www.winningplus32.com Open in urlscan Pro
104.208.69.239 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://w4game.com/
Effective URL:
https://www.winningplus32.com/promotions
Submission: On February 02 via manual (February 2nd 2023, 2:21:31 am UTC) from PH — Scanned from DE

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 71 HTTP transactions. The main IP is 104.208.69.239, located in Central, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.winningplus32.com.
TLS certificate: Issued by R3 on January 28th 2023. Valid for: 3 months.

This is the only time www.winningplus32.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:2069	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3030::ac43:b98e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	104.208.69.239 104.208.69.239	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:90c0:41:... 2a03:90c0:41:2801::24	199524 (GCORE) (GCORE)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	198.244.165.101 198.244.165.101	16276 (OVH) (OVH)
8	84.252.100.68 84.252.100.68	136933 (GIGABITBA...) (GIGABITBANK-AS-AP Gigabitbank Global)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
71	12

1 2606:4700:3035::6815:2069 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

w4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:b98e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

w4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 104.208.69.239 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.winningplus32.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:90c0:41:2801::24 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

code.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.244.165.101 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3199009.ip-198-244-165.eu

telemetry.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 84.252.100.68 (Hong Kong)

ASN136933 (GIGABITBANK-AS-AP Gigabitbank Global, HK)

images.b51613.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	winningplus32.com www.winningplus32.com	4 MB
8	b51613.com images.b51613.com — Cisco Umbrella Rank: 133725	2 MB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4470	347 B
3	jivosite.com code.jivosite.com — Cisco Umbrella Rank: 30808 telemetry.jivosite.com — Cisco Umbrella Rank: 46298	6 KB
2	gstatic.com www.gstatic.com	54 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	253 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5986	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	313 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	152 KB
2	w4game.com 2 redirects w4game.com	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	978 B
71	11

	Domain	Requested by
43	www.winningplus32.com	www.winningplus32.com
8	images.b51613.com
4	region1.analytics.google.com	www.googletagmanager.com
2	www.gstatic.com	www.winningplus32.com
2	cdn.jsdelivr.net	www.winningplus32.com
2	www.google.de	www.winningplus32.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	code.jivosite.com	www.winningplus32.com code.jivosite.com
2	www.googletagmanager.com	www.winningplus32.com
2	w4game.com	2 redirects
1	telemetry.jivosite.com	code.jivosite.com
1	fonts.googleapis.com	www.winningplus32.com
71	12

This site contains no links.

Subject Issuer	Validity	Valid
winningplus32.com R3	`2023-01-28` - `2023-04-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.jivosite.com Go Daddy Secure Certificate Authority - G2	`2022-05-26` - `2023-06-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.b51613.com ZeroSSL RSA Domain Secure Site CA	`2022-11-09` - `2023-02-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.winningplus32.com/promotions
Frame ID: F54992A90C75FA633FC99DEDC134A55F
Requests: 89 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://w4game.com/ HTTP 301
https://w4game.com/ HTTP 301
https://www.winningplus32.com/promotions Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

71
Requests

97 %
HTTPS

77 %
IPv6

11
Domains

12
Subdomains

12
IPs

5
Countries

6992 kB
Transfer

15564 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://w4game.com/ HTTP 301
https://w4game.com/ HTTP 301
https://www.winningplus32.com/promotions Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request promotions Show response
www.winningplus32.com/
Redirect Chain

http://w4game.com/
https://w4game.com/
https://www.winningplus32.com/promotions

1 KB
806 B

1053ms
521ms

Document
text/html

104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

5901b0fc06c52d12fd08a496ed23faa14226ec7df9d14cef0f73e0913e1e2699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 02 Feb 2023 02:21:20 GMT
etag: W/"63cba44b-4fb"
last-modified: Sat, 21 Jan 2023 08:37:31 GMT
server: TL-PROXY
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 792f73e15f149ba0-FRA
content-type: text/html
date: Thu, 02 Feb 2023 02:21:19 GMT
location: https://www.winningplus32.com/promotions
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAtZd9uFhUt9ps%2BUIqO1rSlyQ6ReFJyaUkgNRw7IYh4PZTaQDS2Wbb4oF579CCqRn%2FfQ%2BJbrnR0l10dXNMfijjmTd32f6kkoH6QkpWW4JPVPz0l4f1urRZgjARbd2sMj%2F%2F%2BPbU0bRXXL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
978 B 145ms
51ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Be+Vietnam:ital,wght@0,400;0,700;1,400;1,800&display=swap

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

102f8ed4fb43cf1048e12ba9fba181d47c59ce38d5b44942a1e4fa9ade629e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 02:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 02:21:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 02:21:20 GMT

GET
H2 200 aboutMerchant.js Show response
www.winningplus32.com/res/ 2 KB
985 B 595ms
594ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/res/aboutMerchant.js?v=10112

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

26402164a99184437c38463e0d5c617b9b5e45574046ceae23ca8b9839bd573d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:20 GMT
content-encoding: gzip
tl-proxy-cache-tier1: MISS
last-modified: Sat, 21 Jan 2023 08:37:31 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63cba44b-6f2"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
expires: Fri, 03 Feb 2023 02:21:20 GMT

GET
H2 200 encrypt.js Show response
www.winningplus32.com/res/ 70 KB
19 KB 222ms
221ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/res/encrypt.js?v=8

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

3b0b8b8806460b9d1ffa4a59c215c8e260dab390a14a79c9cf105d946c607360

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:20 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Sat, 21 Jan 2023 08:37:31 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63cba44b-11948"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
expires: Fri, 03 Feb 2023 02:21:20 GMT

GET
H2 200 gt.js Show response
www.winningplus32.com/res/ 5 KB
3 KB 595ms
594ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/res/gt.js?v=10112

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

a2f2f25f2cf41a0a6f9a1a90d4dd6236911b94c11e737c432a13ce2284deab07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:20 GMT
content-encoding: gzip
tl-proxy-cache-tier1: MISS
last-modified: Sat, 21 Jan 2023 08:37:31 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63cba44b-1527"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
expires: Fri, 03 Feb 2023 02:21:20 GMT

GET
H2 200 app.6835981626f96886ddc0.css
www.winningplus32.com/res/css/ 381 KB
155 KB 222ms
221ms Stylesheet
text/css 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/res/css/app.6835981626f96886ddc0.css

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

00d7af94cb3cabcd31dd78f4e767f2bf05a615c53dcda7efc32c2953c8d54ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:20 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Sat, 21 Jan 2023 08:37:31 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63cba44b-5f249"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400, public
expires: Fri, 03 Feb 2023 02:21:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 143ms
55ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L3HE84YB47

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7431f3941829b1fe3a390b6ef2abeebfeedd90db3e1dd98c001156b827b94166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 02:21:21 GMT

GET
H2 200 x8M66d6cOc Show response
code.jivosite.com/widget/ 17 KB
6 KB 247ms
43ms Script
application/javascript 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/widget/x8M66d6cOc
Requested by: Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9b5e3380a49c538347da5df52e9e8ee349a75943576d3a598cd35bd6f632fba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Thu, 02 Feb 2023 02:21:21 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2023-02-02T02:11:19+00:00
x-geo-shard: ya
content-length: 6030
last-modified: Fri, 27 Jan 2023 13:30:39 GMT
server: nginx
etag: "63d3d1ff-178e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cache: HIT
accept-ranges: bytes
expires: Wed, 01 Feb 2023 23:58:20 GMT

GET
H2 200 vendor.0.e91b8bd.js Show response
www.winningplus32.com/res/js/ 324 KB
110 KB 595ms
594ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/res/js/vendor.0.e91b8bd.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

eae2387de85fe4d31a45f253a6013bb39bd9f32adee75c8d9f808e8450a547c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:20 GMT
content-encoding: gzip
tl-proxy-cache-tier1: MISS
last-modified: Sat, 21 Jan 2023 08:37:31 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63cba44b-511b0"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
expires: Fri, 03 Feb 2023 02:21:20 GMT

GET
H2 200 app.195522e.js Show response
www.winningplus32.com/res/js/ 2 MB
705 KB 581ms
581ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/res/js/app.195522e.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

56e48c38e3df1aef9f785cf3028a238c898dced880544a7910e727aaa029fff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:20 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Sat, 21 Jan 2023 08:37:31 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63cba44b-22948a"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
expires: Fri, 03 Feb 2023 02:21:20 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 147ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-L3HE84YB47&gtm=2oe1u0&_p=801169705&_gaz=1&cid=1591447888.1675304481&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675304481&sct=1&seg=0&dl=https%3A%2F%2Fwww.winningplus32.com%2Fpromotions&dt=WIN%20PLUS&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3HE84YB47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 02:21:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winningplus32.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 143ms
47ms Ping
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L3HE84YB47&cid=1591447888.1675304481&gtm=2oe1u0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3HE84YB47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 02:21:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winningplus32.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 137ms
50ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L3HE84YB47&cid=1591447888.1675304481&gtm=2oe1u0&aip=1&z=1369158465

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 02:21:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 x8M66d6cOc Show response
code.jivosite.com/script/widget/config/ 29 B
229 B 119ms
39ms XHR
application/json 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/script/widget/config/x8M66d6cOc
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget/x8M66d6cOc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 83a00ef8a5bc290c76d5813193eb405fa0ef2bb6ee3b9ac81cef030aa5de8e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Thu, 02 Feb 2023 02:21:21 GMT
via: 1.1 sharxy
server: nginx
x-cached-since: 2023-02-02T02:11:21+00:00
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=7200
cache: HIT
accept-ranges: bytes
x-geo-shard: ya
content-length: 29
expires: Thu, 02 Feb 2023 04:11:21 GMT

POST
H/1.1 204
No Content w
telemetry.jivosite.com/ 0
109 B 198ms
47ms Ping
text/plain 198.244.165.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://telemetry.jivosite.com/w
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget/x8M66d6cOc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.244.165.101 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3199009.ip-198-244-165.eu
Software: JivoTelemetry/fix-jivoapp-telemetry /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winningplus32.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 02 Feb 2023 02:21:21 GMT
Server: JivoTelemetry/fix-jivoapp-telemetry

GET
H2 200 lib.js Show response
www.winningplus32.com/common/v.1.0.1/ 6 KB
3 KB 221ms
221ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/res/js/app.195522e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

898574e1cdea081763bec973b45ae27d3e2f341354eeac08fbd8f65c8c4f76f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Thu, 01 Dec 2022 03:51:53 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"638824d9-19fd"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:22 GMT

GET
H2 200 status Show response
www.winningplus32.com/wps/system/ 24 KB
4 KB 262ms
262ms XHR
application/json 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/wps/system/status?url=www.winningplus32.com

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/res/js/vendor.0.e91b8bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

ff725dcb3ff473cda52a313e9d4dbc871109e4712c79346f272bcf19cb67f416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Gateway-Version: 3
Language: EN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Merchant: winplus
Accept: application/json, text/plain, */*
Referer: https://www.winningplus32.com/promotions
Device: web

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
x-module-id: COMM3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: TL-PROXY
x-app-trace-id: 6rqsk3y026
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time: 22

GET
H2 200 manifest.json Show response
www.winningplus32.com/common/v.1.0.1/manifest/ 2 KB
711 B 237ms
237ms XHR
application/json 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/common/v.1.0.1/manifest/manifest.json?_1675304482158

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

7ab5968e53737097c25ac3303d29fdd823c504174433d8d57cec490ae9f751b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
content-encoding: gzip
tl-proxy-cache-tier1: MISS
last-modified: Thu, 01 Dec 2022 03:51:53 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"638824d9-823"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/json
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9HYGDFD9SJ

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/res/js/app.195522e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdc29760e91bef5c033f88277ace76fb8ef081d4cd4f917ef37073387637ab60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77820
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Feb 2023 02:21:22 GMT

GET
H2 200 promo.ec75c508e4d76fcc639b.css
www.winningplus32.com/res/css/ 6 KB
2 KB 397ms
396ms Stylesheet
text/css 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/res/css/promo.ec75c508e4d76fcc639b.css

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/res/js/app.195522e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

749c885d96c6422f82da4cb981c05cc4724b12265a00dc3055fae37026b6aeda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
content-encoding: gzip
tl-proxy-cache-tier1: MISS
last-modified: Sat, 21 Jan 2023 08:37:31 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63cba44b-1819"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400, public
expires: Fri, 03 Feb 2023 02:21:22 GMT

GET
H2 200 promo.10.4f2bc69.js Show response
www.winningplus32.com/res/js/ 9 KB
3 KB 221ms
221ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/res/js/promo.10.4f2bc69.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/res/js/app.195522e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

b61ba5eb2841f95f0dc62d8ccad9a5898992343e3ad9166b08eb4e329b934998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Sat, 21 Jan 2023 08:37:31 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63cba44b-2329"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
expires: Fri, 03 Feb 2023 02:21:22 GMT

GET
H2 200 country Show response
www.winningplus32.com/wps/system/ 4 KB
950 B 384ms
383ms XHR
application/json 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/wps/system/country?

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/res/js/vendor.0.e91b8bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

1e700632eb1ef9912e2e05b93d0a8f607e30b6484853806ff3538e7d89a990b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Gateway-Version: 3
Language: EN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Merchant: winplus
Accept: application/json, text/plain, */*
Referer: https://www.winningplus32.com/promotions
Device: web

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
x-module-id: COMM3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: TL-PROXY
x-app-trace-id: 6qzw0px026
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time: 2

GET
H2 200 home-bg.4cfeebc.jpg
www.winningplus32.com/res/img/ 1 MB
1 MB 222ms
222ms Image
image/jpeg 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winningplus32.com/res/img/home-bg.4cfeebc.jpg

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/res/css/app.6835981626f96886ddc0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

93e3532d5f5fe644ab28638cb9bd7b11a70d43dc3c8c6a46d74c2113e78db851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/res/css/app.6835981626f96886ddc0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
tl-proxy-cache-tier1: HIT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 21 Jan 2023 08:37:31 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: "63cba44b-1476a6"
content-type: image/jpeg
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 1341094
expires: Fri, 03 Feb 2023 02:21:22 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9HYGDFD9SJ&gtm=2oe1u0&_p=801169705&_gaz=1&cid=1591447888.1675304481&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675304482&sct=1&seg=0&dl=https%3A%2F%2Fwww.winningplus32.com%2Fpromotions&dt=WIN%20PLUS&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9HYGDFD9SJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 02:21:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winningplus32.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 49ms
47ms Ping
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9HYGDFD9SJ&cid=1591447888.1675304481&gtm=2oe1u0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9HYGDFD9SJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 02:21:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winningplus32.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 52ms
51ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9HYGDFD9SJ&cid=1591447888.1675304481&gtm=2oe1u0&aip=1&z=965809266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 02:21:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.8101d596.js Show response
www.winningplus32.com/common/v.1.0.1/manifest/ 94 KB
33 KB 269ms
269ms XHR
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/common/v.1.0.1/manifest/jquery.min.8101d596.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Thu, 01 Dec 2022 03:51:55 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"638824db-1762a"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:22 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3767d226e190f0560a265b95de068f3013448924c4e3336d28780718f81c5c1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07390e7762023441bf3b547cd86d897175f6ac6d1fa8a2f03525bd96cd6ef157

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68ead47d55a6fff9776cd37c27d2610bfb512c27d4dff18ce4e32054ccdc4cdb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20cc69995d59f66f9472e6beb82936abd84d05ae7a1076871c5787823e551192

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo.766fb4d.png
www.winningplus32.com/res/img/ 32 KB
32 KB 235ms
235ms Image
image/png 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winningplus32.com/res/img/logo.766fb4d.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

e1c89cbc5e7b780d4f7376f6dbd5c86947505c3e391666f9a9f0f8f37f416729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
tl-proxy-cache-tier1: HIT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 21 Jan 2023 08:37:31 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: "63cba44b-7efb"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 32507
expires: Fri, 03 Feb 2023 02:21:22 GMT

GET
H2 200 payment-img.f6543d9.png
www.winningplus32.com/res/img/ 22 KB
22 KB 235ms
235ms Image
image/png 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winningplus32.com/res/img/payment-img.f6543d9.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

13a20f9d822c7b7c17d498f99c8d7d24ded24554ab6631a97fe6c5d007a87450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
tl-proxy-cache-tier1: HIT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 21 Jan 2023 08:37:31 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: "63cba44b-5986"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 22918
expires: Fri, 03 Feb 2023 02:21:22 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7b150fd621f8c92a1d73076b28107988be22241e57c111c5db870cc7922abb9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4a9aab43f2f9da2766509d77413599979d278d29a8b1b31d8b527ece200ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 helpCenter Show response
www.winningplus32.com/wps/system/ 16 KB
6 KB 249ms
249ms XHR
application/json 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/wps/system/helpCenter?lang=EN&device=WEB

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/res/js/vendor.0.e91b8bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

e7cd38bd794fcc6ab992282c6f5445b930d9eabf0614831b842573e368ac058c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Gateway-Version: 3
Language: EN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Merchant: winplus
Accept: application/json, text/plain, */*
Referer: https://www.winningplus32.com/promotions
Device: web

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
x-module-id
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: TL-PROXY
x-app-trace-id: 82dgmrg026
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time: 2

GET
H2 200 MCSFE_getListAnnouncements Show response
www.winningplus32.com/wps/relay/ 15 KB
2 KB 666ms
665ms XHR
application/json 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/wps/relay/MCSFE_getListAnnouncements?types=B%2CPL%2CPU%2CPR%2CH&execution=B&platform=W

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/res/js/vendor.0.e91b8bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

f393ab925e9a92671f6cea05410c8c6e3c8b6ae3e2e0b44cf0924cf875329c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Gateway-Version: 3
Language: EN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Merchant: winplus
Accept: application/json, text/plain, */*
Referer: https://www.winningplus32.com/promotions
Device: web

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
x-module-id: FREEPLAY3, COMM3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: TL-PROXY
x-app-trace-id: epams6e026
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time: 426

GET
H2 200 GCSGAME_gameVendor Show response
www.winningplus32.com/wps/relay/ 32 KB
3 KB 278ms
277ms XHR
application/json 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/wps/relay/GCSGAME_gameVendor?merchantCode=winplus

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/res/js/vendor.0.e91b8bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

f84b546de0f677e551fb3ec470f90945c14e6406f7f2d0f1ba92694343e18374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Gateway-Version: 3
Language: EN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Merchant: winplus
Accept: application/json, text/plain, */*
Referer: https://www.winningplus32.com/promotions
Device: web

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
x-module-id: FREEPLAY3, COMM3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: TL-PROXY
x-app-trace-id: yiq4jpd026
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time: 17

GET game
www.winningplus32.com/lgw/vn/numeros/opened/ 0
0

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73b3eabea69b697d2bad8d509a404c5847e388b33d093b487a383d605b6f54bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fab07feb5e97ac291ba04207d66b11bee8d95bcee0bc413ac6468069fa168821

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lib.core.min.2e753449.js Show response
www.winningplus32.com/common/v.1.0.1/manifest/ 556 KB
155 KB 232ms
231ms XHR
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/common/v.1.0.1/manifest/lib.core.min.2e753449.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

e46a58cbe4a8e5708e026fff2b15525b5ff4961749b7a2563cacc8d29a9e2895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:22 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Thu, 01 Dec 2022 03:51:55 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"638824db-8afee"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:22 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3a5fb1de8340080fe349f1d55376a25f713397d201cd54296ba86132dc1c677

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 340eea182b3d133c1bc449bf1a6743a49c7573d3ad41ccbc3e31d558baf21190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20b11526e3af5d57cedadd484a7520c16fe56d1099b6e9f5332831fc222aebff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce71e08dcd05abc0dbf0e9c82276ecb8785e2586fccbfa311bc383aab2621536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 027062c70df54f29fb2440ed06a14512e2280a2ef19972cbf984faa2a0810b81

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2225966d041e98a9bd5f27817f05bb4bf032c58b93eaecbd6fadb766d15156c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb5a90cacfe1f91852ccc167b0cf548d6a8f8fce33dadd50a2c0c3484019741b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d05d3b4224cbdd785509b9e0af29c8221fcea7638e5d3cd9bb17aec37b10270

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70582401b646d2fb98282df648dfe5c2c338b1c0aed00f77e373550b9c9acc19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lott-js.js Show response
www.winningplus32.com/lotto/lott-common/ 574 B
728 B 238ms
237ms XHR
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/lotto/lott-common/lott-js.js?_=1675304482747

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

b070bbb709cea57c532f952f42f8e5d7e037416299d31859affe6f31a7e005f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.winningplus32.com/promotions
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
tl-proxy-cache-tier1: MISS
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 03 Jan 2023 21:24:57 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: "63b49d29-23e"
access-control-allow-methods: GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 574
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 index.js Show response
www.winningplus32.com/mc/v.1.0.1/ 11 KB
3 KB 238ms
238ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/mc/v.1.0.1/index.js?_=1675304481934

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/res/js/app.195522e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

ab7cc8d36164e34ebb07e23432e0947df00b563a224c9b241f7335797080ecb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 01 Feb 2023 02:54:36 GMT
server: TL-PROXY
etag: W/"63d9d46c-2ce4"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: no-cache
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 02 Feb 2023 10:21:23 GMT

GET
H2 200 index.js Show response
www.winningplus32.com/ac/v.1.0.1/ 18 KB
3 KB 239ms
238ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/ac/v.1.0.1/index.js?_=1675304481934

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/res/js/app.195522e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

ebb7d0704543a0bf52bcd6d4f22b0b240ee17fa953967c148505526a0a01dc39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 01 Feb 2023 02:55:19 GMT
server: TL-PROXY
etag: W/"63d9d497-4640"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: no-cache
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 02 Feb 2023 10:21:23 GMT

GET
H2 200 lib.core.min.3234269c.css
www.winningplus32.com/common/v.1.0.1/manifest/ 256 KB
101 KB 221ms
221ms Stylesheet
text/css 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/common/v.1.0.1/manifest/lib.core.min.3234269c.css

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

7e496561bf529679aecc8a98caf8451811766fca87ec95e8392969c0bf2c9966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Thu, 01 Dec 2022 03:51:53 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"638824d9-3ff9d"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: text/css
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 ping Show response
www.winningplus32.com/wps/system/test/ 222 B
273 B 242ms
242ms XHR
image/png 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/wps/system/test/ping?_=1675304482748

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

6652f41cf5c49d62a02522fc5fec11f62ee4e0fe1b50cc6db298bd974a542434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.winningplus32.com/promotions
X-Requested-With: XMLHttpRequest
Device: WEB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Merchant: winplus

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
x-module-id
strict-transport-security: max-age=31536000; includeSubDomains
server: TL-PROXY
x-app-trace-id: g52tqhu026
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 222
x-elapsed-time: 1

GET
H2 200 mcs_1674106362661_0119%20730x390.gif
images.b51613.com/mcs-images/announcement/winplus/ 295 KB
295 KB 880ms
372ms Image
image/gif 84.252.100.68
GIGABITBANK-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.b51613.com:42666/mcs-images/announcement/winplus/mcs_1674106362661_0119%20730x390.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

84.252.100.68 , Hong Kong, ASN136933 (GIGABITBANK-AS-AP Gigabitbank Global, HK),

Reverse DNS

Software

IMG-PROXY /

Resource Hash

1462ac12d370a409dd72322c35583c1997e5830723b90b7d9e9d55f60b9063d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 19 Jan 2023 05:32:42 GMT
server: IMG-PROXY
etag: "63c8d5fa-49d0d"
img-proxy-cache-tier1: MISS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 302349
img-proxy-cache-tier2: MISS
expires: Thu, 09 Feb 2023 02:21:24 GMT

GET
H2 200 mcs_1674033538100_WP-DAILY-REBATES-730x390.gif
images.b51613.com/mcs-images/announcement/winplus/ 329 KB
329 KB 881ms
373ms Image
image/gif 84.252.100.68
GIGABITBANK-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.b51613.com:42666/mcs-images/announcement/winplus/mcs_1674033538100_WP-DAILY-REBATES-730x390.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

84.252.100.68 , Hong Kong, ASN136933 (GIGABITBANK-AS-AP Gigabitbank Global, HK),

Reverse DNS

Software

IMG-PROXY /

Resource Hash

96abd0abb58ae8117a7cb7521ff48d159833af2235d2ca80f166e63681c6408b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 18 Jan 2023 09:18:57 GMT
server: IMG-PROXY
etag: "63c7b981-523b6"
img-proxy-cache-tier1: MISS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 336822
img-proxy-cache-tier2: HIT
expires: Thu, 09 Feb 2023 02:21:24 GMT

GET
H2 200 mcs_1674019504418_100-Welcome-Bonus-GIF-Banner-730x390.gif
images.b51613.com/mcs-images/announcement/winplus/ 280 KB
280 KB 881ms
373ms Image
image/gif 84.252.100.68
GIGABITBANK-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.b51613.com:42666/mcs-images/announcement/winplus/mcs_1674019504418_100-Welcome-Bonus-GIF-Banner-730x390.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

84.252.100.68 , Hong Kong, ASN136933 (GIGABITBANK-AS-AP Gigabitbank Global, HK),

Reverse DNS

Software

IMG-PROXY /

Resource Hash

09516e688f8f0259b0c375364ba600715177ac6be0ca2c9a9f9480e8c821b347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 18 Jan 2023 05:25:04 GMT
server: IMG-PROXY
etag: "63c782b0-45f3c"
img-proxy-cache-tier1: MISS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 286524
img-proxy-cache-tier2: REVALIDATED
expires: Thu, 09 Feb 2023 02:21:24 GMT

GET
H2 200 mcs_1674023140157_0118%20730x390%20DAILY%20DEPOSIT.gif
images.b51613.com/mcs-images/announcement/winplus/ 214 KB
215 KB 881ms
373ms Image
image/gif 84.252.100.68
GIGABITBANK-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.b51613.com:42666/mcs-images/announcement/winplus/mcs_1674023140157_0118%20730x390%20DAILY%20DEPOSIT.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

84.252.100.68 , Hong Kong, ASN136933 (GIGABITBANK-AS-AP Gigabitbank Global, HK),

Reverse DNS

Software

IMG-PROXY /

Resource Hash

84a7d82dc39c2b40417e1539fcb2c874d11af1adffeaba0d30d36003200c4449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 18 Jan 2023 06:25:40 GMT
server: IMG-PROXY
etag: "63c790e4-3599b"
img-proxy-cache-tier1: MISS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 219547
img-proxy-cache-tier2: MISS
expires: Thu, 09 Feb 2023 02:21:24 GMT

GET
H2 200 mcs_1674116782966_WP-10-DAILY-CASHBACK-730x390.gif
images.b51613.com/mcs-images/announcement/winplus/ 389 KB
389 KB 880ms
373ms Image
image/gif 84.252.100.68
GIGABITBANK-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.b51613.com:42666/mcs-images/announcement/winplus/mcs_1674116782966_WP-10-DAILY-CASHBACK-730x390.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

84.252.100.68 , Hong Kong, ASN136933 (GIGABITBANK-AS-AP Gigabitbank Global, HK),

Reverse DNS

Software

IMG-PROXY /

Resource Hash

0f3a24dcd359341de3bcbcaf6bd8e24230c0cc6543e94ae6bab9686160951b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 19 Jan 2023 08:26:22 GMT
server: IMG-PROXY
etag: "63c8feae-6145b"
img-proxy-cache-tier1: MISS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 398427
img-proxy-cache-tier2: REVALIDATED
expires: Thu, 09 Feb 2023 02:21:24 GMT

GET
H2 200 mcs_1674016410854_5-usdt-730x390.gif
images.b51613.com/mcs-images/announcement/winplus/ 332 KB
332 KB 879ms
372ms Image
image/gif 84.252.100.68
GIGABITBANK-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.b51613.com:42666/mcs-images/announcement/winplus/mcs_1674016410854_5-usdt-730x390.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

84.252.100.68 , Hong Kong, ASN136933 (GIGABITBANK-AS-AP Gigabitbank Global, HK),

Reverse DNS

Software

IMG-PROXY /

Resource Hash

a88a952b795f9ba549c91ad0785c1dbe0cfc91b76da658722e2fd1d647cf4d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 18 Jan 2023 04:33:30 GMT
server: IMG-PROXY
etag: "63c7769a-53041"
img-proxy-cache-tier1: MISS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 340033
img-proxy-cache-tier2: HIT
expires: Thu, 09 Feb 2023 02:21:24 GMT

GET
H2 200 mcs_1674028099639_WP-3-DEPOSIT-BONUS-730x390.gif
images.b51613.com/mcs-images/announcement/winplus/ 345 KB
346 KB 876ms
372ms Image
image/gif 84.252.100.68
GIGABITBANK-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.b51613.com:42666/mcs-images/announcement/winplus/mcs_1674028099639_WP-3-DEPOSIT-BONUS-730x390.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

84.252.100.68 , Hong Kong, ASN136933 (GIGABITBANK-AS-AP Gigabitbank Global, HK),

Reverse DNS

Software

IMG-PROXY /

Resource Hash

ee8a826c98913612cd99c5f7fe08ffa9a66d68fd05ba8d12cbe10104b07b9fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 18 Jan 2023 07:48:19 GMT
server: IMG-PROXY
etag: "63c7a443-5654e"
img-proxy-cache-tier1: MISS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 353614
img-proxy-cache-tier2: MISS
expires: Thu, 09 Feb 2023 02:21:24 GMT

GET
H2 200 mcs_1673926999370_PROMOTIONS%20copy.jpg
images.b51613.com/mcs-images/announcement/winplus/ 346 KB
346 KB 877ms
373ms Image
image/jpeg 84.252.100.68
GIGABITBANK-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.b51613.com:42666/mcs-images/announcement/winplus/mcs_1673926999370_PROMOTIONS%20copy.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

84.252.100.68 , Hong Kong, ASN136933 (GIGABITBANK-AS-AP Gigabitbank Global, HK),

Reverse DNS

Software

IMG-PROXY /

Resource Hash

586540afb55b12109857c988f5c13cdb7babb20c12fe55dc9c117734c0a5c0ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 17 Jan 2023 03:43:19 GMT
server: IMG-PROXY
etag: "63c61957-56813"
img-proxy-cache-tier1: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 354323
img-proxy-cache-tier2: HIT
expires: Thu, 09 Feb 2023 02:21:24 GMT

GET
H2 200 lottTranslator.555353aa.js Show response
www.winningplus32.com/lotto/lott-common/ 592 KB
110 KB 222ms
221ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/lotto/lott-common/lottTranslator.555353aa.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

88f37defc672e51e17f9340ed6e101c2f9426c4ec20535fd02e300b1c56e34c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Tue, 03 Jan 2023 21:24:57 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63b49d29-94083"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 bettingCompress.fd470971.js Show response
www.winningplus32.com/lotto/lott-common/ 873 B
928 B 222ms
222ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/lotto/lott-common/bettingCompress.fd470971.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

1e5fae5a369c1a32975ef78dba1ecd7b903820c80c2bfc139ebfd4573c03d1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
tl-proxy-cache-tier1: HIT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 03 Jan 2023 21:24:57 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: "63b49d29-369"
access-control-allow-methods: GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 873
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 decimal.min.b4a075bd.js Show response
www.winningplus32.com/ac/v.1.0.1/manifest/ 13 KB
6 KB 442ms
441ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/ac/v.1.0.1/manifest/decimal.min.b4a075bd.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

25dd4d16d5fd3c4ac796badcce3ec057d92c52255f8d8481570fb54549dac5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: MISS
last-modified: Wed, 01 Feb 2023 02:55:18 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d496-32f3"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 ac-wps.46c7c1aa.js Show response
www.winningplus32.com/ac/v.1.0.1/manifest/ 46 KB
6 KB 238ms
236ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/ac/v.1.0.1/manifest/ac-wps.46c7c1aa.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

6de36c2a4bc27df385d020a7ea9e9a65a83c56093c27cf2db3edac3e127b526a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Wed, 01 Feb 2023 02:55:19 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d497-b81c"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 ac-properties.897085ea.js Show response
www.winningplus32.com/ac/v.1.0.1/manifest/ 728 KB
187 KB 444ms
443ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/ac/v.1.0.1/manifest/ac-properties.897085ea.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

bf4c02b9a6fe99fda64f6eaa15983904a427e2e6f86f2304abc73e050ddf8883

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: MISS
last-modified: Wed, 01 Feb 2023 02:55:19 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d497-b5e2e"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 ac-control-shanshan.12fcfe7c.js Show response
www.winningplus32.com/ac/v.1.0.1/manifest/ 789 KB
148 KB 238ms
237ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/ac/v.1.0.1/manifest/ac-control-shanshan.12fcfe7c.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

659fee7d35fd7044c7c4e897c1237781b9d8d533ea722ffc4b36858aab8a712b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Wed, 01 Feb 2023 02:55:19 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d497-c54ea"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 ac-ui-shanshan.4fd61a57.js Show response
www.winningplus32.com/ac/v.1.0.1/manifest/ 426 KB
51 KB 444ms
443ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/ac/v.1.0.1/manifest/ac-ui-shanshan.4fd61a57.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

b7cfcb29cfa59d1b222ed9b13139749220004e8c1cca3892328981e88788bc71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: MISS
last-modified: Wed, 01 Feb 2023 02:55:19 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d497-6a8ff"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 ac_shanshan.f7ccd5d9.css
www.winningplus32.com/ac/v.1.0.1/manifest/ 826 KB
208 KB 238ms
237ms Stylesheet
text/css 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/ac/v.1.0.1/manifest/ac_shanshan.f7ccd5d9.css

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

e4fb264efe6e80cca33acc7f91b0de0edf2decbeac574ecca7e10e83ccbae44b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Wed, 01 Feb 2023 02:55:19 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d497-ce95a"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: text/css
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 g2.min.js Show response
cdn.jsdelivr.net/npm/@antv/g2@4.2.3/dist/ 865 KB
213 KB 198ms
90ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@antv/g2@4.2.3/dist/g2.min.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cea25f3456374b0b3c31f35c6d9b78e638bc26710e8373d9a383ce703c88d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 72865
x-jsd-version: 4.2.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19171-FRA, cache-itm18850-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"d82c5-eSJeFdMsBDXE0ShH9a6Jvs4xKt0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJbi9yISNPFFmbWgdZ7PRz6q4Tb2TGvQNt%2FxsyIJCHxvKpVM3JHHAsRAuwje%2FjuaCIDWPsCZP0N%2B3G0Ppmiemk9X%2FFRlDpYNZSpd4%2FpvGPNNi37FI5vu7nkJUfFG2v6FINbODTHM%2Bg%2BSVYfXL8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 792f73fe4dc935ea-FRA

GET
H2 200 dirty.294caafc.css
www.winningplus32.com/mc/v.1.0.1/manifest/ 88 B
149 B 440ms
439ms Stylesheet
text/css 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/mc/v.1.0.1/manifest/dirty.294caafc.css

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

2b0b5c66c39bbe4ade93ebb6218e3ebbce3a9d3b4cf8b749300a78f577445ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
tl-proxy-cache-tier1: MISS
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 01 Feb 2023 02:54:35 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: "63d9d46b-58"
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: text/css
access-control-allow-origin: *, *
cache-control: max-age=86400, public
accept-ranges: bytes
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 88
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 qrcode.min.d519b59b.js Show response
www.winningplus32.com/mc/v.1.0.1/manifest/ 19 KB
7 KB 237ms
234ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/mc/v.1.0.1/manifest/qrcode.min.d519b59b.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

45fde897a3b2aa4f9c051020dfa53cd7cf25aafa152a68757c1bd474837446ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Wed, 01 Feb 2023 02:54:36 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d46c-4c14"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 slider.d420e4d3.js Show response
www.winningplus32.com/mc/v.1.0.1/manifest/ 32 KB
6 KB 440ms
438ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/mc/v.1.0.1/manifest/slider.d420e4d3.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

7062323b9c3f6fbc07887ff7baaedb379d6836e7bfe70d7747025729598ab49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: MISS
last-modified: Wed, 01 Feb 2023 02:54:36 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d46c-7e10"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 mc-wps.d0f8d9ef.js Show response
www.winningplus32.com/mc/v.1.0.1/manifest/ 50 KB
7 KB 441ms
439ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/mc/v.1.0.1/manifest/mc-wps.d0f8d9ef.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

991bd9bc51e5ab16734fc5bdda7d4c2d7db34f7907ed7aa524ba74cba1b64524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: MISS
last-modified: Wed, 01 Feb 2023 02:54:36 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d46c-c6cf"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 mc-properties.7071ba12.js Show response
www.winningplus32.com/mc/v.1.0.1/manifest/ 909 KB
224 KB 236ms
234ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/mc/v.1.0.1/manifest/mc-properties.7071ba12.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

0c488f0b093a3a356d8aa85b4d0de0ad54b0a808261c1aafb4501de09e919208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Wed, 01 Feb 2023 02:54:36 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d46c-e35bc"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 mc-control-shanshan.93969e46.js Show response
www.winningplus32.com/mc/v.1.0.1/manifest/ 784 KB
162 KB 440ms
438ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/mc/v.1.0.1/manifest/mc-control-shanshan.93969e46.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

ee94c1b03450586ed1432ff215e523f6152ee2ce38e93a2b7498809e904648c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: MISS
last-modified: Wed, 01 Feb 2023 02:54:35 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d46b-c416b"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 mc_shanshan.3562360a.css
www.winningplus32.com/mc/v.1.0.1/manifest/ 632 KB
163 KB 439ms
438ms Stylesheet
text/css 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/mc/v.1.0.1/manifest/mc_shanshan.3562360a.css

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

55ea4ca82cfc0638868635c895f102eb32388b27a13c1d5924a915c850ad20d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: MISS
last-modified: Wed, 01 Feb 2023 02:54:35 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d46b-9e118"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: text/css
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 mc_icon_s.0fd68d55.css
www.winningplus32.com/mc/v.1.0.1/manifest/ 47 KB
26 KB 437ms
436ms Stylesheet
text/css 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/mc/v.1.0.1/manifest/mc_icon_s.0fd68d55.css

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

58d51b59248c18d27839d3073ffc1d6e5f5077d53edefb17bc375561ee5350d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/promotions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
content-encoding: gzip
tl-proxy-cache-tier1: HIT
last-modified: Wed, 01 Feb 2023 02:54:36 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: W/"63d9d46c-bd5d"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: text/css
access-control-allow-origin: *, *
cache-control: max-age=86400, public
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
H2 200 swiper-bundle.min.js Show response
cdn.jsdelivr.net/npm/swiper@8.2.4/ 139 KB
40 KB 155ms
50ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@8.2.4/swiper-bundle.min.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f50956bd9316594d4164b19382f276582b74015fcaa4dfb10d85c5ea0a8097bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 72866
x-jsd-version: 8.2.4
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19126-FRA, cache-iad-kiad7000059-IAD
x-jsd-version-type: version
server: cloudflare
etag: W/"22d5e-88E25msoq/dI3F5PvkQrKHTyisw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGSKafbNWEYw7NXQtMTIEch7%2F9KsLo%2BuC8TCxuG%2Fr2kuUPFCxk%2FRCbiQdwgU4ZrBUWiO6jNhXKoc76Y7fqhQ8uG%2B74wGzF7gGmCIY2egPGt5wZ5QpF%2FBw5SDGYVOCdjkMUkRGmgQdUqWXSSBWDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 792f73fe5dca35ea-FRA

GET
H2 200 external-module.62dfc969.js Show response
www.winningplus32.com/mc/v.1.0.1/manifest/ 332 B
417 B 437ms
436ms Script
application/javascript 104.208.69.239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningplus32.com/mc/v.1.0.1/manifest/external-module.62dfc969.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/mc/v.1.0.1/index.js?_=1675304481934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.208.69.239 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TL-PROXY /

Resource Hash

472f9b35b3e006cc704d7faa95b01509d14513e47bd3a14b120dca944b5d6996

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.winningplus32.com/promotions
Origin: https://www.winningplus32.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:21:23 GMT
tl-proxy-cache-tier1: HIT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 01 Feb 2023 02:54:35 GMT
server: TL-PROXY
tl-proxy-cache-tier2: MISS
etag: "63d9d46b-14c"
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=86400, public
accept-ranges: bytes
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 332
expires: Fri, 03 Feb 2023 02:21:23 GMT

GET
BLOB 200
OK fe6de737-5014-47c6-912b-3a535314bfad
https://www.winningplus32.com/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.winningplus32.com/fe6de737-5014-47c6-912b-3a535314bfad
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 074c1063ffb2d461213e96502cf6d2b47a6266ad8e65098e7c43111204271ccb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 1673
Content-Type: application/javascript

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/9.14.0/ 90 KB
21 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.14.0/firebase-app.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fbb03aabc125045ee2d98be69199bcc01b9cb22aa2e438ab7422303622e0f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winningplus32.com/
Origin: https://www.winningplus32.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 14:37:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20513
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 21:00:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 14:37:56 GMT

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/9.14.0/ 115 KB
33 KB 165ms
78ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.14.0/firebase-auth.js

Requested by

Host: www.winningplus32.com
URL: https://www.winningplus32.com/promotions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77eb87926cbc4ca21f9da2a1d9290abe1cc08683d401d0e08a7aabd6447b3982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winningplus32.com/
Origin: https://www.winningplus32.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 23:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33722
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 21:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 23:46:50 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-L3HE84YB47&gtm=2oe1u0&_p=801169705&cid=1591447888.1675304481&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1675304481&sct=1&seg=0&dl=https%3A%2F%2Fwww.winningplus32.com%2Fpromotions&dt=WIN%20PLUS&en=scroll&epn.percent_scrolled=90&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3HE84YB47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 02:21:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winningplus32.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9HYGDFD9SJ&gtm=2oe1u0&_p=801169705&cid=1591447888.1675304481&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1675304482&sct=1&seg=0&dl=https%3A%2F%2Fwww.winningplus32.com%2Fpromotions&dt=WIN%20PLUS&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9HYGDFD9SJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winningplus32.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 02:21:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winningplus32.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.winningplus32.com
URL: https://www.winningplus32.com/lgw/vn/numeros/opened/game?

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winningplus32.com/	1970-01-20 18:57:44	Name: _ga Value: GA1.1.1591447888.1675304481
.winningplus32.com/	1970-01-20 18:57:44	Name: _ga_L3HE84YB47 Value: GS1.1.1675304481.1.0.1675304481.60.0.0
.winningplus32.com/	1970-01-20 18:57:44	Name: _ga_9HYGDFD9SJ Value: GS1.1.1675304482.1.0.1675304482.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jivosite.com
fonts.googleapis.com
images.b51613.com
region1.analytics.google.com
stats.g.doubleclick.net
telemetry.jivosite.com
w4game.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.winningplus32.com
www.winningplus32.com
104.208.69.239
198.244.165.101
2001:4860:4802:32::36
2606:4700:3030::ac43:b98e
2606:4700:3035::6815:2069
2606:4700::6810:5714
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:400c:c09::9d
2a03:90c0:41:2801::24
84.252.100.68
00d7af94cb3cabcd31dd78f4e767f2bf05a615c53dcda7efc32c2953c8d54ce1
027062c70df54f29fb2440ed06a14512e2280a2ef19972cbf984faa2a0810b81
07390e7762023441bf3b547cd86d897175f6ac6d1fa8a2f03525bd96cd6ef157
074c1063ffb2d461213e96502cf6d2b47a6266ad8e65098e7c43111204271ccb
09516e688f8f0259b0c375364ba600715177ac6be0ca2c9a9f9480e8c821b347
0c488f0b093a3a356d8aa85b4d0de0ad54b0a808261c1aafb4501de09e919208
0f3a24dcd359341de3bcbcaf6bd8e24230c0cc6543e94ae6bab9686160951b64
102f8ed4fb43cf1048e12ba9fba181d47c59ce38d5b44942a1e4fa9ade629e22
13a20f9d822c7b7c17d498f99c8d7d24ded24554ab6631a97fe6c5d007a87450
1462ac12d370a409dd72322c35583c1997e5830723b90b7d9e9d55f60b9063d6
1d05d3b4224cbdd785509b9e0af29c8221fcea7638e5d3cd9bb17aec37b10270
1e5fae5a369c1a32975ef78dba1ecd7b903820c80c2bfc139ebfd4573c03d1a0
1e700632eb1ef9912e2e05b93d0a8f607e30b6484853806ff3538e7d89a990b3
20b11526e3af5d57cedadd484a7520c16fe56d1099b6e9f5332831fc222aebff
20cc69995d59f66f9472e6beb82936abd84d05ae7a1076871c5787823e551192
25dd4d16d5fd3c4ac796badcce3ec057d92c52255f8d8481570fb54549dac5f7
26402164a99184437c38463e0d5c617b9b5e45574046ceae23ca8b9839bd573d
2b0b5c66c39bbe4ade93ebb6218e3ebbce3a9d3b4cf8b749300a78f577445ba1
2cea25f3456374b0b3c31f35c6d9b78e638bc26710e8373d9a383ce703c88d4e
340eea182b3d133c1bc449bf1a6743a49c7573d3ad41ccbc3e31d558baf21190
3767d226e190f0560a265b95de068f3013448924c4e3336d28780718f81c5c1c
3b0b8b8806460b9d1ffa4a59c215c8e260dab390a14a79c9cf105d946c607360
45fde897a3b2aa4f9c051020dfa53cd7cf25aafa152a68757c1bd474837446ac
472f9b35b3e006cc704d7faa95b01509d14513e47bd3a14b120dca944b5d6996
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4fbb03aabc125045ee2d98be69199bcc01b9cb22aa2e438ab7422303622e0f09
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55ea4ca82cfc0638868635c895f102eb32388b27a13c1d5924a915c850ad20d4
56e48c38e3df1aef9f785cf3028a238c898dced880544a7910e727aaa029fff0
586540afb55b12109857c988f5c13cdb7babb20c12fe55dc9c117734c0a5c0ed
58d51b59248c18d27839d3073ffc1d6e5f5077d53edefb17bc375561ee5350d4
5901b0fc06c52d12fd08a496ed23faa14226ec7df9d14cef0f73e0913e1e2699
659fee7d35fd7044c7c4e897c1237781b9d8d533ea722ffc4b36858aab8a712b
6652f41cf5c49d62a02522fc5fec11f62ee4e0fe1b50cc6db298bd974a542434
68ead47d55a6fff9776cd37c27d2610bfb512c27d4dff18ce4e32054ccdc4cdb
6de36c2a4bc27df385d020a7ea9e9a65a83c56093c27cf2db3edac3e127b526a
70582401b646d2fb98282df648dfe5c2c338b1c0aed00f77e373550b9c9acc19
7062323b9c3f6fbc07887ff7baaedb379d6836e7bfe70d7747025729598ab49f
73b3eabea69b697d2bad8d509a404c5847e388b33d093b487a383d605b6f54bb
7431f3941829b1fe3a390b6ef2abeebfeedd90db3e1dd98c001156b827b94166
749c885d96c6422f82da4cb981c05cc4724b12265a00dc3055fae37026b6aeda
77eb87926cbc4ca21f9da2a1d9290abe1cc08683d401d0e08a7aabd6447b3982
7ab5968e53737097c25ac3303d29fdd823c504174433d8d57cec490ae9f751b0
7e496561bf529679aecc8a98caf8451811766fca87ec95e8392969c0bf2c9966
83a00ef8a5bc290c76d5813193eb405fa0ef2bb6ee3b9ac81cef030aa5de8e21
84a7d82dc39c2b40417e1539fcb2c874d11af1adffeaba0d30d36003200c4449
88f37defc672e51e17f9340ed6e101c2f9426c4ec20535fd02e300b1c56e34c3
898574e1cdea081763bec973b45ae27d3e2f341354eeac08fbd8f65c8c4f76f5
93e3532d5f5fe644ab28638cb9bd7b11a70d43dc3c8c6a46d74c2113e78db851
96abd0abb58ae8117a7cb7521ff48d159833af2235d2ca80f166e63681c6408b
991bd9bc51e5ab16734fc5bdda7d4c2d7db34f7907ed7aa524ba74cba1b64524
9b5e3380a49c538347da5df52e9e8ee349a75943576d3a598cd35bd6f632fba1
a2f2f25f2cf41a0a6f9a1a90d4dd6236911b94c11e737c432a13ce2284deab07
a88a952b795f9ba549c91ad0785c1dbe0cfc91b76da658722e2fd1d647cf4d45
ab7cc8d36164e34ebb07e23432e0947df00b563a224c9b241f7335797080ecb6
b070bbb709cea57c532f952f42f8e5d7e037416299d31859affe6f31a7e005f0
b61ba5eb2841f95f0dc62d8ccad9a5898992343e3ad9166b08eb4e329b934998
b7cfcb29cfa59d1b222ed9b13139749220004e8c1cca3892328981e88788bc71
bf4c02b9a6fe99fda64f6eaa15983904a427e2e6f86f2304abc73e050ddf8883
ce71e08dcd05abc0dbf0e9c82276ecb8785e2586fccbfa311bc383aab2621536
e1c89cbc5e7b780d4f7376f6dbd5c86947505c3e391666f9a9f0f8f37f416729
e2225966d041e98a9bd5f27817f05bb4bf032c58b93eaecbd6fadb766d15156c
e3a5fb1de8340080fe349f1d55376a25f713397d201cd54296ba86132dc1c677
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46a58cbe4a8e5708e026fff2b15525b5ff4961749b7a2563cacc8d29a9e2895
e4fb264efe6e80cca33acc7f91b0de0edf2decbeac574ecca7e10e83ccbae44b
e7cd38bd794fcc6ab992282c6f5445b930d9eabf0614831b842573e368ac058c
eae2387de85fe4d31a45f253a6013bb39bd9f32adee75c8d9f808e8450a547c3
ebb7d0704543a0bf52bcd6d4f22b0b240ee17fa953967c148505526a0a01dc39
ee8a826c98913612cd99c5f7fe08ffa9a66d68fd05ba8d12cbe10104b07b9fe5
ee94c1b03450586ed1432ff215e523f6152ee2ce38e93a2b7498809e904648c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f393ab925e9a92671f6cea05410c8c6e3c8b6ae3e2e0b44cf0924cf875329c29
f50956bd9316594d4164b19382f276582b74015fcaa4dfb10d85c5ea0a8097bc
f7b150fd621f8c92a1d73076b28107988be22241e57c111c5db870cc7922abb9
f84b546de0f677e551fb3ec470f90945c14e6406f7f2d0f1ba92694343e18374
fab07feb5e97ac291ba04207d66b11bee8d95bcee0bc413ac6468069fa168821
fb5a90cacfe1f91852ccc167b0cf548d6a8f8fce33dadd50a2c0c3484019741b
fc4a9aab43f2f9da2766509d77413599979d278d29a8b1b31d8b527ece200ba1
fdc29760e91bef5c033f88277ace76fb8ef081d4cd4f917ef37073387637ab60
ff725dcb3ff473cda52a313e9d4dbc871109e4712c79346f272bcf19cb67f416

www.winningplus32.com Open in urlscan Pro 104.208.69.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

97 %HTTPS

77 %IPv6

11 Domains

12 Subdomains

12 IPs

5 Countries

6992 kBTransfer

15564 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.winningplus32.com Open in urlscan Pro
104.208.69.239 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

97 %
HTTPS

77 %
IPv6

11
Domains

12
Subdomains

12
IPs

5
Countries

6992 kB
Transfer

15564 kB
Size

3
Cookies

71 HTTP transactions
18 data transactions