www.freevpn.win
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Effective URL: https://www.freevpn.win/lps/gbox-lp/index.html?cid=346527735&kw=
Submission: On May 27 via api from US — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on May 10th 2023. Valid for: 3 months.
This is the only time www.freevpn.win was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 18.195.123.247 18.195.123.247 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com
track.xdisctracking.pw |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
freevpn.win
www.freevpn.win |
132 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199 |
81 KB |
2 |
xdisctracking.pw
1 redirects
ssl.xdisctracking.pw track.xdisctracking.pw — Cisco Umbrella Rank: 585554 |
1 KB |
14 | 3 |
Domain | Requested by | |
---|---|---|
11 | www.freevpn.win |
www.freevpn.win
|
2 | cdnjs.cloudflare.com |
www.freevpn.win
|
1 | track.xdisctracking.pw |
www.freevpn.win
|
1 | ssl.xdisctracking.pw | 1 redirects |
14 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
freevpn.win GTS CA 1P5 |
2023-05-10 - 2023-08-08 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
track.xdisctracking.pw R3 |
2023-05-16 - 2023-08-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.freevpn.win/lps/gbox-lp/index.html?cid=346527735&kw=
Frame ID: 3B876E50C8468206571494484A1582A4
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
FreeVPN: High Speed, Anonymous & 100% Free VPN Service for Microsoft WindowsPage URL History Show full URLs
-
https://ssl.xdisctracking.pw/tracking202/redirect/rtr.php?t202id=54574
HTTP 302
https://www.freevpn.win/lps/gbox-lp/index.html?cid=346527735&kw= Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ssl.xdisctracking.pw/tracking202/redirect/rtr.php?t202id=54574
HTTP 302
https://www.freevpn.win/lps/gbox-lp/index.html?cid=346527735&kw= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
www.freevpn.win/lps/gbox-lp/ Redirect Chain
|
48 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lpbox.css
www.freevpn.win/lps/gbox-lp/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assist.css
www.freevpn.win/lps/assist/ |
1 KB 720 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-72x72.png
www.freevpn.win/lps/gbox-lp/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
www.freevpn.win/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/ |
94 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.2/ |
223 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dlcommon.js
www.freevpn.win/lps/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top.png
www.freevpn.win/lps/gbox-lp/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mid.png
www.freevpn.win/lps/gbox-lp/ |
989 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
511 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bottom.png
www.freevpn.win/lps/gbox-lp/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helveticaneueltstd-roman_0-webfont.woff
www.freevpn.win/lps/gbox-lp/fonts/ |
26 KB 26 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c2fba174-cc0f-4859-8aa6-3248657b2b9e
track.xdisctracking.pw/impression/ |
0 552 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lp-download-chrome.png
www.freevpn.win/lps/assist/ |
74 KB 74 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| DP_jQuery_1685177007818 function| getURLParameter object| voluumimp boolean| dlclicked string| kmg_unique_id string| did string| cid object| subid object| kw boolean| allowexit boolean| mustaccoffer boolean| showofferbox string| appurl function| overlayclick function| offerext function| assist function| getCookie string| OSVer string| hostbrowser boolean| allinst boolean| conversion1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.track.xdisctracking.pw/ | Name: c2fba174-cc0f-4859-8aa6-3248657b2b9e-osz-v4 Value: JzX-M6o9yJNwYVjcr1FNX11f14lIJipLtfXwHJykrPDVmABBDj6t_yFf9rAUVsPlDQyvFe3cBYcjDTtZHQx3ZxbW8OfrOgmR7HMYy6zxYvqtf98-3ucYSNeSgh047YrXKlqIPpKcyGKHRiOh5PFlwjV6YTmNlE5eLw0fUPa_TPuiMwNCZwTslvwqEiJe1U03aSXtzAwMLzTseLwAKL8YVOKOXhLIis2JCVE1x6AHj2PJQnBd7fptflmvdFktUNBR4WHLPtshe99SrAN_aYbMqrAMbRjdTSYe7m2CyU08i-0EBG6IMYVLg9v-RAMWfTUIwLVT1p4tchXkX1TKjmyDMI1DhVrb71cwGR3z7lOzpQz_kMG0ystK8EvvdidwMPM5UGlwWsCIy0jOW2d8Pq5Vzg |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
ssl.xdisctracking.pw
track.xdisctracking.pw
www.freevpn.win
104.17.25.14
18.195.123.247
188.114.97.3
2a06:98c1:3120::3
0391a304ce9a511386b6c3bf707976fbe68dbfdae6367530a8579e5e6d0e47de
1fefb4d154ba8e0b2c39282f3a3c9300f950a041d6cda2f4d4499fd024909257
234bd8b18f55bdf1d8b3198f9ef367edf429cad77e912c8b79a0313b4e7c1152
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
34cf0f5306686e68ccc207aa3bbaa8599bcb060a0b6a56d54696c9679fecdd0c
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
806245b4b031e3c3af6f97121e07a21cf7d049b4c5bb35427c58694330fb9a7c
821dc4571258cf0350a10c17adef38d6c9f336ca239b5c37735e7006d38af984
97d16aa22a918c810fd08b07394a11a085f1a4b7b3d70bb20d73fb4cf3f49803
a03d43d74c7bb9a69c918cd567d1fd86a06ca0f9b8387b95cfda365cc74708a2
b8c059c463865c5dbf0922616905c2a82ca79f12eb2f957d352ac99186d82503
c8550425a044bdb170eaec1154be80bbb9a8961a9b2aecc01d2063778411c50a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f69fa8c500be9d25de4c1e7862dd6d937452e8968f1f3c344e8cc8898149c1
e6412d80712cc4354baed2c964c262cbcfb77dbf325b2ce0b421a77078bc0c0e