trywintr.com Open in urlscan Pro
207.142.22.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dljsfhgjbuvezr.s3.eu-west-2.amazonaws.com/dljsfhgjbuvezr.html#c14789smNkd850270lOyf180VHu76850RccZ750
Effective URL:
https://trywintr.com/0/0/0/894c9bd693e3448c4ba5ecf0ea9c0685/10/750-14789/850270-180-76850
Submission: On May 29 via manual (May 29th 2023, 7:09:03 am UTC) from GB — Scanned from GB

Summary HTTP 4 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 207.142.22.234, located in United States and belongs to WEBHOST-ASN1, US. The main domain is trywintr.com.
TLS certificate: Issued by R3 on April 14th 2023. Valid for: 3 months.

This is the only time trywintr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.95.148.186 52.95.148.186	16509 (AMAZON-02) (AMAZON-02)
1 2	104.223.0.123 104.223.0.123	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
1	207.142.22.234 207.142.22.234	27229 (WEBHOST-ASN1) (WEBHOST-ASN1)
4	4

1 52.95.148.186 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-west-2.amazonaws.com

dljsfhgjbuvezr.s3.eu-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.223.0.123 (Los Angeles, United States) 1 redirects

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 104.223.0.123.static.greencloudvps.com

katina.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.142.22.234 (United States)

ASN27229 (WEBHOST-ASN1, US)

trywintr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	katina.online 1 redirects katina.online	581 B
1	trywintr.com trywintr.com	402 B
1	amazonaws.com dljsfhgjbuvezr.s3.eu-west-2.amazonaws.com	557 B
0	Failed function sub() { [native code] }. Failed
4	4

	Domain	Requested by
2	katina.online	1 redirects dljsfhgjbuvezr.s3.eu-west-2.amazonaws.com
1	trywintr.com	katina.online
1	dljsfhgjbuvezr.s3.eu-west-2.amazonaws.com
0	127.0.0.1 Failed	trywintr.com
4	4

This site contains no links.

Subject Issuer	Validity	Valid
*.s3.eu-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-01-08`	9 months	crt.sh
trywintr.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh

This page contains 1 frames:

Frame: http://127.0.0.1/
Frame ID: E5A625EB094614D7F3C6B3CCD19EC83C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://dljsfhgjbuvezr.s3.eu-west-2.amazonaws.com/dljsfhgjbuvezr.html Page URL
http://katina.online/rd/c14789smNkd850270lOyf180VHu76850RccZ750 Page URL
http://katina.online/track/c14789smNkd850270lOyf180VHu76850RccZ750 HTTP 302
https://trywintr.com/0/0/0/894c9bd693e3448c4ba5ecf0ea9c0685/10/750-14789/850270-180-76850 Page URL

Page Statistics

4
Requests

50 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1 kB
Transfer

1 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dljsfhgjbuvezr.s3.eu-west-2.amazonaws.com/dljsfhgjbuvezr.html Page URL
http://katina.online/rd/c14789smNkd850270lOyf180VHu76850RccZ750 Page URL
http://katina.online/track/c14789smNkd850270lOyf180VHu76850RccZ750 HTTP 302
https://trywintr.com/0/0/0/894c9bd693e3448c4ba5ecf0ea9c0685/10/750-14789/850270-180-76850 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://h0zi.presentlinks.com/?kw=31&s2=993609734 HTTP 301
http://127.0.0.1/

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	dljsfhgjbuvezr.html dljsfhgjbuvezr.s3.eu-west-2.amazonaws.com/	163 B 557 B	135ms 56ms	Document text/html	52.95.148.186 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dljsfhgjbuvezr.s3.eu-west-2.amazonaws.com/dljsfhgjbuvezr.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.148.186 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.eu-west-2.amazonaws.com Software AmazonS3 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Accept-Ranges bytes Content-Length 163 Content-Type text/html Date Mon, 29 May 2023 07:08:24 GMT ETag "29c9706af31c8efac6bc03cb9cbbad21" Last-Modified Sun, 28 May 2023 15:40:23 GMT Server AmazonS3 x-amz-id-2 IKUWPBWnHwAWBmASIGzhry6igE9/DO7MFMW4SsZkuHaFsoOW3W65rAz9NDboCwFNpTqC+z8R95I= x-amz-request-id 9FJNPMV8C0TTEDC8 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	c14789smNkd850270lOyf180VHu76850RccZ750 katina.online/rd/	243 B 360 B	353ms 170ms	Document text/html	104.223.0.123 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL http://katina.online/rd/c14789smNkd850270lOyf180VHu76850RccZ750 Requested by Host: dljsfhgjbuvezr.s3.eu-west-2.amazonaws.com URL: https://dljsfhgjbuvezr.s3.eu-west-2.amazonaws.com/dljsfhgjbuvezr.html Protocol HTTP/1.1 Server 104.223.0.123 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 104.223.0.123.static.greencloudvps.com Software / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Content-Length 243 Content-Type text/html; charset=utf-8 Date Mon, 29 May 2023 07:08:24 GMT
GET H/1.1	200 OK	Primary Request 850270-180-76850 trywintr.com/0/0/0/894c9bd693e3448c4ba5ecf0ea9c0685/10/750-14789/ Redirect Chain http://katina.online/track/c14789smNkd850270lOyf180VHu76850RccZ750 https://trywintr.com/0/0/0/894c9bd693e3448c4ba5ecf0ea9c0685/10/750-14789/850270-180-76850	112 B 402 B	798ms 340ms	Document text/html	207.142.22.234 WEBHOST-ASN1
General Check archive.org Show headers Download Go to Full URL https://trywintr.com/0/0/0/894c9bd693e3448c4ba5ecf0ea9c0685/10/750-14789/850270-180-76850 Requested by Host: katina.online URL: http://katina.online/rd/c14789smNkd850270lOyf180VHu76850RccZ750 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.142.22.234 , United States, ASN27229 (WEBHOST-ASN1, US), Reverse DNS Software Apache / Resource Hash Request headers Referer http://katina.online/rd/c14789smNkd850270lOyf180VHu76850RccZ750 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-length 112 content-type text/html; charset=UTF-8 date Mon, 29 May 2023 07:08:25 GMT server Apache Redirect headers Content-Length 112 Content-Type text/html; charset=utf-8 Date Mon, 29 May 2023 07:08:24 GMT Location https://trywintr.com/0/0/0/894c9bd693e3448c4ba5ecf0ea9c0685/10/750-14789/850270-180-76850
GET		/ 127.0.0.1/ Redirect Chain https://h0zi.presentlinks.com/?kw=31&s2=993609734 http://127.0.0.1/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 127.0.0.1
URL: http://127.0.0.1/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			trywintr.com/	1970-01-20 12:52:16	Name: uid31 Value: 993609734-20230529030825-d90c1bfe3d46e17f6a3294cc4185d6dc-

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

127.0.0.1
dljsfhgjbuvezr.s3.eu-west-2.amazonaws.com
katina.online
trywintr.com
127.0.0.1
104.223.0.123
207.142.22.234
52.95.148.186

trywintr.com Open in urlscan Pro 207.142.22.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

4 Requests

50 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

1 kBTransfer

1 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

trywintr.com Open in urlscan Pro
207.142.22.234 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

50 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1 kB
Transfer

1 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions