secure.winred.com Open in urlscan Pro
2606:4700::6813:d359 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rncgive.com/r.wr?id=QMGLnQLV
Effective URL:
https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
Submission: On August 22 via manual (August 22nd 2023, 11:04:34 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2606:4700::6813:d359, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.winred.com. The Cisco Umbrella rank of the primary domain is 127774.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 21st 2023. Valid for: a year.

This is the only time secure.winred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	74.118.130.252 74.118.130.252	4886 (LIFECORPO...) (LIFECORPORATION)
12	2606:4700::68... 2606:4700::6813:d359	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	3

1 74.118.130.252 (United States) 1 redirects

ASN4886 (LIFECORPORATION, US)
PTR: host252.lifecorp.com

rncgive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6813:d359 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.winred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	winred.com secure.winred.com — Cisco Umbrella Rank: 127774	155 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6270	20 KB
1	rncgive.com 1 redirects rncgive.com	305 B
18	3

	Domain	Requested by
12	secure.winred.com	secure.winred.com
4	challenges.cloudflare.com	secure.winred.com challenges.cloudflare.com
1	rncgive.com	1 redirects
18	3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
secure.winred.com Cloudflare Inc ECC CA-3	`2023-02-21` - `2024-02-21`	a year	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
Frame ID: 0FCE6EB5174A14F2BFFBC23DFDD5DA2E
Requests: 18 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/zw8g7/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 61D2E6B5AB4AFFD36E076DCD7E54C57C
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/d765y/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: CCA14760E667822AAE98AC41452EA456
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://rncgive.com/r.wr?id=QMGLnQLV HTTP 302
https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359c... Page URL
https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359c... Page URL

Page Statistics

18
Requests

89 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

175 kB
Transfer

442 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=j
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rncgive.com/r.wr?id=QMGLnQLV HTTP 302
https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003 Page URL
https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://rncgive.com/r.wr?id=QMGLnQLV HTTP 302
https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003

18 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

db-t2d-cr-359e Show response
secure.winred.com/gophq/
Redirect Chain

https://rncgive.com/r.wr?id=QMGLnQLV
https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003

6 KB
5 KB

79ms
22ms

Document
text/html

2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

898dcb9045e4c8460d2e2df1e136b5c3d84cefe77e052a004aceaae7a566f9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7faec150c87d5c02-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 22 Aug 2023 23:04:29 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Content-Length: 0
Content-Type: text/html
Date: Tue, 22 Aug 2023 23:04:29 GMT
Location: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
Machine-Nam: web7
Server: Microsoft-IIS/10.0
X-Content-Type-Options1: nosniff

GET
H2 200 challenges.css
secure.winred.com/cdn-cgi/styles/ 6 KB
3 KB 13ms
12ms Stylesheet
text/css 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/styles/challenges.css

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 16:25:27 GMT
server: cloudflare
etag: W/"64e38ff7-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7faec15108a95c02-FRA
expires: Wed, 23 Aug 2023 01:04:29 GMT

GET
H3 200 v1 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 158 KB
54 KB 24ms
24ms Script
application/javascript 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7faec150c87d5c02

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e484634edf29885b74623358d456390f8193b00bde8fa97d4f60206dceec68bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003&__cf_chl_rt_tk=i4zpw9yD1zvoIAZj2uxm0nRACi5eYgP1sanpTYoWlrA-1692745469-0-gaNycGzNC5A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:04:29 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7faec1512aedbba1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/313d8a27/ 29 KB
10 KB 50ms
28ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7faec150c87d5c02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed

Request headers

Referer
Origin: https://secure.winred.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:04:29 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7faec151a8b69b5b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
secure.winred.com/ 6 KB
6 KB 22ms
22ms Image
text/html 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/favicon.ico

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4726ac470387d5f2f65118e8933194b5cd9822e2896dfbf0d56f8e2bbad2dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:04:29 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7faec1518b3ebba1-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK e7a77936-9e0f-42a7-a3b1-50491ac40c9a
https://secure.winred.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.winred.com/e7a77936-9e0f-42a7-a3b1-50491ac40c9a
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 f8432f7ccac0f56 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1644863502:1692742071:9PNoLTxWsb6XCiRW2z_XeI1E7LQrHq6uRwS8GijEfrI/7faec150c87d5c02/ 9 KB
7 KB 30ms
29ms XHR
text/plain 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1644863502:1692742071:9PNoLTxWsb6XCiRW2z_XeI1E7LQrHq6uRwS8GijEfrI/7faec150c87d5c02/f8432f7ccac0f56

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7faec150c87d5c02

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5ff62eb8501eb391751decd0a884410fba0fba6054afe961480bbf42c3be3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
CF-Challenge: f8432f7ccac0f56
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 22 Aug 2023 23:04:29 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 7faec1522bfbbba1-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: 9DCTWhxjUjumV+Sd/mDRG9APr1NDy++w867MDuP/Dn/noPeQTq9vvSqtNEQ/ZcbP$81NA4ov/AsGIW0SQ1351ZA==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/zw8g7/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 61D2 0
0 31ms
20ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/zw8g7/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7faec1529d0b085b-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 23:04:29 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 f8432f7ccac0f56 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1644863502:1692742071:9PNoLTxWsb6XCiRW2z_XeI1E7LQrHq6uRwS8GijEfrI/7faec150c87d5c02/ 2 KB
2 KB 32ms
32ms XHR
text/html 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1644863502:1692742071:9PNoLTxWsb6XCiRW2z_XeI1E7LQrHq6uRwS8GijEfrI/7faec150c87d5c02/f8432f7ccac0f56

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7faec150c87d5c02

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e6f75079546c9d0f25f7bdbfc5b46426be21690cda40e70a48ac6eabaa82ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
CF-Challenge: f8432f7ccac0f56
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: jx0f1TPQtzoHhziELY8sCjZkeorNfbyYt7/0ewVyxVoatC7a+C9dfqM2DchdEIuyqJbUZD8bR81IT8ASWEs5FRBw8S58NRhX7UYmzQo76FI=$J3LLQy7989786GrIMIxdBQ==
cf-chl-out-s: V7VdIToVMy6ML2uYI2L8N4hZlGXj6+PXBFnA+C2Gpw5Sz0J8VlZsjjyuH+D6lGh4B6MeWCgFWoOqsIMQ/qOmL2ZA2EiCzWS4VInOHHFXHcSWuZgxD4aFgrPNMWBy3O02$CoQD1ztoghjj/nSgOyRx/w==
date: Tue, 22 Aug 2023 23:04:30 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/html; charset=UTF-8
cf-ray: 7faec1540dcabba1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 Primary Request db-t2d-cr-359e Show response
secure.winred.com/gophq/ 6 KB
5 KB 21ms
21ms Document
text/html 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7faec150c87d5c02

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9baf2d250773bfa9af0314fb46c799d4ffc7a56db031af74c1a252c893fc18d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7faec16448ddbba1-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 22 Aug 2023 23:04:32 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H3 200 challenges.css
secure.winred.com/cdn-cgi/styles/ 6 KB
3 KB 13ms
13ms Stylesheet
text/css 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/styles/challenges.css

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2023 10:58:09 GMT
server: cloudflare
etag: W/"64ddfd41-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7faec164796cbba1-FRA
expires: Wed, 23 Aug 2023 01:04:32 GMT

GET
H3 200 v1 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 168 KB
58 KB 29ms
29ms Script
application/javascript 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7faec16448ddbba1

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7b7aab93b79d1d140f4ad33337fc3ffdb6439cfb6a43d4ddc0ce6abcdea0e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003&__cf_chl_rt_tk=ZCdqSJL3oicRRQaz2FqPZ0cwOG.2QiJmu2f77BT3UEQ-1692745472-0-gaNycGzNCtA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:04:32 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7faec16499c9bba1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/313d8a27/ 29 KB
10 KB 29ms
28ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7faec16448ddbba1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed

Request headers

Referer
Origin: https://secure.winred.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:04:32 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7faec164ea499b5b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
secure.winred.com/ 4 KB
4 KB 20ms
19ms Image
text/html 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.winred.com/favicon.ico

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e8dc5a2d99de16c3edf961e4333ed06e65a69f6045414f3e9c1990f4a5481a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 23:04:32 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7faec164ea3abba1-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK f312f1f8-01e1-4978-8e63-e5e71d7e94f5
https://secure.winred.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.winred.com/f312f1f8-01e1-4978-8e63-e5e71d7e94f5
Requested by: Host: secure.winred.com
URL: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 173a1b74028a793 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/310505100:1692741960:0LNDDSd0Vcxy7YVgS0NbVRrqW9UsvQjnO0R3DBa3Ugw/7faec16448ddbba1/ 9 KB
7 KB 32ms
31ms XHR
text/plain 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/310505100:1692741960:0LNDDSd0Vcxy7YVgS0NbVRrqW9UsvQjnO0R3DBa3Ugw/7faec16448ddbba1/173a1b74028a793

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7faec16448ddbba1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72d934ce25fd3401d8139bf778fd530fccb50e12f2aa3da4803111f7a0a6b663

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
CF-Challenge: 173a1b74028a793
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 22 Aug 2023 23:04:32 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 7faec1659b1ebba1-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: +hd15Adi+2xDeTJqxhlkHyEo5N+qhEQWV58+8ulGQw9r2Hoof9qoji2DDso4s+hx$Su18XmGVpn0y4CvSvzjckQ==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/d765y/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame CCA1 0
0 20ms
20ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/d765y/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7faec165ec73085b-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 23:04:32 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 173a1b74028a793 Show response
secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/310505100:1692741960:0LNDDSd0Vcxy7YVgS0NbVRrqW9UsvQjnO0R3DBa3Ugw/7faec16448ddbba1/ 2 KB
2 KB 29ms
29ms XHR
text/html 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/310505100:1692741960:0LNDDSd0Vcxy7YVgS0NbVRrqW9UsvQjnO0R3DBa3Ugw/7faec16448ddbba1/173a1b74028a793

Requested by

Host: secure.winred.com
URL: https://secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7faec16448ddbba1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8829bae2e837c8e0b195fb1e0aedb24630a801c8bc6fdb2ba289ffc83768652

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
CF-Challenge: 173a1b74028a793
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: DYbkOEJFLYQedg1sCRaG9mWAwPqyEGuQK6hx8ecnWP3hj5/nLgLy84AW69T63TaweJMiTRFC4awf2wvaIxu61tasGg5WdX2mSurcM99u91U=$Xb14aFV4+F3hjIunRyAYwQ==
cf-chl-out-s: bCVUCyh21cFVrRj8RI1vuDDB34vX274+YS9D/bHXgvBACKLkTSieZKVdSL7JXW6uaRw2bMzKyWOEC/tfLvi9wGpqZj1CoAELZJwgEqnFic1kl77gExazXosQAE7I1RUD7iCTeIg3IeD1jHT29zlFfwfRtzk5e2eOpYobppgD0j65mABI+BGPh8A2OOew10qAgm1ZVMqZjw36MpPaohm6+A==$w4PIt5JecVTTHiQdM9CdLQ==
date: Tue, 22 Aug 2023 23:04:33 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/html; charset=UTF-8
cf-ray: 7faec1675d45bba1-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.secure.winred.com/	1970-01-20 14:12:27	Name: __cf_bm Value: MmNqpE34k4k0M.jDBlrNa9z.dk7WUcI9nj4WrpA.8Sk-1692745469-0-AWlj2mNemd3eKWDVtcJCRdFpyfcReagx/Qg/hIObmf651EFy49/YsybC7wr0GSsdE5Rn3kL7VmrsDM2IcDfCoVA=
secure.winred.com/	1970-01-20 14:12:29	Name: cf_chl_rc_ni Value: 1
secure.winred.com/	1970-01-20 14:12:29	Name: cf_chl_2 Value: 173a1b74028a793

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://secure.winred.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://secure.winred.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
rncgive.com
secure.winred.com
2606:4700::6811:3b8
2606:4700::6813:d359
74.118.130.252
1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
5e8dc5a2d99de16c3edf961e4333ed06e65a69f6045414f3e9c1990f4a5481a4
72d934ce25fd3401d8139bf778fd530fccb50e12f2aa3da4803111f7a0a6b663
87e6f75079546c9d0f25f7bdbfc5b46426be21690cda40e70a48ac6eabaa82ef
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
898dcb9045e4c8460d2e2df1e136b5c3d84cefe77e052a004aceaae7a566f9bf
9baf2d250773bfa9af0314fb46c799d4ffc7a56db031af74c1a252c893fc18d6
b7b7aab93b79d1d140f4ad33337fc3ffdb6439cfb6a43d4ddc0ce6abcdea0e49
b8829bae2e837c8e0b195fb1e0aedb24630a801c8bc6fdb2ba289ffc83768652
e484634edf29885b74623358d456390f8193b00bde8fa97d4f60206dceec68bc
e5ff62eb8501eb391751decd0a884410fba0fba6054afe961480bbf42c3be3ff
f4726ac470387d5f2f65118e8933194b5cd9822e2896dfbf0d56f8e2bbad2dea
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

secure.winred.com Open in urlscan Pro 2606:4700::6813:d359 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

89 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

175 kBTransfer

442 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

3 Cookies

6 Console Messages

Security Headers

Indicators

secure.winred.com Open in urlscan Pro
2606:4700::6813:d359 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

89 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

175 kB
Transfer

442 kB
Size

3
Cookies

18 HTTP transactions
2 data transactions