urlscan.io logo urlscan.io
SecurityTrails logo

thewinterrae.com Open in urlscan Pro
216.70.69.140  Public Scan

Go To Rescan Add Verdict Report
URL: http://thewinterrae.com/
Submission Tags: amassintel
Submission: On November 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 9 HTTP transactions. The main IP is 216.70.69.140, located in Culver City, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is thewinterrae.com.
This is the only time thewinterrae.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 216.70.69.140 398110 (GO-DADDY-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 6
5    216.70.69.140 (Culver City, United States)

ASN398110 (GO-DADDY-COM-LLC, US)
PTR: crowdsurf.net
thewinterrae.com
crowdsurf.net
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
4 thewinterrae.com thewinterrae.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.youtube.com thewinterrae.com
1 ajax.googleapis.com thewinterrae.com
1 crowdsurf.net thewinterrae.com
1 fonts.googleapis.com thewinterrae.com
9 6

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.instagram.com
www.facebook.com
www.youtube.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://thewinterrae.com/
Frame ID: FA0E600812DC12E10395917D1D3069A6
Requests: 9 HTTP requests in this frame

Frame: https://www.youtube.com/embed/U7dtwGXW2Ak
Frame ID: 9BA506B1B62C8DD79779561CEF2D491A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

9
Requests

44 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

185 kB
Transfer

255 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thewinterrae.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://thewinterrae.com/
Protocol
HTTP/1.1
Server
216.70.69.140 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
crowdsurf.net
Software
nginx / PleskLin
Resource Hash
48931bf5794bd37648c9dde84a1179f6676515a7c1e1d3c1df42b85ad2f2f944

Request headers

Host
thewinterrae.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Tue, 17 Nov 2020 16:22:05 GMT
Content-Type
text/html
Last-Modified
Tue, 08 Dec 2015 20:01:31 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"5667371b-a92"
X-Powered-By
PleskLin
Content-Encoding
gzip
css
fonts.googleapis.com/ 		1 KB
557 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Philosopher
Requested by
Host: thewinterrae.com
URL: http://thewinterrae.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b3ddf4fd586a4be6a97f08f1241a869f8f2fd337a31386fff7e52b7abaab000
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://thewinterrae.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 17 Nov 2020 16:22:05 GMT
server
ESF
date
Tue, 17 Nov 2020 16:22:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Nov 2020 16:22:05 GMT
genericons.css
crowdsurf.net/assets/genericons/ 		27 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://crowdsurf.net/assets/genericons/genericons.css
Requested by
Host: thewinterrae.com
URL: http://thewinterrae.com/
Protocol
HTTP/1.1
Server
216.70.69.140 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
crowdsurf.net
Software
nginx / PleskLin
Resource Hash
98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88

Request headers

Referer
http://thewinterrae.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 17 Nov 2020 16:22:05 GMT
Content-Encoding
gzip
ETag
W/"5581c8d8-6b84"
Last-Modified
Wed, 17 Jun 2015 19:22:00 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 17 Dec 2020 16:22:05 GMT
wr.css
thewinterrae.com/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://thewinterrae.com/css/wr.css
Requested by
Host: thewinterrae.com
URL: http://thewinterrae.com/
Protocol
HTTP/1.1
Server
216.70.69.140 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
crowdsurf.net
Software
nginx / PleskLin
Resource Hash
ab8dd918dc7d39a4daf7396ce73a7c3a2556f935ed36c9dfaaf7243e0ac00de9

Request headers

Referer
http://thewinterrae.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 17 Nov 2020 16:22:05 GMT
Content-Encoding
gzip
ETag
W/"5667371a-d26"
Last-Modified
Tue, 08 Dec 2015 20:01:30 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 17 Dec 2020 16:22:05 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: thewinterrae.com
URL: http://thewinterrae.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://thewinterrae.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 22:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409488
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 22:37:17 GMT
modernizr.custom.86080.js
thewinterrae.com/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://thewinterrae.com/js/modernizr.custom.86080.js
Requested by
Host: thewinterrae.com
URL: http://thewinterrae.com/
Protocol
HTTP/1.1
Server
216.70.69.140 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
crowdsurf.net
Software
nginx / PleskLin
Resource Hash
3c63bc6f4534058ad4fb5bd04b5cd633f5a336d395bb912dd6ae925bb3253710

Request headers

Referer
http://thewinterrae.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 17 Nov 2020 16:22:05 GMT
Content-Encoding
gzip
ETag
W/"565391fb-1967"
Last-Modified
Mon, 23 Nov 2015 22:23:55 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 17 Dec 2020 16:22:05 GMT
U7dtwGXW2Ak
www.youtube.com/embed/ Frame 9BA5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/U7dtwGXW2Ak
Requested by
Host: thewinterrae.com
URL: http://thewinterrae.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/U7dtwGXW2Ak
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://thewinterrae.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://thewinterrae.com/

Response headers

status
200
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
content-length
19958
cache-control
no-cache
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Tue, 17 Nov 2020 16:22:06 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=KiEywPMcKMs; path=/; domain=.youtube.com; secure; expires=Sun, 16-May-2021 16:22:06 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=KiEywPMcKMs; path=/; domain=.youtube.com; secure; expires=Sun, 16-May-2021 16:22:06 GMT; httponly; samesite=None YSC=7EQJ6iaDPAY; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 17-Nov-2020 16:52:06 GMT
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bg.jpg
thewinterrae.com/images/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thewinterrae.com/images/bg.jpg
Requested by
Host: thewinterrae.com
URL: http://thewinterrae.com/css/wr.css
Protocol
HTTP/1.1
Server
216.70.69.140 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
crowdsurf.net
Software
nginx / PleskLin
Resource Hash
acc0453b4d8707889711f791d07255865eeeaa2b843eddee716ec4178760e08b

Request headers

Referer
http://thewinterrae.com/css/wr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 17 Nov 2020 16:22:06 GMT
ETag
"5667371d-1abbd"
Last-Modified
Tue, 08 Dec 2015 20:01:33 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109501
Expires
Thu, 17 Dec 2020 16:22:06 GMT
vEFV2_5QCwIS4_Dhez5jcWBuT0020Nqf.woff2
fonts.gstatic.com/s/philosopher/v14/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/philosopher/v14/vEFV2_5QCwIS4_Dhez5jcWBuT0020Nqf.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Philosopher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93ebbd7317656a5107a8b9c7a6ef48d7e5ea150221419a02f12f6961e469e255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://thewinterrae.com
Referer
https://fonts.googleapis.com/css?family=Philosopher
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 10:13:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 04:34:33 GMT
server
sffe
age
281295
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11676
x-xss-protection
0
expires
Sun, 14 Nov 2021 10:13:51 GMT
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064

Request headers

Origin
http://thewinterrae.com
Referer
http://crowdsurf.net/assets/genericons/genericons.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| trustedTypes function| $ function| jQuery object| Modernizr function| yepnope

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 7EQJ6iaDPAY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: KiEywPMcKMs