free-windows.travelglory.us Open in urlscan Pro
2606:4700:3033::6815:5e7e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://free-windows.travelglory.us/
Submission Tags: @phishunt_io
Submission: On February 20 via api (February 20th 2021, 7:27:50 am UTC) from ES

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3033::6815:5e7e, located in United States and belongs to CLOUDFLARENET, US. The main domain is free-windows.travelglory.us.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 10th 2021. Valid for: a year.

This is the only time free-windows.travelglory.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3033::6815:5e7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.34.228.77 199.34.228.77	27647 (WEEBLY) (WEEBLY)
1	178.218.209.117 178.218.209.117	42244 (ESERVER) (ESERVER)
1 1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	104.108.35.126 104.108.35.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::ac43:4a12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:360e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	6

8 2606:4700:3033::6815:5e7e (United States)

ASN13335 (CLOUDFLARENET, US)

free-windows.travelglory.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.34.228.77 (United States)

ASN27647 (WEEBLY, US)
PTR: pages-custom-29.weebly.com

www.avproedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.218.209.117 (Reutov, Russian Federation)

ASN42244 (ESERVER, RU)
PTR: notebook-center.ru

www.notebooks-center.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (United States) 1 redirects

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.35.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-35-126.deploy.static.akamaitechnologies.com

ae01.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a12 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hdwallpapers.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:360e (United States)

ASN13335 (CLOUDFLARENET, US)

www.driverowl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	travelglory.us free-windows.travelglory.us	74 KB
1	driverowl.com www.driverowl.com	8 KB
1	hdwallpapers.in www.hdwallpapers.in	562 KB
1	alicdn.com ae01.alicdn.com	52 KB
1	wp.com 1 redirects i0.wp.com	239 B
1	notebooks-center.com www.notebooks-center.com	30 KB
1	avproedge.com www.avproedge.com	22 KB
13	7

	Domain	Requested by
8	free-windows.travelglory.us	free-windows.travelglory.us
1	www.driverowl.com	free-windows.travelglory.us
1	www.hdwallpapers.in	free-windows.travelglory.us
1	ae01.alicdn.com	free-windows.travelglory.us
1	i0.wp.com	1 redirects
1	www.notebooks-center.com	free-windows.travelglory.us
1	www.avproedge.com	free-windows.travelglory.us
13	7

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-10` - `2022-02-09`	a year	crt.sh
www.avproedge.com R3	`2020-12-31` - `2021-03-31`	3 months	crt.sh
www.notebooks-center.com R3	`2020-12-23` - `2021-03-23`	3 months	crt.sh
img.alicdn.com DigiCert Secure Site ECC CA-1	`2020-06-09` - `2021-06-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://free-windows.travelglory.us/
Frame ID: CDF1FDED3A59B3D76E4BCC43998F2CD5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

13
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

748 kB
Transfer

761 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://i0.wp.com/ae01.alicdn.com/kf/HTB1GEQuKVzqK1RjSZFvq6AB7VXaT/X6-font-b-Bluetooth-b-font-Transmitter-Aux-font-b-Usb-b-font-Car-Play-Music.jpg?crop=5,2,900,500&quality=2886 HTTP 302
https://ae01.alicdn.com/kf/HTB1GEQuKVzqK1RjSZFvq6AB7VXaT/X6-font-b-Bluetooth-b-font-Transmitter-Aux-font-b-Usb-b-font-Car-Play-Music.jpg

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
free-windows.travelglory.us/ 12 KB
4 KB 80ms
48ms Document
text/html 2606:4700:3033::6815:5e7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://free-windows.travelglory.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5e7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f46435126cefc07da2d6ebab6691c2ae8f07d496cf32a715e075c3263b1b5915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: free-windows.travelglory.us
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 07:27:33 GMT
content-type: text/html
set-cookie: __cfduid=d973498d0a1442f84f2c5c543f004bb4f1613806053; expires=Mon, 22-Mar-21 07:27:33 GMT; path=/; domain=.travelglory.us; HttpOnly; SameSite=Lax; Secure
last-modified: Fri, 19 Feb 2021 07:50:08 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 085fef410a00004a6d6d02e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wuCoxJtlBe%2BqHz0K1aoEcfVfSGUHd%2F%2BdYqJVEQSwJzQHviFSBQF8QzzcPrSrMKVOEbmU3izXhtXpb72%2BttjSMPQEVBg6ptwitSyUNU%2F4LaVlB%2BENh5KXQHk65NgtXPKdKJ8V5uYDQPY%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6246817b4fb94a6d-FRA
content-encoding: br

GET
H2 200 jvYCPm.css
free-windows.travelglory.us/ 18 KB
5 KB 57ms
57ms Stylesheet
text/css 2606:4700:3033::6815:5e7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://free-windows.travelglory.us/jvYCPm.css

Requested by

Host: free-windows.travelglory.us
URL: https://free-windows.travelglory.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5e7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1c4a7aa6e9768a09c3caff44a504262fc195da45920fb8aab179b4e63949f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://free-windows.travelglory.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 07:27:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 085fef413e00004a6d778d4000000001
last-modified: Fri, 19 Feb 2021 07:48:30 GMT
server: cloudflare
etag: W/"602f6d4e-4763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XdzifdCrjGFC1JhQ16qYbldTBfvtKbgwbhgS86irOW%2Bb1s1XjS3lv04udwyka5Xb3ag0tajUzv5S0rRN0f4kKVTQ%2FOx151JL7P374hzItjfNZf99bMvvW2cbjEW4ETUw%2F%2BmI0t%2BeEvc%3D"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6246817b98394a6d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK irule-1300_1.jpg
www.avproedge.com/uploads/5/2/9/0/52903137/published/ 22 KB
22 KB 609ms
225ms Image
image/jpeg 199.34.228.77
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avproedge.com/uploads/5/2/9/0/52903137/published/irule-1300_1.jpg
Requested by: Host: free-windows.travelglory.us
URL: https://free-windows.travelglory.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.77 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-custom-29.weebly.com
Software: nginx /
Resource Hash: c5e2ed7fdc736fbaa64fb6d3be1feed796525356eb5167b9379f8c0fe900fd57

Request headers

Referer: https://free-windows.travelglory.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 07:27:34 GMT
X-Storage-Object: c5e2ed7fdc736fbaa64fb6d3be1feed796525356eb5167b9379f8c0fe900fd57
Last-Modified: Sun, 02 Feb 2020 09:25:54 GMT
Server: nginx
x-amz-request-id: tx000000000000074cffc46-005f726a29-131dd7c-las
ETag: "5392c66e3da8c6fb4dce4d6edd7e0a35"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: blu30.sf2p.intern.weebly.net
X-Storage-Bucket: zc5e2
Accept-Ranges: bytes
Content-Length: 22038

GET
H/1.1 200
OK laptop_acer_aspire_7720g584g32mi.jpg
www.notebooks-center.com/img/laptop/regular/ 30 KB
30 KB 421ms
132ms Image
image/jpeg 178.218.209.117
ESERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.notebooks-center.com/img/laptop/regular/laptop_acer_aspire_7720g584g32mi.jpg
Requested by: Host: free-windows.travelglory.us
URL: https://free-windows.travelglory.us/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.218.209.117 Reutov, Russian Federation, ASN42244 (ESERVER, RU),
Reverse DNS: notebook-center.ru
Software: nginx/1.2.1 /
Resource Hash: 1a50c6c7c5b08ee069ce901d61d1f346a2a8944a2104859f0899b694b9514169

Request headers

Referer: https://free-windows.travelglory.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 07:27:34 GMT
Last-Modified: Mon, 25 May 2015 20:49:31 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30318
Content-Type: image/jpeg

GET
H2

200

X6-font-b-Bluetooth-b-font-Transmitter-Aux-font-b-Usb-b-font-Car-Play-Music.jpg
ae01.alicdn.com/kf/HTB1GEQuKVzqK1RjSZFvq6AB7VXaT/
Redirect Chain

https://i0.wp.com/ae01.alicdn.com/kf/HTB1GEQuKVzqK1RjSZFvq6AB7VXaT/X6-font-b-Bluetooth-b-font-Transmitter-Aux-font-b-Usb-b-font-Car-Play-Music.jpg?crop=5,2,900,500&quality=2886
https://ae01.alicdn.com/kf/HTB1GEQuKVzqK1RjSZFvq6AB7VXaT/X6-font-b-Bluetooth-b-font-Transmitter-Aux-font-b-Usb-b-font-Car-Play-Music.jpg

51 KB
52 KB

262ms
198ms

Image
image/webp

104.108.35.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/HTB1GEQuKVzqK1RjSZFvq6AB7VXaT/X6-font-b-Bluetooth-b-font-Transmitter-Aux-font-b-Usb-b-font-Car-Play-Music.jpg
Requested by: Host: free-windows.travelglory.us
URL: https://free-windows.travelglory.us/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.108.35.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-35-126.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 2c5122e4d052e401753de8ce83e43f7ac1f4f0835d46e681651deedd92627f3b

Request headers

Referer: https://free-windows.travelglory.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 07:27:34 GMT
last-modified: Sat, 20 Feb 2021 03:44:32 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2578725
served-from: 72.247.178.238
content-length: 52602
timing-allow-origin: *
network_info: CH_ZURICH_9009
from-req-dns-type: NA
expires: Mon, 22 Mar 2021 03:46:19 GMT

Redirect headers

x-nc: EXPIRED ams 5
date: Sat, 20 Feb 2021 07:27:33 GMT
server: nginx
location: https://ae01.alicdn.com/kf/HTB1GEQuKVzqK1RjSZFvq6AB7VXaT/X6-font-b-Bluetooth-b-font-Transmitter-Aux-font-b-Usb-b-font-Car-Play-Music.jpg
access-control-allow-methods: GET, HEAD
content-type: text/html
access-control-allow-origin: *
timing-allow-origin: *
content-length: 138

GET
H2 200 landscape_windows_10_stock-1920x1080.jpg
www.hdwallpapers.in/download/ 560 KB
562 KB 266ms
248ms Image
application/force-download 2606:4700:20::ac43:4a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hdwallpapers.in/download/landscape_windows_10_stock-1920x1080.jpg
Requested by: Host: free-windows.travelglory.us
URL: https://free-windows.travelglory.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98013ce767006df0cf6ff02e78b9fcb531e27c98b35e0a683e99d87e9b61c27b

Request headers

Referer: https://free-windows.travelglory.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 07:27:33 GMT
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
content-transfer-encoding: binary
content-disposition: attachment; filename=landscape_windows_10_stock-1920x1080.jpg
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 573920
cf-request-id: 085fef4150000005d8502ff000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pbrVcScvkqhQuR8e92ZJVzBKpbj3vh%2Bi2AFX0sLd4Z%2BwA1YH9w2hUwayavzJMhmoVx6sPph%2B3Ega9TlJFa7FM%2BcHbRtllLGOlKy4tqdhsQoIm5a7fwAXW1YQlU1Kep8d"}],"max_age":604800}
content-type: application/force-download
cache-control: max-age=18000
accept-ranges: bytes
cf-ray: 6246817bbd3605d8-FRA

GET
H2 200 Acer-G235H-driver-firmware_49b1a.jpg
www.driverowl.com/driverscreens/ 7 KB
8 KB 661ms
632ms Image
image/jpeg 2606:4700:3030::6815:360e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.driverowl.com/driverscreens/Acer-G235H-driver-firmware_49b1a.jpg

Requested by

Host: free-windows.travelglory.us
URL: https://free-windows.travelglory.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:360e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d984166fd221f7afc4d7a0ac5a20ef77ab188cdf9349531f3cc754def5c35fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=3600

Request headers

Referer: https://free-windows.travelglory.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 07:27:34 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7467
cf-request-id: 085fef415c000005ed839e6000000001
last-modified: Mon, 28 Aug 2017 09:12:05 GMT
server: cloudflare
etag: "59a3de65-1d2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pDvhZ2N0%2FcY5povyZWKXJqHbJw6Q9KazdjgCF%2FXNPljFW0mcgn7p7lZoElrT6JufACPPQSRLfQP8mbtXdCITPmB%2Fqrip1iBaaG9mjXDPdv%2B5w5rBMsj8Gu92gfSxeQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400, s-maxage=2592000
content-security-policy: upgrade-insecure-requests; default-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 6246817bcaa605ed-FRA

GET
H2 200 /
free-windows.travelglory.us/ 0
3 KB 44ms
43ms Other
text/html 2606:4700:3033::6815:5e7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://free-windows.travelglory.us/

Requested by

Host: free-windows.travelglory.us
URL: https://free-windows.travelglory.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5e7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://free-windows.travelglory.us/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 07:27:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Feb 2021 07:50:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F8dHcsTQy3%2BZog1Nbg4yg0B%2FH63fDjMzVfb34La%2BkWbZd5jLczSHFr2UjquR1dxXr7Ex8YdahLUYIJ5KxA1T4JU8CoME4Sc%2FMP4Ty%2FkgeZVbku1N%2FYdgXjk6SftYwZLvA5euR5a8V5U%3D"}],"max_age":604800}
content-type: text/html
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6246817b983c4a6d-FRA
cf-request-id: 085fef413f00004a6da1082000000001

GET
H2 200 urpnl.png
free-windows.travelglory.us/ 57 KB
57 KB 19ms
18ms Image
image/png 2606:4700:3033::6815:5e7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://free-windows.travelglory.us/urpnl.png

Requested by

Host: free-windows.travelglory.us
URL: https://free-windows.travelglory.us/jvYCPm.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5e7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fff6f3b1a1ef4663516ac12c262cd6b60d1bb98d9942aa359cab287d247b17dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://free-windows.travelglory.us/jvYCPm.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 07:27:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13382
content-length: 58352
cf-request-id: 085fef417b00004a6d9b1ef000000001
last-modified: Mon, 25 Nov 2013 16:01:44 GMT
server: cloudflare
etag: "52937468-e3f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WEPKgQqI5iFRgMRoiZtkI7M7F%2FOnPF4oyW1t%2B2FeeJEq5vWAab0dSr1IzvyoS%2BrYTwrLKxpJdPzt%2FrpbLTpjRdlmoyOIihblao8LUPkWhEOao4F8215hfwM7dlBvXQmDOH7yf%2FNZc4U%3D"}],"max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6246817bf8c94a6d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FgEQteJlOG.png
free-windows.travelglory.us/ 3 KB
3 KB 47ms
46ms Image
image/png 2606:4700:3033::6815:5e7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://free-windows.travelglory.us/FgEQteJlOG.png

Requested by

Host: free-windows.travelglory.us
URL: https://free-windows.travelglory.us/jvYCPm.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5e7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fc066f7188e4a6cafe8324ef8c6931c6d86c1cfe23e31b0de73b4ccc55a4651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://free-windows.travelglory.us/jvYCPm.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 07:27:33 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 3046
cf-request-id: 085fef417d00004a6d9b1f0000000001
last-modified: Mon, 25 Nov 2013 16:01:44 GMT
server: cloudflare
etag: "52937468-be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lrj4eiHtRI5f21w0r87xHE5gjOFITsaAI5z2G6xMaxyGU87mhIj8H26YiaBlRcTT34V1oFsBal%2BHYeEYX6iN6Z3%2BqZAfReTVlfYuUgg3KYlVaKYvz4elm45uLAJel%2Bq5gr%2B3qUWp5Ns%3D"}],"max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6246817bf8cc4a6d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 qTs.png
free-windows.travelglory.us/ 422 B
856 B 64ms
63ms Image
image/png 2606:4700:3033::6815:5e7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://free-windows.travelglory.us/qTs.png

Requested by

Host: free-windows.travelglory.us
URL: https://free-windows.travelglory.us/jvYCPm.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5e7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

700c098799326063cf1db239cc407144eb081457fb5c14fb32f0a985e140644f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://free-windows.travelglory.us/jvYCPm.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 07:27:33 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 422
cf-request-id: 085fef417b00004a6df8254000000001
last-modified: Mon, 25 Nov 2013 16:01:44 GMT
server: cloudflare
etag: "52937468-1a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bZF8ROYs4pagzuVOY87jsce2wI7iAfeH2Ec%2Bj9Jes4oiJLu3rTFbtiH7y0C4jqGyUZBMrMDZnqKQ4R%2BJX921yXGSOdWaNVjyXPMxfenFAsPu4n%2Fqi74PpRc%2F7wsIvWwJ8LVA394Dp2U%3D"}],"max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6246817bf8cd4a6d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tyCcGkJHP.png
free-windows.travelglory.us/ 429 B
745 B 50ms
50ms Image
image/png 2606:4700:3033::6815:5e7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://free-windows.travelglory.us/tyCcGkJHP.png

Requested by

Host: free-windows.travelglory.us
URL: https://free-windows.travelglory.us/jvYCPm.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5e7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

495cb42b142f00a1f72bf7d4d59983b54eb3158e16fc391e94b0bc4ab8609e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://free-windows.travelglory.us/jvYCPm.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 07:27:33 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 429
cf-request-id: 085fef417b00004a6dc3b3e000000001
last-modified: Mon, 25 Nov 2013 16:01:44 GMT
server: cloudflare
etag: "52937468-1ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ddb63%2FC56CKNnJSIrNjbKw2lKbhqzBO9%2FimBHmrWoLyuft6Bo5VqZhFevrzcfkMNxxNi9NcQlVuxBrPgWWtAl5%2BtT3MuSMKPIOod%2FrG2sKcy23ENhLAVZTzazd0gQmGnnvA2aIDTsfA%3D"}],"max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6246817bf8ce4a6d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 NAeRblTqPBP.png
free-windows.travelglory.us/ 131 B
485 B 55ms
55ms Image
image/png 2606:4700:3033::6815:5e7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://free-windows.travelglory.us/NAeRblTqPBP.png

Requested by

Host: free-windows.travelglory.us
URL: https://free-windows.travelglory.us/jvYCPm.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5e7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

119c4af9c5def9ae963b28339aec934b51c850420c9dc2c4dce90f06827e0023

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://free-windows.travelglory.us/jvYCPm.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 07:27:33 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 131
cf-request-id: 085fef417b00004a6d191ee000000001
last-modified: Mon, 25 Nov 2013 16:01:44 GMT
server: cloudflare
etag: "52937468-83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DhWkQyD%2B%2FkvCHeyetThnhgmV2FsU3Rgef%2FP%2FPdY9FuWzwzfrbetJ6Ka6SBhSqJemmIvF0XZGKcF5D%2BgZDbA10ytyprmFlAgbwtQuhOiKn%2BrArJBUzTVx20LolLubeK1UN%2F7gVYmHMxQ%3D"}],"max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6246817bf8cf4a6d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.travelglory.us/	1970-01-19 16:59:58	Name: __cfduid Value: d973498d0a1442f84f2c5c543f004bb4f1613806053

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae01.alicdn.com
free-windows.travelglory.us
i0.wp.com
www.avproedge.com
www.driverowl.com
www.hdwallpapers.in
www.notebooks-center.com
104.108.35.126
178.218.209.117
192.0.77.2
199.34.228.77
2606:4700:20::ac43:4a12
2606:4700:3030::6815:360e
2606:4700:3033::6815:5e7e
119c4af9c5def9ae963b28339aec934b51c850420c9dc2c4dce90f06827e0023
1a50c6c7c5b08ee069ce901d61d1f346a2a8944a2104859f0899b694b9514169
2c5122e4d052e401753de8ce83e43f7ac1f4f0835d46e681651deedd92627f3b
495cb42b142f00a1f72bf7d4d59983b54eb3158e16fc391e94b0bc4ab8609e35
6d984166fd221f7afc4d7a0ac5a20ef77ab188cdf9349531f3cc754def5c35fd
700c098799326063cf1db239cc407144eb081457fb5c14fb32f0a985e140644f
8fc066f7188e4a6cafe8324ef8c6931c6d86c1cfe23e31b0de73b4ccc55a4651
98013ce767006df0cf6ff02e78b9fcb531e27c98b35e0a683e99d87e9b61c27b
a1c4a7aa6e9768a09c3caff44a504262fc195da45920fb8aab179b4e63949f8e
c5e2ed7fdc736fbaa64fb6d3be1feed796525356eb5167b9379f8c0fe900fd57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f46435126cefc07da2d6ebab6691c2ae8f07d496cf32a715e075c3263b1b5915
fff6f3b1a1ef4663516ac12c262cd6b60d1bb98d9942aa359cab287d247b17dd

free-windows.travelglory.us Open in urlscan Pro 2606:4700:3033::6815:5e7e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

43 %IPv6

7 Domains

7 Subdomains

6 IPs

3 Countries

748 kBTransfer

761 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

free-windows.travelglory.us Open in urlscan Pro
2606:4700:3033::6815:5e7e Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

748 kB
Transfer

761 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions