdd0737790133c611ba58bcfa5fba897c5a192b
1d4e0b5c11ca6a8ccfa4bea0ccb1e8bb549681107cc092fc3d266d524237a3d2
GET /wp-content/plugins/elementor/assets/js/frontend.min9d52.js?ver=3.5.1 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 14427
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-includes/js/underscore.min0028.js?ver=1.13.1
162.241.253.159200 OK 8.3 kB URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/underscore.min0028.js?ver=1.13.1
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19041)
Hash e45e83fd86a608f36eed8d8178c0c218
84cbfc05d78d37a27374bb30ac9b933a8d4ce3e6
0e64084fe2aa346fffd15ce84b27ac3a62f7b8e555f563a4d919766a777f5262
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/underscore.min0028.js?ver=1.13.1 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 8329
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-includes/js/wp-util.min080f.js?ver=5.8.2
162.241.253.159200 OK 709 B URL HTTP/1.1 winnerinvestgroup.com/wp-includes/js/wp-util.min080f.js?ver=5.8.2
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1305)
Hash e9edb7bac979409cf7dbc48d7ab8aca7
ed3f941a8fe41e3994a3ca5e620219328628f532
2a0742cad9937c742b2f51c1ea2ae48359ce8d88d8b56f6d8910c0a267d631b5
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/wp-util.min080f.js?ver=5.8.2 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 709
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min7514.js?ver=1.6.6
162.241.253.159200 OK 374 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min7514.js?ver=1.6.6
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
GET /wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min7514.js?ver=1.6.6 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 374
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min8811.js?ver=2.7.0-wc.6.0.0
162.241.253.159200 OK 4.0 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min8811.js?ver=2.7.0-wc.6.0.0
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9139)
Hash 5f3c95f97f566ce33b859d6b874d116d
e47be9178d33d8d8eefda83c853b560aaed71413
a0cea478b83a24f0c90bfaf776ed62fe8747395838a92d8c9f06ceb79b3e5918
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min8811.js?ver=2.7.0-wc.6.0.0 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 3957
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.mine485.js?ver=3.3.6
162.241.253.159200 OK 18 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.mine485.js?ver=3.3.6
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (52456)
Hash ec43212e854aa843cdecc4f74b82ec42
3fd5bb8e68322c164ed4250b0e6bec742fb74b51
76df7ed132c6816cae71150743347e9128bd41f32e8a7b472e281f556e2eb487
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.mine485.js?ver=3.3.6 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
winnerinvestgroup.com/wp-content/uploads/elementor/thumbs/gnosis-safe-pf1ank6nwykyj3429x5n8gqgtf8ibcyez7sjzon2gs.jpg
162.241.253.159200 OK 2.0 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/elementor/thumbs/gnosis-safe-pf1ank6nwykyj3429x5n8gqgtf8ibcyez7sjzon2gs.jpg
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 70x70, components 3\012- data
Hash a0a46c1dfa315fb6d61b0c173a39898a
b8f0cc23c7982588bc38f9cf3fa2c8d03f2cf42a
b5f6f3e14bc6302fc4bd820933ad9cccee1375e4b1d21026cb37b4c0e6014b84
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/elementor/thumbs/gnosis-safe-pf1ank6nwykyj3429x5n8gqgtf8ibcyez7sjzon2gs.jpg HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Content-Length: 1966
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/jpeg
winnerinvestgroup.com/wp-content/uploads/elementor/thumbs/spaces_-LJJeCjcLrr53DcT1Ml7_avatar-pf1amykdwxealgfl3u2krxudgrgjzujazs5xsqoag8.png
162.241.253.159200 OK 4.4 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/elementor/thumbs/spaces_-LJJeCjcLrr53DcT1Ml7_avatar-pf1amykdwxealgfl3u2krxudgrgjzujazs5xsqoag8.png
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 27242a5387179912b4e004f60b95300e
3146d8ecdd50e58bf05bfca7890c11a744b9fd03
6fe5d61f4bb14f390f7ea3104e1ed4829cbbf4f6adbc2333c660469130e228d4
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/elementor/thumbs/spaces_-LJJeCjcLrr53DcT1Ml7_avatar-pf1amykdwxealgfl3u2krxudgrgjzujazs5xsqoag8.png HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Content-Length: 4385
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/png
winnerinvestgroup.com/wp-content/uploads/elementor/thumbs/rainbow-pf1an558r84q7iwj9ukhwyn97ivh10z4zyw9p47n88.png
162.241.253.159200 OK 3.4 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/elementor/thumbs/rainbow-pf1an558r84q7iwj9ukhwyn97ivh10z4zyw9p47n88.png
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 61193bf4c70e8e7cd4073e80a94f54f3
21b287e53c9271efb0561368739d70561e77186c
1dacdc5790ac412c1f41e0dc8c1b0c14788e2789b14ad4b139d59f8ba41d1d19
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/elementor/thumbs/rainbow-pf1an558r84q7iwj9ukhwyn97ivh10z4zyw9p47n88.png HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Content-Length: 3401
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png
winnerinvestgroup.com/wp-content/uploads/elementor/thumbs/argent-pf1an47eorz31pr9v88zk2rmpvf9oi6z90patzarek.jpg
162.241.253.159200 OK 1.3 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/elementor/thumbs/argent-pf1an47eorz31pr9v88zk2rmpvf9oi6z90patzarek.jpg
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 70x70, components 3\012- data
Hash 12df6a387b03c3414970564b7dc17a08
27f8be48df8845bb49fbf1ca992f2dace72200bb
6d32ecb44584a3ea6a570aa36dbc0459ca50bbbb0ee1450ca7b84de29539c65e
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/elementor/thumbs/argent-pf1an47eorz31pr9v88zk2rmpvf9oi6z90patzarek.jpg HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Content-Length: 1304
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/jpeg
winnerinvestgroup.com/wp-content/uploads/elementor/thumbs/trust-wallet-pf1an1dw49v82vvdbp13ulh8xpt61evs8mque5exx8.png
162.241.253.159200 OK 3.4 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/elementor/thumbs/trust-wallet-pf1an1dw49v82vvdbp13ulh8xpt61evs8mque5exx8.png
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 6fbea54797eebdc28e949d88b0fb2f48
d6057140a8aa100b02398d0c10c8acc9abeba491
036fa824533b826b30222d48388385c0ef73deb61e69bd1f4ba249026e438bd2
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/elementor/thumbs/trust-wallet-pf1an1dw49v82vvdbp13ulh8xpt61evs8mque5exx8.png HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Content-Length: 3405
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/png
winnerinvestgroup.com/connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/contact-button62d0.js?ver=4.5.3
162.241.253.159409 Conflict 83 B URL HTTP/1.1 winnerinvestgroup.com/connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/contact-button62d0.js?ver=4.5.3
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/contact-button62d0.js?ver=4.5.3 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 409 Conflict
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
winnerinvestgroup.com/wp-content/uploads/elementor/thumbs/83f26999937cbc2e2014655796da4b05f77c1de9413a0ee6d0c6178ebcfc3168-pf1aokud9b1biz84lwyjbwjixl08pyu5to08eeluq2.jpg
162.241.253.159200 OK 1.6 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/elementor/thumbs/83f26999937cbc2e2014655796da4b05f77c1de9413a0ee6d0c6178ebcfc3168-pf1aokud9b1biz84lwyjbwjixl08pyu5to08eeluq2.jpg
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 65x65, components 3\012- data
Hash d4f0c40f392576e1ff117aeaef9f8f0b
636924ad5b79e39a8ce7536d0a9781ddec393b8f
97c6bfa6d069e46ed9faae7dc70d33d4a45c7fc199aa60351811b86df6d056e1
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/elementor/thumbs/83f26999937cbc2e2014655796da4b05f77c1de9413a0ee6d0c6178ebcfc3168-pf1aokud9b1biz84lwyjbwjixl08pyu5to08eeluq2.jpg HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Content-Length: 1578
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/jpeg
winnerinvestgroup.com/connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/quality-badge62d0.js?ver=4.5.3
162.241.253.159404 Not Found 315 B URL HTTP/1.1 winnerinvestgroup.com/connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/quality-badge62d0.js?ver=4.5.3
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/quality-badge62d0.js?ver=4.5.3 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 404 Not Found
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 18:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7f2ed0d8a18af500682ec994cd3a5e15
48032c29ccc60c09f0c003042d059e83ea493ecb
8c49d81420b293298bd75222f60fbc608c322b36944963d93b6a15b12bcb0e8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 18:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 18:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 18:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://winnerinvestgroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Dec 2022 18:52:41 GMT
expires: Tue, 26 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 2
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://winnerinvestgroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:13 GMT
expires: Sat, 23 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 278370
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://winnerinvestgroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:33:56 GMT
expires: Thu, 21 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 429527
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://winnerinvestgroup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:33:54 GMT
expires: Thu, 21 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 429529
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 18:52:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
winnerinvestgroup.com/wp-content/plugins/contact-form-7/includes/js/index5697.js?ver=5.5.3
162.241.253.159409 Conflict 83 B URL HTTP/1.1 winnerinvestgroup.com/wp-content/plugins/contact-form-7/includes/js/index5697.js?ver=5.5.3
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/index5697.js?ver=5.5.3 HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 409 Conflict
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
winnerinvestgroup.com/connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/widget5ebf.js?lcv=33a73482-4b6e-40fc-8b17-a4949cce2d1b
162.241.253.159404 Not Found 315 B URL HTTP/1.1 winnerinvestgroup.com/connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/widget5ebf.js?lcv=33a73482-4b6e-40fc-8b17-a4949cce2d1b
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /connect.livechatinc.com/api/v1/script/e808420d-9257-46ce-9fae-285d34f85c2b/widget5ebf.js?lcv=33a73482-4b6e-40fc-8b17-a4949cce2d1b HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 404 Not Found
Date: Mon, 26 Dec 2022 18:52:43 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
winnerinvestgroup.com/wp-content/uploads/2021/10/ethereum-foundation.png
162.241.253.159200 OK 20 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/2021/10/ethereum-foundation.png
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 473 x 166, 8-bit/color RGBA, non-interlaced\012- data
Hash e0a72f64e573d3bdbe482a88c31997fe
c2db6c4615db2e7305d0046154b5be634d1315a7
091f983d60a974aed32480ebabc5b1be40ee4fd37ae4891535e6ca1add80727d
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2021/10/ethereum-foundation.png HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:44 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Content-Length: 19600
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Content-Type: image/png
winnerinvestgroup.com/wp-content/uploads/2021/10/gitcoin-grants-1024x370.png
162.241.253.159200 OK 44 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/2021/10/gitcoin-grants-1024x370.png
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1024 x 370, 8-bit/color RGBA, non-interlaced\012- data
Hash b89cc804f61130194346319c6a35dde7
d555bb23d43b66b0c4a47e7430e7713764d2d733
1552d8ff356d29b363eca82bddfb2a468a0d9f6fac109c17cd1909e95ba869fd
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2021/10/gitcoin-grants-1024x370.png HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:44 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Content-Length: 43842
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: image/png
winnerinvestgroup.com/wp-content/uploads/2021/10/consensys-labs-1024x369.png
162.241.253.159200 OK 25 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/2021/10/consensys-labs-1024x369.png
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1024 x 369, 8-bit/color RGBA, non-interlaced\012- data
Hash cb039f6ff6927d09c89b11301410f602
0a338763c46e9739a5fd692c42da258bd822e886
71cb3a738ad142ec9fb10b71ddde13bc841a89738f0526d2c6be5f9ac8cf803d
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2021/10/consensys-labs-1024x369.png HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:44 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Content-Length: 24778
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/png
winnerinvestgroup.com/wp-content/uploads/2021/10/walletconnect-social.png
162.241.253.159200 OK 118 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/2021/10/walletconnect-social.png
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 726 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 118 kB (118312 bytes)
Hash 19006a455d235265e21df2178ad38154
b86c4db7c37b90b1d906344dfe91184beb038d1b
1a0f5108cef46225811363484debf1164f0880e643789a72fae27c132c154c4a
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2021/10/walletconnect-social.png HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:44 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Content-Length: 118312
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/png
winnerinvestgroup.com/?wc-ajax=get_refreshed_fragments
162.241.253.159200 OK 19 kB URL HTTP/1.1 winnerinvestgroup.com/?wc-ajax=get_refreshed_fragments
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2356)
Hash 5b02209b47b4ed1dcd27e126d3452388
b49ea7da3c2e2c7bc8aba78d639fc82ba5b9a357
2f923635e93b164ef32d55f3a8c0d78c1be8ee0bfcafaf492a9f2a837be67124
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://winnerinvestgroup.com
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:44 GMT
Server: Apache
Last-Modified: Thu, 17 Feb 2022 09:31:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=60
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
winnerinvestgroup.com/wp-content/uploads/2021/10/spaces_-LJJeCjcLrr53DcT1Ml7_avatar.png
162.241.253.159200 OK 15 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/2021/10/spaces_-LJJeCjcLrr53DcT1Ml7_avatar.png
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 67b9c88b63853487c8aecf0786f775e8
405a77eb97c6d08b2f1a6a793e128a607ea2e881
398063548241aa249f2fe8fbb4dbc43808376f14109e25e88bea1aee117b2d3b
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2021/10/spaces_-LJJeCjcLrr53DcT1Ml7_avatar.png HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:44 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Content-Length: 15089
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=59
Connection: Keep-Alive
Content-Type: image/png
winnerinvestgroup.com/wp-content/uploads/2021/10/spaces_-LJJeCjcLrr53DcT1Ml7_avatar-100x100.png
162.241.253.159200 OK 4.1 kB URL HTTP/1.1 winnerinvestgroup.com/wp-content/uploads/2021/10/spaces_-LJJeCjcLrr53DcT1Ml7_avatar-100x100.png
IP 162.241.253.159:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 08b14cf4e543b1e102fb9f6e52a23567
3c46aee2cfb2c346f8c2a7f37cd13fc3dd08ad30
b9c34080dc3d97c4854b18890efd326465ec4cdb5ae3f72c832f2f6013997a1a
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2021/10/spaces_-LJJeCjcLrr53DcT1Ml7_avatar-100x100.png HTTP/1.1
Host: winnerinvestgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 18:52:44 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2022 11:51:52 GMT
Accept-Ranges: bytes
Content-Length: 4128
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.2
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.2
IP 142.250.74.74:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Dec 2022 18:52:41 GMT
date: Mon, 26 Dec 2022 18:52:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0
IP 142.250.74.74:0
GET /css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://winnerinvestgroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Dec 2022 18:52:41 GMT
date: Mon, 26 Dec 2022 18:52:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2