![](/screenshots/495b1a1f-a9c7-477b-a677-9da7177809be.png)
secure.winred.com
Open in
urlscan Pro
2606:4700::6813:d359
Public Scan
Effective URL: https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
Submission: On August 22 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 21st 2023. Valid for: a year.
This is the only time secure.winred.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 74.118.130.252 74.118.130.252 | 4886 (LIFECORPO...) (LIFECORPORATION) | |
12 | 2606:4700::68... 2606:4700::6813:d359 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700::68... 2606:4700::6811:3b8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 3 |
ASN4886 (LIFECORPORATION, US)
PTR: host252.lifecorp.com
rncgive.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
winred.com
secure.winred.com — Cisco Umbrella Rank: 127774 |
155 KB |
4 |
cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6270 |
20 KB |
1 |
rncgive.com
1 redirects
rncgive.com |
305 B |
18 | 3 |
Domain | Requested by | |
---|---|---|
12 | secure.winred.com |
secure.winred.com
|
4 | challenges.cloudflare.com |
secure.winred.com
challenges.cloudflare.com |
1 | rncgive.com | 1 redirects |
18 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cloudflare.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
secure.winred.com Cloudflare Inc ECC CA-3 |
2023-02-21 - 2024-02-21 |
a year | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2023-08-18 - 2024-08-17 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
Frame ID: 0FCE6EB5174A14F2BFFBC23DFDD5DA2E
Requests: 18 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/zw8g7/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 61D2E6B5AB4AFFD36E076DCD7E54C57C
Requests: 1 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/d765y/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: CCA14760E667822AAE98AC41452EA456
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/495b1a1f-a9c7-477b-a677-9da7177809be.png)
Page Title
Just a moment...Page URL History Show full URLs
-
https://rncgive.com/r.wr?id=QMGLnQLV
HTTP 302
https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359c... Page URL
- https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359c... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Cloudflare
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://rncgive.com/r.wr?id=QMGLnQLV
HTTP 302
https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003 Page URL
- https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://rncgive.com/r.wr?id=QMGLnQLV HTTP 302
- https://secure.winred.com/gophq/db-t2d-cr-359e?utm_term=db-rnc-cr359cpad-003&source_code=db-rnc-cr359cpad-003
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
db-t2d-cr-359e
secure.winred.com/gophq/ Redirect Chain
|
6 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
challenges.css
secure.winred.com/cdn-cgi/styles/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ |
158 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/g/313d8a27/ |
29 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
secure.winred.com/ |
6 KB 6 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
586 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
e7a77936-9e0f-42a7-a3b1-50491ac40c9a
https://secure.winred.com/ |
13 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
f8432f7ccac0f56
secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1644863502:1692742071:9PNoLTxWsb6XCiRW2z_XeI1E7LQrHq6uRwS8GijEfrI/7faec150c87d5c02/ |
9 KB 7 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/zw8g7/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 61D2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
f8432f7ccac0f56
secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1644863502:1692742071:9PNoLTxWsb6XCiRW2z_XeI1E7LQrHq6uRwS8GijEfrI/7faec150c87d5c02/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
db-t2d-cr-359e
secure.winred.com/gophq/ |
6 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
challenges.css
secure.winred.com/cdn-cgi/styles/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
secure.winred.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ |
168 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/g/313d8a27/ |
29 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
secure.winred.com/ |
4 KB 4 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
586 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f312f1f8-01e1-4978-8e63-e5e71d7e94f5
https://secure.winred.com/ |
13 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
173a1b74028a793
secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/310505100:1692741960:0LNDDSd0Vcxy7YVgS0NbVRrqW9UsvQjnO0R3DBa3Ugw/7faec16448ddbba1/ |
9 KB 7 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/d765y/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame CCA1 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
173a1b74028a793
secure.winred.com/cdn-cgi/challenge-platform/h/g/flow/ov1/310505100:1692741960:0LNDDSd0Vcxy7YVgS0NbVRrqW9UsvQjnO0R3DBa3Ugw/7faec16448ddbba1/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| _cf_chl_opt function| TwZwupsVWD function| QlFv6 function| URXdVe4 boolean| KdU6 function| vQGSCb7 function| ICY6 function| ozlfeI1 function| aw3 object| Rkiqk9 object| YSIJaU7 object| turnstile boolean| HVYp3 string| qja63 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.secure.winred.com/ | Name: __cf_bm Value: MmNqpE34k4k0M.jDBlrNa9z.dk7WUcI9nj4WrpA.8Sk-1692745469-0-AWlj2mNemd3eKWDVtcJCRdFpyfcReagx/Qg/hIObmf651EFy49/YsybC7wr0GSsdE5Rn3kL7VmrsDM2IcDfCoVA= |
|
secure.winred.com/ | Name: cf_chl_rc_ni Value: 1 |
|
secure.winred.com/ | Name: cf_chl_2 Value: 173a1b74028a793 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=0; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
challenges.cloudflare.com
rncgive.com
secure.winred.com
2606:4700::6811:3b8
2606:4700::6813:d359
74.118.130.252
1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
5e8dc5a2d99de16c3edf961e4333ed06e65a69f6045414f3e9c1990f4a5481a4
72d934ce25fd3401d8139bf778fd530fccb50e12f2aa3da4803111f7a0a6b663
87e6f75079546c9d0f25f7bdbfc5b46426be21690cda40e70a48ac6eabaa82ef
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
898dcb9045e4c8460d2e2df1e136b5c3d84cefe77e052a004aceaae7a566f9bf
9baf2d250773bfa9af0314fb46c799d4ffc7a56db031af74c1a252c893fc18d6
b7b7aab93b79d1d140f4ad33337fc3ffdb6439cfb6a43d4ddc0ce6abcdea0e49
b8829bae2e837c8e0b195fb1e0aedb24630a801c8bc6fdb2ba289ffc83768652
e484634edf29885b74623358d456390f8193b00bde8fa97d4f60206dceec68bc
e5ff62eb8501eb391751decd0a884410fba0fba6054afe961480bbf42c3be3ff
f4726ac470387d5f2f65118e8933194b5cd9822e2896dfbf0d56f8e2bbad2dea
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa