urlscan.io logo urlscan.io
SecurityTrails logo

one.winshould.link Open in urlscan Pro
2606:4700:3034::6815:1d79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://one.winshould.link/
Effective URL: https://one.winshould.link/
Submission Tags: @phish_report
Submission: On February 26 via api from FI — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3034::6815:1d79, located in United States and belongs to CLOUDFLARENET, US. The main domain is one.winshould.link.
TLS certificate: Issued by GTS CA 1P5 on February 9th 2024. Valid for: 3 months.
This is the only time one.winshould.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 9 2606:4700:303... 13335 (CLOUDFLAR...)
2 2409:8c20:8ab... 56046 (CMNET-JIA...)
2 2404:2280:1e2... 24429 (TAOBAO Zh...)
10 3
Apex Domain
Subdomains		 Transfer
9 winshould.link
one.winshould.link
17 KB
4 bytecdntp.com
lf6-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 239095
lf3-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 193638
86 KB
10 2
Domain Requested by
9 one.winshould.link 3 redirects one.winshould.link
2 lf3-cdn-tos.bytecdntp.com one.winshould.link
2 lf6-cdn-tos.bytecdntp.com one.winshould.link
10 3

This site contains links to these domains. Also see Links.

Domain
xyun.cloud
Subject Issuer Validity Valid
winshould.link
GTS CA 1P5		 2024-02-09 -
2024-05-09		 3 months crt.sh
*.bytecdntp.com
RapidSSL TLS RSA CA G1		 2023-06-30 -
2024-06-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://one.winshould.link/
Frame ID: 04AFC99926133C526C1B273CC13D9FEB
Requests: 6 HTTP requests in this frame

Frame: https://one.winshould.link/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Frame ID: FA29DBF0608A29F70070F6E657A67BAB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

200 OK

Page URL History Show full URLs

  1. http://one.winshould.link/ HTTP 301
    https://one.winshould.link/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

80 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

101 kB
Transfer

428 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://one.winshould.link/ HTTP 301
    https://one.winshould.link/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://one.winshould.link/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://one.winshould.link/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Request Chain 7
  • https://one.winshould.link/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://one.winshould.link/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
one.winshould.link/
Redirect Chain
  • http://one.winshould.link/
  • https://one.winshould.link/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://one.winshould.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26fafff1c5bfbc1ae6680180ba7a03e3c649e2373d05a5f76cf4ef4814a133a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85b9f3f449c91c5d-AKL
content-encoding
br
content-type
text/html
date
Mon, 26 Feb 2024 17:36:54 GMT
last-modified
Sat, 25 Mar 2023 05:06:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kysHail1QkII76E4NUZpwXpIDD9G4gV5DO5fl3qhzctCTFwXFU9VD3tEuzVIG2ZsbwIwrocL0lXObMPKfCXLnoxpJj1k7U6QYGuURxBiiJwcL%2BxTBesngbB1%2BoFf9jq13pWtm9BjzsTRXJ6o2DdvVA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-cache
HIT from vhs-us-02

Redirect headers

CF-RAY
85b9f3f38a3a50aa-AKL
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 26 Feb 2024 17:36:54 GMT
Expires
Mon, 26 Feb 2024 18:36:54 GMT
Location
https://one.winshould.link/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACIIYdcAd0sAqM1ncm%2FdOjqzg66sjW0puoyV45phEBb0B8jkuyI2h9cpGd2ZbNzD%2B0vomPqPUlZRMeE%2BekcdGysDS1%2FNICnqsMhsYgEfrXp6FQT3EGwHl7Jq8ZLZAUPiESh8Hbqee7tFC2JwYT%2FCxPY%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap/4.6.0/css/ 		158 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap/4.6.0/css/bootstrap.min.css
Requested by
Host: one.winshould.link
URL: https://one.winshould.link/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c20:8ab1:22:1::f4 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
TLB /
Resource Hash
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.winshould.link/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 14 Feb 2024 09:40:49 GMT
content-encoding
gzip
x-tt-trace-tag
id=06;cdn-cache=hit;type=static
x-tt-trace-id
00-231116171741E264B8BDB86A6B8D9DB4-226CC43E09CAC135-00
age
1065368
x-link-via
yanccm31:443;huzmp01:443;
x-cache-status
HIT from KS-CLOUD-HUZ-MP-01-09, HIT from KS-CLOUD-YANC-CM-31-21
server-timing
inner; dur=20
content-length
24105
last-modified
Sat, 22 Jan 2022 16:39:11 GMT
server
TLB
x-tt-logid
20231116171741E264B8BDB86A6B8D9DB4
etag
W/"61ec332f-27681"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
011ee10dca69400aacd858c54a458aba61d3d5ff0c3dc30e5c0d830a711a03f7aa024505d49da36f96859fa370b5618333692278abf59f3c1a5200f232252ba78ac9dd5fe7356da0bc3078f21e73ca8ac1e0c20efbdac924afc944f271dce70d1e
x-response-cinfo
2404:f780:5:def::c2e
accept-ranges
bytes
x-response-cache
edge_hit
timing-allow-origin
*
x-cdn-request-id
71d922ae363328d99a65d14420cf6fa3
expires
Fri, 15 Mar 2024 09:40:49 GMT
rocket-loader.min.js
one.winshould.link/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.winshould.link/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: one.winshould.link
URL: https://one.winshould.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.winshould.link/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Feb 2024 17:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Feb 2024 15:59:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65d4cc77-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F08YTEPbZbXOIZqQrocccpMaZYo4EHfgwVIbqfrju8Z74OU6Qzm%2F53gzsxTuSXVDNwHlQBrRQuVBbebXOS3yD1mClD8poqb8kFjhYvywthAMKJrTrnUE5IzIfsKczYe8Mk2SnHkGXpKQP2jkotoX9GM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
85b9f3f7bd4b1c5d-AKL
expires
Wed, 28 Feb 2024 17:36:54 GMT
typed.min.js
lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/typed.js/2.0.12/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/typed.js/2.0.12/typed.min.js
Requested by
Host: one.winshould.link
URL: https://one.winshould.link/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c20:8ab1:22:1::f4 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
TLB /
Resource Hash
5154391ed1d39ada814f7298e5c77802f238ee9a74809c0833eab8e470fda0b9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.winshould.link/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 01 Feb 2024 09:59:44 GMT
content-encoding
gzip
x-tt-trace-tag
id=06;cdn-cache=hit;type=static
x-tt-trace-id
00-24020117594472D92721623E56218ABC-0023BB9F34EF2EC4-00
age
2187436
x-link-via
yanccm31:443;yancmp117:443;
x-cache-status
HIT from KS-CLOUD-YANC-MP-117-10, HIT from KS-CLOUD-YANC-CM-31-26
server-timing
inner; dur=10
content-length
3522
last-modified
Sun, 24 Apr 2022 06:38:59 GMT
server
TLB
x-tt-logid
2024020117594472D92721623E56218ABC
etag
W/"6264f083-2e10"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
01f1ebf024b050651e7365f1df9a5a0c4e443702bc519dc7838dd496c0bbb28f3dfd4a25ac09413631232b82a12e079deb51ee7336af1d4373279cce1358ee6d21a792ad4f009682bfb4e41da59bb8d1666c8c654435839523557e1e6b8b0317d3
x-response-cinfo
2404:f780:5:def::c2e
accept-ranges
bytes
x-response-cache
edge_hit
timing-allow-origin
*
x-cdn-request-id
62cb496b1a9dfa2e78b2c3ffbee71699
expires
Sat, 02 Mar 2024 09:59:44 GMT
jquery.min.js
lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js
Requested by
Host: one.winshould.link
URL: https://one.winshould.link/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1e2:0:3::3f7 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.winshould.link/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 15:01:35 GMT
content-encoding
gzip
via
cache36.l2sg2[0,0,200-0,H], cache33.l2sg2[2,0], cache7.au2[0,7,200-0,H], cache1.au2[15,0]
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
x-tt-trace-id
00-2402252301353AE3393CDA4F28898F9B-7FECB40C226D3E14-00
age
95725
x-swift-cachetime
2530330
x-cache
HIT TCP_HIT dirn:4:347328544
server-timing
inner; dur=11
x-swift-savetime
Mon, 26 Feb 2024 08:09:25 GMT
content-length
30947
last-modified
Sun, 24 Apr 2022 19:10:58 GMT
server
Tengine
x-tt-logid
202402252301353AE3393CDA4F28898F9B
etag
W/"6265a0c2-15d9d"
vary
Accept-Encoding
ali-swift-global-savetime
1708873295
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
01d045b859b525749ac73030daa066cd9d9d0e441208a342a06b2f7e7e657121637d392beaef47bd2d227571619654aed1d96997ac3700b6f1f3bef91ca7db13110172897a38f2d17101b8a5738fa8fba7
x-response-cinfo
2404:f780:5:def::c2e
x-response-cache
edge_hit
timing-allow-origin
*, *
eagleid
2ff62a9517089690209047138e
expires
Tue, 26 Mar 2024 14:59:16 GMT
bootstrap.js
lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap/4.6.0/js/ 		141 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/bootstrap/4.6.0/js/bootstrap.js
Requested by
Host: one.winshould.link
URL: https://one.winshould.link/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1e2:0:3::3f7 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
b5de8fd50518000158e7e3fae41b48cfe58582ecfccb1b53b9ade9e7224c2237

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.winshould.link/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Feb 2024 17:37:01 GMT
content-encoding
gzip
via
cache2.l2sg2[365,364,200-0,M], cache35.l2sg2[366,0], cache8.au2[468,468,200-0,M], cache1.au2[471,0]
x-tt-trace-tag
id=03;cdn-cache=miss;type=static
x-tt-trace-id
00-240227013701EC4BFAF02C5E6D94A3C2-0BF90F771BAA3D8B-00
age
0
x-swift-cachetime
2592000
x-cache
MISS TCP_MISS dirn:-2:-2
server-timing
inner; dur=12
x-swift-savetime
Mon, 26 Feb 2024 17:37:01 GMT
last-modified
Sat, 22 Jan 2022 16:39:09 GMT
server
Tengine
x-tt-logid
20240227013701EC4BFAF02C5E6D94A3C2
etag
W/"61ec332d-232a1"
vary
Accept-Encoding
ali-swift-global-savetime
1708969021
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
014784e015a8a44a76cc39627ee016118aa0a4c5fb8b7e266a5dc4437806f16d74edbc50733c9e90e1f1d49f336e2ba7d4af90755e28d6ddd4310c4def4fba66e6eabd405161953b587675ce4761ac30cd9e8217f1f20c3368333d2617f38bbc53
x-response-cinfo
2404:f780:5:def::c2e
x-response-cache
miss
timing-allow-origin
*, *
eagleid
2ff62a9517089690209047139e
expires
Wed, 27 Mar 2024 17:38:29 GMT
main.js
one.winshould.link/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame FA29
Redirect Chain
  • https://one.winshould.link/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://one.winshould.link/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.winshould.link/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Protocol
H3
Server
2606:4700:3034::6815:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a2dc2196454057b3ea0ab39aae9a70888b329a3e5aad23455277b70541b6600
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Feb 2024 17:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Me5GYTtZH73b42%2BfQAyBc1Fz6KBMDGOQ65SDe5UZ2f%2BZ7Aq8mJkREia74SyWk5N9DLkyNrZGme4GhhZdDV1lP0MBCOojYO%2BhUgiKbC%2FzBwe4TAOoEGkgiu8yP2f2k68kZBDaQDxHM5WttGYsM%2Bh5Qmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85b9f4190ff750a8-AKL
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 26 Feb 2024 17:37:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMq7SZJdkewvU8hpvmbJ37wvEbypsfA4j53c8zURiRQjPoLO3woDlVALBqoNCD3Ym%2Bu9d7gL0SbXpydLe89GxePTgkJeBCZH5TLFKbDE2CuvRQ2P%2BqaJoyQXOyEgqfItzgZXMVrYAI8yRyaGWW1Sl8g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
cache-control
max-age=300, public
cf-ray
85b9f418cfbf50a8-AKL
alt-svc
h3=":443"; ma=86400
85b9f3f449c91c5d
one.winshould.link/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame FA29 		0
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://one.winshould.link/cdn-cgi/challenge-platform/h/b/jsd/r/85b9f3f449c91c5d
Requested by
Host: one.winshould.link
URL: https://one.winshould.link/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Mon, 26 Feb 2024 17:37:00 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o36tGO7myuEF0M7HerOThN0gALhXq03sh1umu4NNfbweQ7TgnslZkjNre%2BsbAgouxMUcjQ8KLA9dsVw%2FZ92iZzps%2FzPUxmPlIV53k%2F7MqHnA7u%2FSNMg6wTfsmak7r0fAHKl2qU5DsdzfBIx%2BwFJyr7A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
85b9f419d87c50a8-AKL
alt-svc
h3=":443"; ma=86400
main.js
one.winshould.link/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame FA29
Redirect Chain
  • https://one.winshould.link/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://one.winshould.link/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.winshould.link/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Protocol
H3
Server
2606:4700:3034::6815:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3efcc7acb0f97ffbc136421e3172aaef6212b3545890bfa17ea72ff1be76392
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 26 Feb 2024 17:37:01 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3o8J5t%2BnWW9rNSssr0DqxxBAZ0JK4mnc%2F2wMmmMd9t9hvl8Tqmo6pZ%2BBS%2FU5AtqUtrwaeXueX9rd4XTMwke4AOVukW%2BCSvef9r%2F5VO9g461xg%2B2V3qnKd5G11VwENtffA%2BUN9LEXcT48hvr56RcvnS8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85b9f4230fdb50a8-AKL
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 26 Feb 2024 17:37:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3HBQvO%2BbATdjVncrv50kjxjLv%2FROlhh0nipxHEoZNlNFa4No0QKw9hJf5w%2FDCiqOV5JvA6Q4W9eiWft%2BxUslDNJbm1rt9w%2BLKoskl7Jx6mq6gc8XZ3o7MwdK0wPWHcf6V39KWQp%2Bo1mcfx3sRsRxUc%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
85b9f422dfbc50a8-AKL
alt-svc
h3=":443"; ma=86400
85b9f3f449c91c5d
one.winshould.link/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame FA29 		0
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://one.winshould.link/cdn-cgi/challenge-platform/h/b/jsd/r/85b9f3f449c91c5d
Requested by
Host: one.winshould.link
URL: https://one.winshould.link/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Mon, 26 Feb 2024 17:37:02 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5J7bM3Uof9cueDFCE0s4gvi%2BBmR3fe9GN4RsiQk%2BY6KAQ4vRHl%2Bjo4AZbxx0OaPZONTt7Ol%2F3iIneGHbhjrv7MeLEJ11n%2FOZTzPc8yKkCehHY78BKYOtIj2%2FVnuocEPKFqRftTvPz1BQWReq2RPdSis%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
85b9f423f88f50a8-AKL
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR object| bootstrap function| $ function| jQuery function| Typed function| showPageReason boolean| __cfRLUnblockHandlers

1 Cookies

Domain/Path Name / Value
.winshould.link/ Name: cf_clearance
Value: 4KtTDoINLJug5kXeR1gdCxWiu5eOhaYRQFA0emp6Nq4-1708969022-1.0-AT1+pAHwoZ4/XZ9PEFbdWTWw/kWDgFmE36l+A/fkdgme31CkPyuBE7yavEvvDbot6+wSj/B/FoXwjAC1vokcj2Y=