winlead.free.nf Open in urlscan Pro
185.27.134.136 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://winlead.free.nf/
Effective URL:
http://winlead.free.nf/?i=1
Submission Tags: falconsandbox
Submission: On October 01 via api (October 1st 2024, 8:51:48 am UTC) from US — Scanned from GB

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 185.27.134.136, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is winlead.free.nf.

This is the only time winlead.free.nf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	185.27.134.136 185.27.134.136	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1 1	2606:4700:303... 2606:4700:3030::6815:fa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:fb7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
16	6

11 185.27.134.136 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

winlead.free.nf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:fa6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dnva.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:fb7 (United States)

ASN13335 (CLOUDFLARENET, US)

static.domainesia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	free.nf winlead.free.nf	412 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 341	98 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	domainesia.com static.domainesia.com	14 KB
1	dnva.me 1 redirects dnva.me	568 B
16	5

	Domain	Requested by
11	winlead.free.nf	winlead.free.nf
2	cdn.jsdelivr.net	winlead.free.nf cdn.jsdelivr.net
1	fonts.gstatic.com	winlead.free.nf
1	static.domainesia.com	winlead.free.nf
1	dnva.me	1 redirects
16	5

This site contains links to these domains. Also see Links.

Domain
my.domainesia.com

Subject Issuer	Validity	Valid
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://winlead.free.nf/?i=1
Frame ID: 298F09FBB4D76D5D8FCC84774EBCDA6B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Linky

Page URL History Show full URLs

http://winlead.free.nf/ HTTP 307
https://winlead.free.nf/ HTTP 307
http://winlead.free.nf/ Page URL
http://winlead.free.nf/?i=1 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

16
Requests

19 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

539 kB
Transfer

640 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://my.domainesia.com/ref.php?u=16129

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://winlead.free.nf/ HTTP 307
https://winlead.free.nf/ HTTP 307
http://winlead.free.nf/ Page URL
http://winlead.free.nf/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://winlead.free.nf/ HTTP 307
https://winlead.free.nf/ HTTP 307
http://winlead.free.nf/

Request Chain 5

https://dnva.me/dmo27 HTTP 301
https://static.domainesia.com/assets/images/afiliasi/2.0/300x600/banner-4.svg

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
winlead.free.nf/
Redirect Chain

http://winlead.free.nf/
https://winlead.free.nf/
http://winlead.free.nf/

826 B
1 KB

39ms
39ms

Document
text/html

185.27.134.136
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://winlead.free.nf/
Protocol: HTTP/1.1
Server: 185.27.134.136 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5152e25926215ecfdfe8e1736d472e1efb16b526c1b3fcbc1a9508d03c8fbed5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 826
Content-Type: text/html
Date: Tue, 01 Oct 2024 08:51:43 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: nginx

Redirect headers

Location: http://winlead.free.nf/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK aes.js Show response
winlead.free.nf/ 13 KB
14 KB 39ms
38ms Script
application/javascript 185.27.134.136
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://winlead.free.nf/aes.js
Requested by: Host: winlead.free.nf
URL: http://winlead.free.nf/
Protocol: HTTP/1.1
Server: 185.27.134.136 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://winlead.free.nf/

Response headers

ETag: "652c25c8-35a5"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13733
Date: Tue, 01 Oct 2024 08:51:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 15 Oct 2023 17:47:52 GMT
Server: nginx

GET
H/1.1 200
OK Primary Request / Show response
winlead.free.nf/ 4 KB
4 KB 49ms
49ms Document
text/html 185.27.134.136
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://winlead.free.nf/?i=1
Requested by: Host: winlead.free.nf
URL: http://winlead.free.nf/
Protocol: HTTP/1.1
Server: 185.27.134.136 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: f2dc519619cad764da0deb0150842a330fc6d39fb0ba398c5d1bb7919ccd3548

Request headers

Referer: http://winlead.free.nf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 01 Oct 2024 08:51:44 GMT
Expires: Tue, 01 Oct 2024 08:51:44 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK bootstrap.min.css
winlead.free.nf/css/ 152 KB
153 KB 40ms
40ms Stylesheet
text/css 185.27.134.136
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://winlead.free.nf/css/bootstrap.min.css
Requested by: Host: winlead.free.nf
URL: http://winlead.free.nf/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.136 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 27834e89ddfae0fb6633070e44c359de78becd9a1d24503da80e59d75493cb4e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://winlead.free.nf/?i=1

Response headers

Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
ETag: "260ca-61e1764014998"
Connection: keep-alive
Expires: Thu, 31 Oct 2024 08:51:44 GMT
Accept-Ranges: bytes
Content-Length: 155850
Date: Tue, 01 Oct 2024 08:51:44 GMT
Content-Type: text/css
Last-Modified: Thu, 25 Jul 2024 19:27:51 GMT
Server: nginx

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 64 KB
9 KB 83ms
26ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css

Requested by

Host: winlead.free.nf
URL: http://winlead.free.nf/?i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://winlead.free.nf/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
age: 1827959
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 01 Oct 2024 08:51:44 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220126-FRA, cache-man4130-MAN
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8770
x-jsd-version: 1.5.0

GET
H/1.1 200
OK custom.css
winlead.free.nf/css/ 5 KB
6 KB 78ms
41ms Stylesheet
text/css 185.27.134.136
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://winlead.free.nf/css/custom.css
Requested by: Host: winlead.free.nf
URL: http://winlead.free.nf/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.136 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: c34bc935f3456a8dc7d17f4ec4f2ff2d1cbc1e0a34b9d48a630c8b2eb86a3951

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://winlead.free.nf/?i=1

Response headers

Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
ETag: "15de-61e1764165068"
Connection: keep-alive
Expires: Thu, 31 Oct 2024 08:51:44 GMT
Accept-Ranges: bytes
Content-Length: 5598
Date: Tue, 01 Oct 2024 08:51:44 GMT
Content-Type: text/css
Last-Modified: Thu, 25 Jul 2024 19:27:52 GMT
Server: nginx

GET
H2

200

banner-4.svg
static.domainesia.com/assets/images/afiliasi/2.0/300x600/
Redirect Chain

https://dnva.me/dmo27
https://static.domainesia.com/assets/images/afiliasi/2.0/300x600/banner-4.svg

64 KB
14 KB

331ms
244ms

Image
image/svg+xml

2606:4700:20::681a:fb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.domainesia.com/assets/images/afiliasi/2.0/300x600/banner-4.svg

Requested by

Host: winlead.free.nf
URL: http://winlead.free.nf/?i=1

Protocol

Server

2606:4700:20::681a:fb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f25251db09d891d9431656c0b1da37e910a9b91fe81573dbc3d679b1623969c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://winlead.free.nf/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"fe4e-5e5dd4ccf3988"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W72Y9jsaw6afEwSwy3wrYlwFda%2B7SWMnx5nIKrA196poO7S%2FO572XiePN892UMT1M8U4P5EMlfwjMnUB3i3UbCPuUJ5l5TOEOzdACUTYtEc8tf030TJ%2B2kLM6Lj4G4pILkV7hqK4CzPLxV%2FcPMH9BRfogA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 12:14:30 GMT
date: Tue, 01 Oct 2024 08:51:45 GMT
content-type: image/svg+xml
last-modified: Wed, 10 Aug 2022 06:38:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; preload
link: </assets/fonts/fontawesome-webfont.woff2?v=4.5.0>; rel=preload; as=font; crossorigin
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cbb366fba5671da-LHR
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-robots-tag: noindex
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://static.domainesia.com/assets/images/afiliasi/2.0/300x600/banner-4.svg
dynamic-cache-status: MISS
cf-cache-status: DYNAMIC
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8osCMuM7VJClEkbnah6ICJSZwQ%2FKXWCR75vLnVx%2BLgOtnz4vanlbxJmdETCmGdy%2Br7GaOn8djxVr7tWLFDddGbQG8ayJSho8mFx6t%2B1LKXc6sUisTD0AVp96DhjqhJ51fQsVrHUc"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbb36697ecb6582-LHR
date: Tue, 01 Oct 2024 08:51:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK jquery.min.js Show response
winlead.free.nf/js/ 85 KB
85 KB 79ms
41ms Script
application/javascript 185.27.134.136
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://winlead.free.nf/js/jquery.min.js
Requested by: Host: winlead.free.nf
URL: http://winlead.free.nf/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.136 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://winlead.free.nf/?i=1

Response headers

Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
ETag: "15283-61e17631e5fc0"
Connection: keep-alive
Expires: Thu, 31 Oct 2024 08:51:44 GMT
Accept-Ranges: bytes
Content-Length: 86659
Date: Tue, 01 Oct 2024 08:51:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Jul 2024 19:27:36 GMT
Server: nginx

GET
H/1.1 200
OK popper.min.js Show response
winlead.free.nf/js/ 18 KB
19 KB 77ms
39ms Script
application/javascript 185.27.134.136
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://winlead.free.nf/js/popper.min.js
Requested by: Host: winlead.free.nf
URL: http://winlead.free.nf/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.136 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4b1aa5b46b0b08e0b7c8cd94b47a5f2202b01bc04f9b2bf0fe0b89a625dc518c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://winlead.free.nf/?i=1

Response headers

Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
ETag: "48a8-61e17633d51a0"
Connection: keep-alive
Expires: Thu, 31 Oct 2024 08:51:44 GMT
Accept-Ranges: bytes
Content-Length: 18600
Date: Tue, 01 Oct 2024 08:51:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Jul 2024 19:27:38 GMT
Server: nginx

GET
H/1.1 200
OK bootstrap.min.js Show response
winlead.free.nf/js/ 59 KB
59 KB 79ms
41ms Script
application/javascript 185.27.134.136
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://winlead.free.nf/js/bootstrap.min.js
Requested by: Host: winlead.free.nf
URL: http://winlead.free.nf/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.136 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5c7bebfecc9fea2c9fe6e9471cf91f43f9cc9e51f69aa4ffff9720bddf037906

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://winlead.free.nf/?i=1

Response headers

Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
ETag: "eac1-61e1762d09998"
Connection: keep-alive
Expires: Thu, 31 Oct 2024 08:51:44 GMT
Accept-Ranges: bytes
Content-Length: 60097
Date: Tue, 01 Oct 2024 08:51:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Jul 2024 19:27:31 GMT
Server: nginx

GET
H/1.1 200
OK clipboard.min.js Show response
winlead.free.nf/js/ 9 KB
9 KB 78ms
40ms Script
application/javascript 185.27.134.136
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://winlead.free.nf/js/clipboard.min.js
Requested by: Host: winlead.free.nf
URL: http://winlead.free.nf/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.136 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 03e78b51ef6d92db7f7b18304deea7bdaf6aa7af6cb20cb9f4c4e73fc86832b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://winlead.free.nf/?i=1

Response headers

Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
ETag: "234f-61e1762e93e30"
Connection: keep-alive
Expires: Thu, 31 Oct 2024 08:51:44 GMT
Accept-Ranges: bytes
Content-Length: 9039
Date: Tue, 01 Oct 2024 08:51:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Jul 2024 19:27:32 GMT
Server: nginx

GET
H/1.1 200
OK custom.js Show response
winlead.free.nf/js/ 2 KB
2 KB 39ms
39ms Script
application/javascript 185.27.134.136
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://winlead.free.nf/js/custom.js
Requested by: Host: winlead.free.nf
URL: http://winlead.free.nf/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.136 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: c74eb61e2177efdc48a65b94ae07d9dc82aed6f2a8c560ca8c0f6dfd57fa9408

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://winlead.free.nf/?i=1

Response headers

Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
ETag: "6e4-61e176301ea98"
Connection: keep-alive
Expires: Thu, 31 Oct 2024 08:51:44 GMT
Accept-Ranges: bytes
Content-Length: 1764
Date: Tue, 01 Oct 2024 08:51:44 GMT
Content-Type: application/javascript
Last-Modified: Thu, 25 Jul 2024 19:27:34 GMT
Server: nginx

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 99ms
45ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: winlead.free.nf
URL: http://winlead.free.nf/css/custom.css

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: http://winlead.free.nf
Referer: http://winlead.free.nf/

Response headers

age: 813
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 01 Oct 2025 08:38:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:38:11 GMT
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15720
x-xss-protection: 0
server: sffe

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 88 KB
89 KB 65ms
31ms Font
font/woff2 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: http://winlead.free.nf
Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css

Response headers

access-control-expose-headers: *
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
age: 3193236
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 01 Oct 2024 08:51:44 GMT
content-type: font/woff2
x-served-by: cache-fra-eddf8230031-FRA, cache-lcy-eglc8600065-LCY
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 90528
x-jsd-version: 1.5.0

GET fontawesome-webfont.woff2
static.domainesia.com/assets/fonts/ 0
0

GET
H/1.1 200
OK linkyicon.png
winlead.free.nf/ 61 KB
61 KB 40ms
39ms Other
image/png 185.27.134.136
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://winlead.free.nf/linkyicon.png
Protocol: HTTP/1.1
Server: 185.27.134.136 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 49424fadf6629c46c28e765ad72a2c87c9a1c677b3c2f2e162196e17b984166d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://winlead.free.nf/?i=1

Response headers

Cache-Control: max-age=2592000, public, proxy-revalidate
ETag: "f270-61e1769460308"
Connection: keep-alive
Expires: Thu, 31 Oct 2024 08:51:45 GMT
Accept-Ranges: bytes
Content-Length: 62064
Date: Tue, 01 Oct 2024 08:51:45 GMT
Content-Type: image/png
Last-Modified: Thu, 25 Jul 2024 19:29:19 GMT
Server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.domainesia.com
URL: https://static.domainesia.com/assets/fonts/fontawesome-webfont.woff2?v=4.5.0

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			winlead.free.nf/	1970-01-21 09:32:12	Name: __test Value: 0f4a489a636c84d0dce2b9c352bf2401

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://winlead.free.nf/?i=1 Message: Access to font at 'https://static.domainesia.com/assets/fonts/fontawesome-webfont.woff2?v=4.5.0' from origin 'http://winlead.free.nf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.domainesia.com/assets/fonts/fontawesome-webfont.woff2?v=4.5.0 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
dnva.me
fonts.gstatic.com
static.domainesia.com
winlead.free.nf
static.domainesia.com
151.101.65.229
185.27.134.136
216.58.206.35
2606:4700:20::681a:fb7
2606:4700:3030::6815:fa6
2a04:4e42::485
03e78b51ef6d92db7f7b18304deea7bdaf6aa7af6cb20cb9f4c4e73fc86832b0
27834e89ddfae0fb6633070e44c359de78becd9a1d24503da80e59d75493cb4e
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
3f25251db09d891d9431656c0b1da37e910a9b91fe81573dbc3d679b1623969c
49424fadf6629c46c28e765ad72a2c87c9a1c677b3c2f2e162196e17b984166d
4b1aa5b46b0b08e0b7c8cd94b47a5f2202b01bc04f9b2bf0fe0b89a625dc518c
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
5152e25926215ecfdfe8e1736d472e1efb16b526c1b3fcbc1a9508d03c8fbed5
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
5c7bebfecc9fea2c9fe6e9471cf91f43f9cc9e51f69aa4ffff9720bddf037906
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
c34bc935f3456a8dc7d17f4ec4f2ff2d1cbc1e0a34b9d48a630c8b2eb86a3951
c74eb61e2177efdc48a65b94ae07d9dc82aed6f2a8c560ca8c0f6dfd57fa9408
f2dc519619cad764da0deb0150842a330fc6d39fb0ba398c5d1bb7919ccd3548

winlead.free.nf Open in urlscan Pro 185.27.134.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

19 %HTTPS

50 %IPv6

5 Domains

5 Subdomains

6 IPs

2 Countries

539 kBTransfer

640 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

winlead.free.nf Open in urlscan Pro
185.27.134.136 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

19 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

539 kB
Transfer

640 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions