winter-leak.com - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2400:cb00:2048:1::681c:987, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is winter-leak.com.

This is the only time winter-leak.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2400:cb00:204... 2400:cb00:2048:1::681c:987	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
3	2400:cb00:204... 2400:cb00:2048:1::681c:887	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	204.4.13.234 204.4.13.234	6111 (FHIS) (FHIS - Florida Hospital)
7	3

3 2400:cb00:2048:1::681c:987 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

winter-leak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:cb00:2048:1::681c:887 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

winter-leak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.4.13.234 (Orlando, United States)

ASN6111 (FHIS - Florida Hospital, US)

centracare.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	winter-leak.com winter-leak.com	66 KB
1	centracare.org centracare.org	940 B
7	2

	Domain	Requested by
6	winter-leak.com	winter-leak.com
1	centracare.org	winter-leak.com
7	2

This site contains links to these domains. Also see Links.

Domain
winter-leak.com
twitter.com

Subject Issuer	Validity	Valid
*.centracare.org AffirmTrust Certificate Authority - OV1	`2017-07-13` - `2019-07-14`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://winter-leak.com/
Frame ID: 8704.1
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

7
Requests

14 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

67 kB
Transfer

275 kB
Size

2
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://winter-leak.com:8080/1/GOT%20S7.rar
Title: Download

Search URL Search Domain Scan URL

URL: http://winter-leak.com:8080/1/Ballers%20S3.rar
Title: Download

Search URL Search Domain Scan URL

URL: http://winter-leak.com:8080/1/barry%20S1.rar
Title: Download

Search URL Search Domain Scan URL

URL: http://winter-leak.com:8080/1/Room%20104.rar
Title: Download

Search URL Search Domain Scan URL

URL: http://winter-leak.com:8080/1/Insecure%20S2.rar
Title: Download

Search URL Search Domain Scan URL

URL: https://twitter.com/Jeff_Cusson

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response winter-leak.com/	5 KB 1 KB	87ms 54ms	Document text/html	2400:cb00:2048:1::681c:987 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://winter-leak.com/ Protocol HTTP/1.1 Server 2400:cb00:2048:1::681c:987 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / PHP/5.6.31 Resource Hash `997b094edec1a23b28925d05630d01565a60d502b49f16bad6c2b9f91291eeef` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Pragma no-cache Date Mon, 31 Jul 2017 11:42:12 GMT Content-Encoding gzip Server cloudflare-nginx X-Powered-By PHP/5.6.31 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive CF-RAY 38704afd13ac6451-FRA Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	bootstrap.min.css winter-leak.com/assets/css/	136 KB 19 KB	63ms 63ms	Stylesheet text/css	2400:cb00:2048:1::681c:987 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://winter-leak.com/assets/css/bootstrap.min.css Requested by Host: winter-leak.com URL: http://winter-leak.com/ Protocol HTTP/1.1 Server 2400:cb00:2048:1::681c:987 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash `e37ee387656bca9efbcc0b8317773ecb27ddd20df9344241d6a69a89d938d807` Request headers Referer http://winter-leak.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 31 Jul 2017 11:42:12 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED Last-Modified Sun, 23 Jul 2017 17:34:08 GMT Server cloudflare-nginx ETag W/"21f35-554ff816f2380" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 38704afd73d96451-FRA Expires Mon, 31 Jul 2017 15:42:12 GMT
GET H/1.1	200 OK	style.css winter-leak.com/	179 B 168 B	186ms 181ms	Stylesheet text/css	2400:cb00:2048:1::681c:887 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://winter-leak.com/style.css Requested by Host: winter-leak.com URL: http://winter-leak.com/ Protocol HTTP/1.1 Server 2400:cb00:2048:1::681c:887 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash `2be807ec3df411efa50c22741424b75bea39e7742b585ac7e25d21f961a2fabd` Request headers Referer http://winter-leak.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 31 Jul 2017 11:42:12 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED Last-Modified Tue, 12 Jul 2016 03:24:14 GMT Server cloudflare-nginx ETag W/"b3-53767cd99d1a2" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 38704afd83db64cf-FRA Expires Mon, 31 Jul 2017 15:42:12 GMT
GET H/1.1	200 OK	jquery-1.11.3-jquery.min.js Show response winter-leak.com/assets/	94 KB 33 KB	61ms 55ms	Script application/javascript	2400:cb00:2048:1::681c:887 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://winter-leak.com/assets/jquery-1.11.3-jquery.min.js Requested by Host: winter-leak.com URL: http://winter-leak.com/ Protocol HTTP/1.1 Server 2400:cb00:2048:1::681c:887 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash `4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523` Request headers Referer http://winter-leak.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 31 Jul 2017 11:42:12 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED Last-Modified Mon, 15 Jun 2015 10:01:04 GMT Server cloudflare-nginx ETag W/"176fd-5188b892831ea" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 38704afd8722279e-FRA Expires Mon, 31 Jul 2017 15:42:12 GMT
GET H/1.1	200 OK	bootstrap.min.js Show response winter-leak.com/assets/js/	36 KB 10 KB	56ms 50ms	Script application/javascript	2400:cb00:2048:1::681c:887 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://winter-leak.com/assets/js/bootstrap.min.js Requested by Host: winter-leak.com URL: http://winter-leak.com/ Protocol HTTP/1.1 Server 2400:cb00:2048:1::681c:887 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash `2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a` Request headers Referer http://winter-leak.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 31 Jul 2017 11:42:12 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED Last-Modified Tue, 24 Nov 2015 14:04:22 GMT Server cloudflare-nginx ETag W/"9004-52549d18be580" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 38704afd82e615b9-FRA Expires Mon, 31 Jul 2017 15:42:12 GMT
GET H/1.1	200 OK	21.png winter-leak.com/	4 KB 4 KB	11ms 11ms	Image image/png	2400:cb00:2048:1::681c:987 CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL http://winter-leak.com/21.png Requested by Host: winter-leak.com URL: http://winter-leak.com/ Protocol HTTP/1.1 Server 2400:cb00:2048:1::681c:987 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash `c8a0bd97181b5bdf2aad12dce78a105568de180c4e5b4921762a4eafcc95eca4` Request headers Referer http://winter-leak.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 31 Jul 2017 11:42:12 GMT CF-Cache-Status HIT Last-Modified Sun, 30 Jul 2017 17:36:32 GMT Server cloudflare-nginx ETag "f78-5558c5aebbe07" Vary Accept-Encoding Content-Type image/png Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 38704afde4296451-FRA Content-Length 3960 Expires Mon, 31 Jul 2017 15:42:12 GMT
GET H/1.1	200 OK	new-twitter-icon-40x40.png centracare.org/pediatrics/wp-content/uploads/2014/03/	940 B 940 B	676ms 133ms	Image image/png	204.4.13.234 Florida Hospital
General Check archive.org Show headers Download Go to Show image Full URL https://centracare.org/pediatrics/wp-content/uploads/2014/03/new-twitter-icon-40x40.png Requested by Host: winter-leak.com URL: http://winter-leak.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.4.13.234 Orlando, United States, ASN6111 (FHIS - Florida Hospital, US), Reverse DNS Software Apache / Resource Hash `29981b6341d75fb868d64c004a2dfe3e26877767718771e642ce871957f90abd` Request headers Referer http://winter-leak.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 31 Jul 2017 11:42:12 GMT Last-Modified Thu, 30 Mar 2017 15:52:02 GMT Server Apache ETag "9907-3ac-54bf4ac86bc70" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 940

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			winter-leak.com/	1970-01-01 00:00:00	Name: PHPSESSID Value: 9rpta57092tvbs1rtai4i83mp7
			.winter-leak.com/	2018-07-31 11:42:12	Name: __cfduid Value: dc2122590920a071c024f3e4210e547fc1501501332

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

centracare.org
winter-leak.com
204.4.13.234
2400:cb00:2048:1::681c:887
2400:cb00:2048:1::681c:987
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
29981b6341d75fb868d64c004a2dfe3e26877767718771e642ce871957f90abd
2be807ec3df411efa50c22741424b75bea39e7742b585ac7e25d21f961a2fabd
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
997b094edec1a23b28925d05630d01565a60d502b49f16bad6c2b9f91291eeef
c8a0bd97181b5bdf2aad12dce78a105568de180c4e5b4921762a4eafcc95eca4
e37ee387656bca9efbcc0b8317773ecb27ddd20df9344241d6a69a89d938d807

winter-leak.com Open in urlscan Pro 2400:cb00:2048:1::681c:987 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

7 Requests

14 %HTTPS

67 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

67 kBTransfer

275 kBSize

2 Cookies

6 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

winter-leak.com Open in urlscan Pro
2400:cb00:2048:1::681c:987 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

14 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

67 kB
Transfer

275 kB
Size

2
Cookies

7 HTTP transactions
0 data transactions