www.winloot.com Open in urlscan Pro
52.21.228.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.mg.winloot.com/c/eJx9kTFvgzAQhX8NLMjIZ5sDDwwhLlOnKlLHyBiTWMUYJU5p_30dJZU6Vbrlnt77Tk83tsBHK4bcjV8tlwAImLuWUQaUMw...
Effective URL:
https://www.winloot.com/Site/Denied
Submission: On March 30 via manual (March 30th 2021, 6:50:31 pm UTC) from US

Summary HTTP 80 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 80 HTTP transactions. The main IP is 52.21.228.160, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.winloot.com.
TLS certificate: Issued by R3 on February 28th 2021. Valid for: 3 months.

This is the only time www.winloot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.238.83.190 44.238.83.190	16509 (AMAZON-02) (AMAZON-02)
1 37	52.21.228.160 52.21.228.160	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:badb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:9000:206... 2600:9000:206f:dc00:2:268:2600:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1 1	2600:1f18:730... 2600:1f18:730:b120:1f6b:b8df:cda6:ffc4	14618 (AMAZON-AES) (AMAZON-AES)
1	52.86.196.188 52.86.196.188	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
80	21

1 44.238.83.190 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-83-190.us-west-2.compute.amazonaws.com

email.mg.winloot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 52.21.228.160 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-228-160.compute-1.amazonaws.com

www.winloot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.52 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:badb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:206f:dc00:2:268:2600:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.winloot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

tag.perfectaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p.d.2enm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:1f6b:b8df:cda6:ffc4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.196.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-196-188.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	winloot.com 2 redirects email.mg.winloot.com www.winloot.com static.winloot.com	554 KB
6	google.com contributor.google.com www.google.com	37 KB
4	google.de www.google.de	1 KB
4	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	5 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	liadm.com 1 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com	11 KB
3	googletagmanager.com www.googletagmanager.com	115 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	bing.com bat.bing.com	9 KB
2	2enm.com p.d.2enm.com	1 KB
2	googleadservices.com www.googleadservices.com	31 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	perfectaudience.com tag.perfectaudience.com	338 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
80	16

	Domain	Requested by
37	www.winloot.com	1 redirects www.winloot.com
6	static.winloot.com	www.winloot.com
4	www.google.de	www.winloot.com
4	www.google.com	www.winloot.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.winloot.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.googletagmanager.com	www.winloot.com www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	bat.bing.com	www.winloot.com
2	p.d.2enm.com	www.winloot.com
2	www.googleadservices.com	www.winloot.com www.googletagmanager.com
2	contributor.google.com	www.winloot.com
2	platform.twitter.com	www.winloot.com platform.twitter.com
2	secure.adnxs.com	1 redirects www.winloot.com
2	fonts.googleapis.com	www.winloot.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	rp4.liadm.com	www.winloot.com
1	rp.liadm.com	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	tag.perfectaudience.com	www.winloot.com
1	b-code.liadm.com	www.winloot.com
1	maxcdn.bootstrapcdn.com	www.winloot.com
1	email.mg.winloot.com	1 redirects
80	23

This site contains links to these domains. Also see Links.

Domain
winloot.zendesk.com
blog.winloot.com
bonusgiveaway.winloot.com

Subject Issuer	Validity	Valid
www.winloot.com R3	`2021-02-28` - `2021-05-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
b-code.liadm.com DigiCert Secure Site ECC CA-1	`2020-06-23` - `2021-09-22`	a year	crt.sh
static.winloot.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.perfectaudience.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.d.0emm.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.liadm.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.winloot.com/Site/Denied
Frame ID: EED748AF4A7545BA5858FF5F9686FBC9
Requests: 78 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.winloot.com
Frame ID: 374F2EDEE526E6103C9C72A2146AD99A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.mg.winloot.com/c/eJx9kTFvgzAQhX8NLMjIZ5sDDwwhLlOnKlLHyBiTWMUYJU5p_30dJZU6Vbrlnt77Tk83tsBHK4... HTTP 302
https://www.winloot.com/Register?invitation=3aa991ac-3817-4da5-8c20-a5fac0d3f662&email=Bonnie_watson... HTTP 302
https://www.winloot.com/Site/Denied Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

80
Requests

100 %
HTTPS

70 %
IPv6

16
Domains

23
Subdomains

21
IPs

4
Countries

957 kB
Transfer

2351 kB
Size

10
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://winloot.zendesk.com/forums/21955052-FAQ
Title: CONTACT

Search URL Search Domain Scan URL

URL: http://blog.winloot.com/
Title: BLOG

Search URL Search Domain Scan URL

URL: http://bonusgiveaway.winloot.com/
Title: $500 bonus giveaway located here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.mg.winloot.com/c/eJx9kTFvgzAQhX8NLMjIZ5sDDwwhLlOnKlLHyBiTWMUYJU5p_30dJZU6Vbrlnt77Tk83tsBHK4bcjV8tlwAImLuWUQaUMwkoaAUllBx3neIKWU2BUSUzQf2p3NwyhxBLE3x-bocaGhxwktPAUDSA9SCrUY6U27q2VZXP7TnG9ZrxXcb6NNu2_UUk5c2e3DXaS8Z7t3y6qKMLS8YV11pK0IbwBmoiRl2RxjBKdDVpQ0c-IbKMofXazcnehWVx9rjpeE1xQcMab54jfVzBhFdYIesblKRXXU-EwJ5ItUPSC4Wq3zdMdSJZb9Efr-F2MTZlHviHaMIS7RKT-v5a7Iyxa-T7ghPWEAbFfnbm4yiBQEOLw2MDmrHuN639qt3pXk0l5nfxckcXB-vXWUf7dHk7upu_138-5tL-1-wHMi2KeA HTTP 302
https://www.winloot.com/Register?invitation=3aa991ac-3817-4da5-8c20-a5fac0d3f662&email=Bonnie_watson@optum360.com&r=6562F869-FDBF-446F-9DA6-F4D6DFC82DB4&utm_source=email&utm_content=WL+Accept3C+3-28-21+Click_91-180+TClick_10+&utm_campaign=Daily+Email+Template&utm_medium=3911616 HTTP 302
https://www.winloot.com/Site/Denied Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://secure.adnxs.com/seg?add=19756850&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19756850%26t%3D1

Request Chain 71

https://rp.liadm.com/j?tna=v2.0.1&aid=a-03ba&wpn=lc-bundle&pu=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&duid=bca5bbfbc6c7--01f227hmfms9gghvnga9mta57q&se=e30&dtstmp=1617130213992 HTTP 302
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-03ba&wpn=lc-bundle&pu=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&duid=bca5bbfbc6c7--01f227hmfms9gghvnga9mta57q&se=e30&dtstmp=1617130213992&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set Denied Show response
www.winloot.com/Site/
Redirect Chain

http://email.mg.winloot.com/c/eJx9kTFvgzAQhX8NLMjIZ5sDDwwhLlOnKlLHyBiTWMUYJU5p_30dJZU6Vbrlnt77Tk83tsBHK4bcjV8tlwAImLuWUQaUMwkoaAUllBx3neIKWU2BUSUzQf2p3NwyhxBLE3x-bocaGhxwktPAUDSA9SCrUY6U27q2VZXP7Tn...
https://www.winloot.com/Register?invitation=3aa991ac-3817-4da5-8c20-a5fac0d3f662&email=Bonnie_watson@optum360.com&r=6562F869-FDBF-446F-9DA6-F4D6DFC82DB4&utm_source=email&utm_content=WL+Accept3C+3-2...
https://www.winloot.com/Site/Denied

31 KB
32 KB

213ms
212ms

Document
text/html

52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4146d13492c51ed8cdea0b7e704f2dc839d486c0a5895f74cab37d0470015fc1

Request headers

Host: www.winloot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ASP.NET_SessionId=k514upnmxwuoxbqrk0t1hurg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: WL_LAYOUT=ID=gf1fBTTAz7UPM1cbMOmGlQ==&CSS=D+9QbEXKomSAlb6JTvdVJx/WF4WqDjA6PE7cNIbkLTw=&SUF=Tjdmy0VSCVtRIpb7yvRClw==&ADC=hTrBGFJHfvWejme+Z80Bdw==&EXP=FALSE; expires=Thu, 29-Apr-2021 18:50:06 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Length: 31970

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Site/Denied
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=k514upnmxwuoxbqrk0t1hurg; path=/; HttpOnly
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Length: 129

GET
H2 200 css
fonts.googleapis.com/ 5 KB
690 B 19ms
10ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,700,500

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44e3a23e117969db2533d2e0d7e1bd13a6c87a0fbb6e42868929ce738682fff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 18:43:33 GMT
server: ESF
date: Tue, 30 Mar 2021 18:50:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 18:50:12 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 39ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:50:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 1725761
cdn-cachedat: 2021-03-10 20:26:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 092611e5d900004ee086370000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ac51d65409f7a6c773e04411dc506557
cf-ray: 638385b62b484ee0-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK addtohomescreen.min.js Show response
www.winloot.com/js/AddToHomescreen/ 24 KB
8 KB 491ms
187ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/AddToHomescreen/addtohomescreen.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 345741f4b4cf571a306feeb77dfad0098f7eaabfdfad65208aa47de3d443b721

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 7953

GET
H/1.1 200
OK addtohomescreen.css
www.winloot.com/css/ 10 KB
5 KB 182ms
101ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/addtohomescreen.css
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 84ef3e9712d1db9defde9af98521c439379a103bbf9b78679b2ff93631480af6

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b73cba3dd0d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 5318

GET
H/1.1 200
OK index.css
www.winloot.com/css/play/ 5 KB
2 KB 282ms
100ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/play/index.css?v=71
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3d5c0f99d3a1f778f4ece14cb7d99587aafcf3ac1714372ca05048536e6520e3

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jun 2018 21:23:10 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "07375bdeef9d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1441

GET
H/1.1 200
OK popup.css
www.winloot.com/css/play/ 1 KB
1 KB 297ms
98ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/play/popup.css?v=71
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1136f84db7704df75126ab728df0925bed6918dce51271484f6a8bae29918ea2

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Last-Modified: Mon, 09 Apr 2018 20:02:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b73cba3dd0d31:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1077

GET
H/1.1 200
OK jquery-ui.min.css
www.winloot.com/css/ 29 KB
7 KB 387ms
186ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/jquery-ui.min.css
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 55949df83494fbcb2fe71fabaaae0108dbeac98c8d8c0ff22f5b5f8247fdf389

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jun 2018 21:23:10 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "07375bdeef9d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 7229

GET
H/1.1 200
OK jquery.fancybox-1.3.4.css
www.winloot.com/css/ 9 KB
2 KB 300ms
98ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/jquery.fancybox-1.3.4.css
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b27ec2595ea128259b968383c3f6e5e3b4d0a3e2c7e70399c68c01254d43bff4

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b73cba3dd0d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1878

GET
H/1.1 200
OK odometer-theme-default.css
www.winloot.com/css/ 4 KB
916 B 301ms
99ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/odometer-theme-default.css
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b0e0af57cc9e25cd25e89c3bb7f884cba9592fc6521616f4b13b467374632587

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Feb 2019 15:56:07 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80c5d0cb7dc4d41:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 623

GET
H/1.1 200
OK fonts.css
www.winloot.com/css/ 4 KB
906 B 302ms
100ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/fonts.css
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2ea1836b9da6aa185e935fabb060935699829575363fdc593c97fbfe5ef7047f

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jun 2018 21:23:10 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "07375bdeef9d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 614

GET
H/1.1 200
OK animate.css
www.winloot.com/Content/ 25 KB
3 KB 382ms
100ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/Content/animate.css
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cb09ab0572c6a6549a782e2843218c00285cb737ae50fe29a5061ca96aff0234

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Nov 2018 16:13:36 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b8a6d46b7bd41:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2936

GET
H/1.1 200
OK bootstrap.min.css
www.winloot.com/css/ 107 KB
18 KB 482ms
186ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/bootstrap.min.css?v=3.1039
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9cd5d3ff4872d20f07c8443a5d1dff15e79ecf3c367dfae064dea93ed5d10053

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b73cba3dd0d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 18044

GET
H/1.1 200
OK common.css
www.winloot.com/css/ 66 KB
6 KB 397ms
98ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/common.css?v=3.1039
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 50f178316c34e1058d082379f13579d6343e09858ba9fea1c2b8c8e537198421

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jul 2020 19:43:15 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80bb758a95bd61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 5608

GET
H/1.1 200
OK _MasterLayoutWhite.css
www.winloot.com/css/ 82 KB
12 KB 488ms
188ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/_MasterLayoutWhite.css?v=3.1039
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a6ce9a009f60fee30bd85144ffcb3fbbb5c9ed030aa5a73878d0195c1e7dcf7e

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Apr 2020 16:44:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "04f4912fc17d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 12190

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=19756850&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19756850%26t%3D1

0
1 KB

15ms
15ms

Script
application/javascript

185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19756850%26t%3D1

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 18:50:12 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.42:80
AN-X-Request-Uuid: e2752e0c-2e38-4bc9-b913-ccadd263123f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 18:50:12 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.113:80
AN-X-Request-Uuid: fcc08f82-d42e-48fa-bdaf-3927b5086cd3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19756850%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
www.winloot.com/Scripts/ 92 KB
33 KB 486ms
105ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/Scripts/jquery-1.10.2.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 52e63816d8b679f42d993be492bb99c713067c028df87032d8fd54b4dde74e3f

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b73cba3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 33422

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 67ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA9) /
Resource Hash: 0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:22:22 GMT
Server: ECS (amb/6BA9)
Age: 621
Etag: "965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29026

GET
H/1.1 200
OK bootstrap.min.js Show response
www.winloot.com/js/ 31 KB
9 KB 487ms
102ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/bootstrap.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 36a326c783a12f72498d41fb32371da87fe0cbd1595248f3f154fd939f07f10c

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8541

GET
H/1.1 200
OK odometer.min.js Show response
www.winloot.com/js/ 10 KB
4 KB 495ms
99ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/odometer.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c2e0787633e616a414524e6e4e00a8eb18640dd67c2f566cadd8c6b0e6f7bdb2

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3638

GET
H/1.1 200
OK jquery.tinyscrollbar.min.js Show response
www.winloot.com/js/compress/ 3 KB
1 KB 579ms
98ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/compress/jquery.tinyscrollbar.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 887ad483dbb92ca26aa2a7030643c545fe34e525c152db9d8927a8d14c133a82

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1073

GET
H/1.1 200
OK default.js Show response
www.winloot.com/js/ 7 KB
3 KB 589ms
100ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/default.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 03e3bf4f71ad94cdb180db4a58d470bf73a46efe6715c1173b0fd447d04cb3d1

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2366

GET
H/1.1 200
OK dateSelect.js Show response
www.winloot.com/js/ 2 KB
3 KB 589ms
100ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/dateSelect.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2675d2d890cf6e372afec413374a542617f9a79f5b1a084aa238bc2116ea2816

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2504

GET
H/1.1 200
OK jquery.blockUI.js Show response
www.winloot.com/js/ 20 KB
7 KB 590ms
101ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/jquery.blockUI.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 28a71436ac0dc932da5f3bee332164e898ac890aba1e4ed9b6b7225e711fdd9d

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jan 2018 14:59:08 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "06a2bc3586d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6640

GET
H/1.1 200
OK marquee.js Show response
www.winloot.com/js/ 42 KB
8 KB 591ms
101ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/marquee.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1a6e059e6586d56c40e2904a0fbbf14a5c00cd396423c1663ceba6ad66c965b7

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8138

GET
H/1.1 200
OK js.cookie.js Show response
www.winloot.com/js/ 5 KB
2 KB 592ms
98ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/js.cookie.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 93f4dd3c5b2cef3ccc537de7e7285c420622626f72387ea06e7feb26dff5ec70

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1479

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.winloot.com/js/jquery-ui-1.12.1/ 248 KB
67 KB 681ms
103ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/jquery-ui-1.12.1/jquery-ui.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 33d4c7601998bd383738dcb9de16fe2a0d71ee0f7378ce936ab8955d543cb822

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 67854

GET
H/1.1 200
OK jquery.mousewheel-3.0.4.pack.js Show response
www.winloot.com/js/compress/ 1 KB
2 KB 688ms
100ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/compress/jquery.mousewheel-3.0.4.pack.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 55c6098fa90bd7ef1b43434546ff045a2f0ace1fa68dcdebca761975a14383b5

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1503

GET
H/1.1 200
OK jquery.fancybox-1.3.4.pack.js Show response
www.winloot.com/js/compress/ 63 KB
14 KB 691ms
103ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/compress/jquery.fancybox-1.3.4.pack.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5ac68b973b51de63b2861b532d0819385850ec5833f50a4dcd3c13a315d0204b

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jul 2016 16:01:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0cf7a2269e3d11:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 14479

GET
H/1.1 200
OK targetPix.js Show response
www.winloot.com/js/compress/ 579 B
838 B 689ms
100ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/compress/targetPix.js?v=71
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0efc85e6eebfe6b9aa34601a041df17b4a2a9febec1a76a3b9605f48c244c426

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 579

GET
H/1.1 200
OK mobile.js Show response
www.winloot.com/js/ 406 B
665 B 689ms
100ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/mobile.js?v=71
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7d9c3aadac62869858af794adf28abf1720c88ec80ceb960152e973a2d936ed6

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 406

GET
H/1.1 200
OK jquery.matchHeight.js Show response
www.winloot.com/js/ 12 KB
3 KB 689ms
99ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/jquery.matchHeight.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e5d0f614fe452ad780d549d8056b7143e3fdd4b98b4491988ad92ecd9458a0dd

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3046

GET
H/1.1 200
OK BlockAdBlockV2.js Show response
www.winloot.com/js/ 1 KB
1 KB 787ms
100ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/BlockAdBlockV2.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5fb2937d4f136eba20499dea2ee71531d046da180f39d16cc2a1fb904f8aa898

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Last-Modified: Wed, 11 Nov 2020 20:12:24 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "56ce31f866b8d61:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1236

GET
H/1.1 200
OK bigtext.js Show response
www.winloot.com/js/ 12 KB
3 KB 788ms
100ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/bigtext.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c771655a26103a33c2ea0c36e4b79674f897d1a7847897acfd73925b3fd58344

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jul 2020 18:06:39 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80e19dafd25ad61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3222

GET
H/1.1 200
OK bootstrap-toggle.js Show response
www.winloot.com/Scripts/ 6 KB
2 KB 790ms
100ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/Scripts/bootstrap-toggle.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 59b433cefe6bb1115502408961048b94168decd7fccc72d3d3a6d0009d93ddec

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 18:10:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "038c5543798d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1596

GET
H/1.1 200
OK bootstrap-dialog.min.js Show response
www.winloot.com/js/ 20 KB
5 KB 790ms
99ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/bootstrap-dialog.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9469cb5999139af08a3d999ef5765edc26bf38b6a038411b290d9280e63cd170

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5122

GET
H/1.1 200
OK howler.js Show response
www.winloot.com/js/ 39 KB
9 KB 793ms
102ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/howler.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1295982ebdf7bd253fdefb02820b149e4ecb6fbf70106dae9c0cd9abe1d15ddb

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jan 2018 14:59:08 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "06a2bc3586d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8798

GET
H/1.1 200
OK post-entry-page.js Show response
www.winloot.com/js/ 502 B
761 B 886ms
100ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/post-entry-page.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5ada7a18d5286a65bcc65f8c5d7a674202b0079125e6141b1c9fb3bb271592c0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Last-Modified: Fri, 01 Jun 2018 21:23:10 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "07375bdeef9d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 502

GET
H/1.1 200
OK bigtext-group.js Show response
www.winloot.com/js/ 2 KB
2 KB 888ms
100ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/bigtext-group.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bb020fbd63f7f52804c123600d2e995ea0bdebad66e932ca8db99329ba3f09da

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
Last-Modified: Thu, 01 Mar 2018 04:27:42 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "1a5bbaa315b1d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1902

GET
H2 200 loader.js Show response
contributor.google.com/scripts/7511681ba629b376/ 101 KB
35 KB 165ms
141ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/7511681ba629b376/loader.js

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7259a9af450bf7c672ba2b3f4c1c1bce9bf9e91c4820ae032ac989065a1ed8cb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BAl/AZcLuswKpbwOnDbMQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-BAl/AZcLuswKpbwOnDbMQQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=86400
content-security-policy: script-src 'report-sample' 'nonce-BAl/AZcLuswKpbwOnDbMQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-BAl/AZcLuswKpbwOnDbMQQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 30 Mar 2021 18:50:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 39ms
19ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-36371770-1

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e1e3e78fa030608fda94f8cbd8fa69bff2b7300febf9243d4ba664c307ec4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:50:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39082
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Mar 2021 18:50:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 29ms
26ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1069804508

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

405e618189c1a394f045af79810a88c815a5df4e5e28c338f97aab689ed426fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:50:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39060
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Mar 2021 18:50:13 GMT

GET
H2 200 a-03ba.min.js Show response
b-code.liadm.com/ 25 KB
10 KB 34ms
13ms Script
application/javascript 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-03ba.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fb17446a0ae8a6fd8cc85f7615a74be77ac6aad208050164c8cbe337dc3bfc9c

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:50:13 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 14:41:09 GMT
etag: "4d911e6307236239f6c566edfbdfeeb8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1
accept-ranges: bytes
content-length: 9832

GET
H2 200 winloot-logo.png
static.winloot.com/images/bs-responsive/ 39 KB
40 KB 525ms
486ms Image
image/png 2600:9000:206f:dc00:2:268:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.winloot.com/images/bs-responsive/winloot-logo.png
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:2:268:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e97275bb9aa10c30a2cd2b9978c3f3a85ecb8a3c17ace9fae33aa696e417843

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 04:21:43 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2017 20:06:20 GMT
server: AmazonS3
age: 52111
etag: "9fd57fc8038be9925da265bd69387d99"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 40357
x-amz-cf-id: T5xv8V0pWUFxi53t_y4MBYNoVQjOOdjkjRkgamxmAXI11esn2sXMAQ==

GET
H2 200 warningsign.png
static.winloot.com/images/error/ 11 KB
11 KB 632ms
594ms Image
image/png 2600:9000:206f:dc00:2:268:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.winloot.com/images/error/warningsign.png
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:2:268:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb64c81741e64df26169d95d60fec8d82aa21531563d3a2a51bb3dd77be3049b

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 04:21:42 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
last-modified: Tue, 22 May 2018 22:42:36 GMT
server: AmazonS3
age: 52112
etag: "3dce4a7fa23920f12e1586370d0647db"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10962
x-amz-cf-id: 5zohAodO5u0SRYvBzaQqPkFWdZkBJ-SxQX32z1xR0MIbYass2bafYw==

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 43 KB
17 KB 83ms
33ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8bbd8d5bc34a8f137d94ab2487e8287000b4aebb27d580ea76c3eb55892bf508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16486
x-xss-protection: 0
server: cafe
etag: 2349003370139776776
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 18:50:13 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 4 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,900

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/css/_MasterLayoutWhite.css?v=3.1039

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f90c1a8f3486ec5057b778dd8d1a60133abc73d77dfbf739590f7118809657ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 18:26:00 GMT
server: ESF
date: Tue, 30 Mar 2021 18:50:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 18:50:13 GMT

GET
H2 200 51e053efa412ffe26100009b.js Show response
tag.perfectaudience.com/serve/ 124 B
338 B 304ms
248ms Script
text/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/51e053efa412ffe26100009b.js

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/js/compress/targetPix.js?v=71

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

40cb29c6823e44efb83a3f11ea4d5f63f6ba7d029afa2058205dbecfa7d9ca30

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:50:14 GMT
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
server: Cowboy
age: 0
x-served-by: cache-hhn4021-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=1800
accept-ranges: bytes
x-timer: S1617130214.797326,VS0,VE227
content-length: 110
x-cache-hits: 0

GET
H3-Q050 200 checksub Show response
contributor.google.com/scripts/7511681ba629b376:D:deabc554145b6c/ 392 B
1 KB 55ms
41ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/7511681ba629b376:D:deabc554145b6c/checksub

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorTargetingClientJs.en_US.3RuAw_htJwA.es5.O/d=1/ct=zgms/rs=AJlcJMzqkhNvyltL7A1js1Sseo3449MWhg/m=contributor

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

499ed2eab31b86945ef30eecfab69f26b3be867fc3d51ec16b8eaf0d6e0038f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0kiWTNSNrYlou5MsbtT4Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-0kiWTNSNrYlou5MsbtT4Kg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.winloot.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-0kiWTNSNrYlou5MsbtT4Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-0kiWTNSNrYlou5MsbtT4Kg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AAAACgAA2_E7qwwiu8z1hyiLhJ2bkgAA_SIol2A00864hDLeqTaeMPyDAn8zmzrfECT3_ykeqGUJjzjf5FT7hgxMCKjem0n_JGc2M7kEJI9vA1eeqwltR6qHgA2ep_94w9Ycoi4Sdm5IO0ULEM44cO Show response
p.d.2enm.com/v4/ 27 B
811 B 70ms
17ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p.d.2enm.com/v4/AAAACgAA2_E7qwwiu8z1hyiLhJ2bkgAA_SIol2A00864hDLeqTaeMPyDAn8zmzrfECT3_ykeqGUJjzjf5FT7hgxMCKjem0n_JGc2M7kEJI9vA1eeqwltR6qHgA2ep_94w9Ycoi4Sdm5IO0ULEM44cO

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae378cc0e18efafcf095c3e9e563635537e7bd409133a2c08897fa1bc5e91c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MjJhHVBN6Cyfjr8VH6V+aQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport;worker-src 'self', script-src 'nonce-MjJhHVBN6Cyfjr8VH6V+aQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-MjJhHVBN6Cyfjr8VH6V+aQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport;worker-src 'self', script-src 'nonce-MjJhHVBN6Cyfjr8VH6V+aQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AAAACgAA2_E7qwwiu8z1hyiLhJ2bkgAA_DhVDrw0107KjHozy3K-RoFAwU8IVZEZWh4PmXSEB6KZlalRqht4qJCf0ZVD7EvzVCfDDjpdBfuGv6wkNkteBeiQeGCFrPk5N5KqcIuBIcqsA9vkBdxTxUMTYxNzEzMDIxMzcyOA==%7C Show response
p.d.2enm.com/v4/ 0
384 B 70ms
18ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p.d.2enm.com/v4/AAAACgAA2_E7qwwiu8z1hyiLhJ2bkgAA_DhVDrw0107KjHozy3K-RoFAwU8IVZEZWh4PmXSEB6KZlalRqht4qJCf0ZVD7EvzVCfDDjpdBfuGv6wkNkteBeiQeGCFrPk5N5KqcIuBIcqsA9vkBdxTxUMTYxNzEzMDIxMzcyOA==%7C

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o8LOvMC/AkB0zkj07204Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport;worker-src 'self', script-src 'nonce-o8LOvMC/AkB0zkj07204Tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:13 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-o8LOvMC/AkB0zkj07204Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport;worker-src 'self', script-src 'nonce-o8LOvMC/AkB0zkj07204Tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 28 KB
9 KB 46ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:50:13 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref: Ref A: CC5D9F6E47124FFEB69DCF1359802DA2 Ref B: FRAEDGE1218 Ref C: 2021-03-30T18:50:13Z
etag: "804e75f6fd11d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8562

GET
H2 200 DesktopTopNav.jpg
static.winloot.com/images/vzk/ 131 KB
132 KB 57ms
47ms Image
image/jpeg 2600:9000:206f:dc00:2:268:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.winloot.com/images/vzk/DesktopTopNav.jpg
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/css/common.css?v=3.1039
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:2:268:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c950e7e505a7fd2b94945025460ca25bfe4ee1504b77ff0ba8968b298434156

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 05:24:31 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
last-modified: Mon, 07 Jan 2019 22:01:16 GMT
server: AmazonS3
age: 48343
etag: "c75f55d2d4b6921f61fa6a0c30a5047f"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 134453
x-amz-cf-id: SKbJ5HQkQioJLGmMQjnCgY2-jfs-zunmDNUvVvL0xOqdK3wNVAGILw==

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.winloot.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:24:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
age: 591963
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
expires: Wed, 23 Mar 2022 22:24:10 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ba0f48573cc9e7e9c073582fa327ed9682680e5e00a667c138881cc5709739d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.winloot.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 11:46:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:40 GMT
server: sffe
age: 198203
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15324
x-xss-protection: 0
expires: Mon, 28 Mar 2022 11:46:50 GMT

GET
H2 206 CoineNoise2Sec.wav
static.winloot.com/sounds/ 44 KB
44 KB 591ms
590ms Media
audio/x-wav 2600:9000:206f:dc00:2:268:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.winloot.com/sounds/CoineNoise2Sec.wav
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:2:268:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62b756566e6915a3b88cbb124c14d63ce14afb3d477591008726be6a28a7b30f

Request headers

Referer: https://www.winloot.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 30 Mar 2021 09:22:29 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
last-modified: Tue, 13 Nov 2018 15:22:35 GMT
server: AmazonS3
age: 34065
etag: "5b6459b67a1aaa82b210eb8c9848ab21"
x-cache: Hit from cloudfront
content-type: audio/x-wav
Content-Range: bytes 0-45035/45036
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
Content-Length: 45036
x-amz-cf-id: vnEL24ZI0uRi68BzqvDlL19iKRqrwaL-el5QRgADNaqzGnHxwpwFmw==

GET
H2 206 CoinNoise1sec.mp3
static.winloot.com/sounds/ 17 KB
18 KB 725ms
725ms Media
audio/mpeg 2600:9000:206f:dc00:2:268:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.winloot.com/sounds/CoinNoise1sec.mp3
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:2:268:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7350a3e25156cef3c4fbc4b5f0686a6e524ed15ec63cba58c75612dc642068de

Request headers

Referer: https://www.winloot.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 30 Mar 2021 06:02:51 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
last-modified: Tue, 13 Nov 2018 15:23:07 GMT
server: AmazonS3
age: 46043
etag: "2eac7ab8c95c98c83fa8ce79cde7e2de"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-17552/17553
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
Content-Length: 17553
x-amz-cf-id: olXjD6KN_36IYw1pSJ0Egcgazl9EGfj00roe3fbTDK8L778CZuomFg==

GET
H2 206 CoinNoise.5sec.mp3
static.winloot.com/sounds/ 10 KB
10 KB 872ms
872ms Media
audio/mpeg 2600:9000:206f:dc00:2:268:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.winloot.com/sounds/CoinNoise.5sec.mp3
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:dc00:2:268:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26f9d499c579b450814f2511d338fd1ee9bd20494b2f5b48ef6a1e10781c9336

Request headers

Referer: https://www.winloot.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 30 Mar 2021 06:13:28 GMT
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
last-modified: Tue, 13 Nov 2018 15:22:44 GMT
server: AmazonS3
age: 45406
etag: "77fd98d2ce05ed87360029f21126494e"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-10029/10030
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
Content-Length: 10030
x-amz-cf-id: s7vfyMcCi_mzhUv3pqwYCNahyvLTw7udxrUkFKTMw_Xe2Xat-Njtug==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069804508/ 2 KB
2 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069804508/?random=1617130213855&cv=9&fst=1617130213855&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d310ded44fa6d77c0f8a90454cb9979faf8b2fc8599efddcd13eae780ba29b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1016
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK Status Show response
www.winloot.com/Monitor/ 20 KB
20 KB 114ms
114ms XHR
text/html 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/Monitor/Status
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Scripts/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a41365d13451d89138410c0e0d4efd163bf1d240b721d92930df44a775059bc0

Request headers

Accept: */*
Referer: https://www.winloot.com/Site/Denied
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 30 Mar 2021 18:50:07 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 20531

GET
H/1.1 200
OK widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html Show response
platform.twitter.com/widgets/ Frame 374F 320 KB
104 KB 14ms
14ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.winloot.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9E) /
Resource Hash: a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.winloot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.winloot.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1720790
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Mar 2021 18:50:13 GMT
Etag: "e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B9E)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105690

GET
H2 204 0
bat.bing.com/action/ 0
148 B 32ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4029304&Ver=2&mid=a88c5486-9ae2-4743-bed2-b7f4648b553d&sid=c30b38b0918811eb95964725904eea74&vid=c30b83d0918811eb954377a8d4ea0497&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Winloot%20-%20Unavailable%20In%20Your%20Region&p=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&r=&lt=2121&evt=pageLoad&msclkid=N&sv=1&rn=982447
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 30 Mar 2021 18:50:13 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 3B948D74282D4D8195FDEE96059C6B89 Ref B: FRAEDGE1218 Ref C: 2021-03-30T18:50:13Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 43ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1069804508&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36371770-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10904a9d382f20058701975c1509b10f7e4deb0f1f00494b9d34d029f9b1aa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:50:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39057
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Mar 2021 18:50:13 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 35 KB
14 KB 74ms
43ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1069804508

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

bbff0182d1a1f1af97f7a7d94badc0a4df084f50c09a6213f59fa5305dc120d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13738
x-xss-protection: 0
server: cafe
etag: 10420051169657019655
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 18:50:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36371770-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 2106
date: Tue, 30 Mar 2021 18:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Tue, 30 Mar 2021 20:15:07 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1069804508/ 42 B
391 B 56ms
55ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069804508/?random=1617130213855&cv=9&fst=1617127200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&fmt=3&is_vtc=1&random=601457493&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1069804508/ 42 B
552 B 39ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069804508/?random=1617130213855&cv=9&fst=1617127200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&fmt=3&is_vtc=1&random=601457493&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 374F 183 B
411 B 173ms
127ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=0ab5fb993fbcc5cf34bfccc9f5e76efe4f17c07c

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.winloot.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 106
date: Tue, 30 Mar 2021 18:50:14 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 18:50:14 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: d89347d04a111e04d70a3c095e6e9027
strict-transport-security: max-age=631138519
content-length: 152

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
126 B 45ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=961326327&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&ul=en-us&de=UTF-8&dt=Winloot%20-%20Unavailable%20In%20Your%20Region&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGBAAUABAAAAAC~&jid=230451785&gjid=960896795&cid=1556715991.1617130214&tid=UA-36371770-1&_gid=510715482.1617130214&_r=1&gtm=2ou3h0&z=1374605525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winloot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 31ms
20ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=961326327&t=event&_s=2&dl=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&ul=en-us&de=UTF-8&dt=Winloot%20-%20Unavailable%20In%20Your%20Region&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=user_dimension&_u=oGBAAUABAAAAAC~&jid=&gjid=&cid=1556715991.1617130214&tid=UA-36371770-1&_gid=510715482.1617130214&gtm=2ou3h0&cd2=&z=1766946991

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 04:35:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51308
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069804508/ 2 KB
2 KB 52ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069804508/?random=1617130213984&cv=9&fst=1617130213984&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dd6a40185a39fae132f9248c83b64e43171d787863cf73340c06de7a62219da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069804508/ 2 KB
1 KB 82ms
69ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069804508/?random=1617130213985&cv=9&fst=1617130213985&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&ig=1&data=event%3Duser_dimension%3Buhash%3D&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4474687825f542de33a36888d58a94a687492e372bd583718ac733c8d76d8497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1064
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?tna=v2.0.1&aid=a-03ba&wpn=lc-bundle&pu=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&duid=bca5bbfbc6c7--01f227hmfms9gghvnga9mta57q&se=e30&dtstmp=1617130213992
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-03ba&wpn=lc-bundle&pu=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&duid=bca5bbfbc6c7--01f227hmfms9gghvnga9mta57q&se=e30&dtstmp=1617130213992&i6=MmEwMTo0Zjg...

13 B
569 B

338ms
102ms

XHR
application/json

52.86.196.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?tna=v2.0.1&aid=a-03ba&wpn=lc-bundle&pu=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&duid=bca5bbfbc6c7--01f227hmfms9gghvnga9mta57q&se=e30&dtstmp=1617130213992&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.196.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-196-188.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:50:14 GMT
x-pixel-event-id: 7030a7e4-1c58-4af7-93a2-12d82619b7e4
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 1
vary: Origin
content-length: 13
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: d49cf990116e3148

Redirect headers

date: Tue, 30 Mar 2021 18:50:14 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
location: https://rp4.liadm.com/j?tna=v2.0.1&aid=a-03ba&wpn=lc-bundle&pu=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&duid=bca5bbfbc6c7--01f227hmfms9gghvnga9mta57q&se=e30&dtstmp=1617130213992&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.winloot.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: b893ccf27eeee5c5
request-time: 0
content-length: 0
x-content-type-options: nosniff

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-36371770-1&cid=1556715991.1617130214&jid=230451785&gjid=960896795&_gid=510715482.1617130214&_u=oGBAAUAAAAAAAC~&z=2091969168

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Mar 2021 18:50:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.winloot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1069804508/ 42 B
112 B 58ms
57ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069804508/?random=1617130213984&cv=9&fst=1617127200000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&async=1&fmt=3&is_vtc=1&random=2894015196&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1069804508/ 42 B
530 B 44ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069804508/?random=1617130213984&cv=9&fst=1617127200000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&async=1&fmt=3&is_vtc=1&random=2894015196&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
271 B 30ms
29ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-36371770-1&cid=1556715991.1617130214&jid=230451785&_u=oGBAAUAAAAAAAC~&z=458028989

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
65 B 35ms
34ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-36371770-1&cid=1556715991.1617130214&jid=230451785&_u=oGBAAUAAAAAAAC~&z=458028989

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1069804508/ 42 B
66 B 40ms
39ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069804508/?random=1617130213985&cv=9&fst=1617127200000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&data=event%3Duser_dimension%3Buhash%3D&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&async=1&fmt=3&is_vtc=1&random=1594826261&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1069804508/ 42 B
66 B 19ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069804508/?random=1617130213985&cv=9&fst=1617127200000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3h0&sendb=1&data=event%3Duser_dimension%3Buhash%3D&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&async=1&fmt=3&is_vtc=1&random=1594826261&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 18:50:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winloot.com/	1970-01-19 17:13:36	Name: _uetsid Value: c30b38b0918811eb95964725904eea74
.winloot.com/	1970-01-19 17:13:36	Name: _gid Value: GA1.2.510715482.1617130214
.winloot.com/	1970-01-20 10:43:22	Name: _lc2_fpi Value: bca5bbfbc6c7--01f227hmfms9gghvnga9mta57q
.winloot.com/	1970-01-19 17:12:10	Name: _gat_gtag_UA_36371770_1 Value: 1
.winloot.com/	1970-01-20 10:43:22	Name: _ga Value: GA1.2.1556715991.1617130214
.winloot.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .winloot.com
.winloot.com/	1970-01-19 17:55:22	Name: CUID Value: N,1617130213772:ALHGLuQAAAAPTiwxNjE3MTMwMjEzNzcyUzsoWrF9DOrzqjOUWYBSmH9ROeHVIBuRD6oGJUNvh0VmcUWRa1f0Y9xzvmKw/yQKVnZw/C1OQ1j8r/6NrcBxFMyoVegROOyzQkzp5Q1Ug/Pu+vn7hUQgwWvW+4x2wuNS0ACLJOHt/gIgERmZuSoUJBmjw+vv0tlrDyn+07wYaIOPqTaw+qJme6O1JhFRA86Nfb8/a3ylWBf6i1vmsNI2NhE+oL2EHvMsgVmBbJ7FYPGa9FAGhbralMm8Et+svcRv05xWBedWsaK1KBYAS7BpXq1AGd+dqQmGdPk1xrLe2RCkt1cDSz/G7IRxmXz1NRgAj8RM/a5ZYug4hz29CkFZpw==
www.winloot.com/	1970-01-19 17:55:22	Name: WL_LAYOUT Value: ID=gf1fBTTAz7UPM1cbMOmGlQ==&CSS=D+9QbEXKomSAlb6JTvdVJx/WF4WqDjA6PE7cNIbkLTw=&SUF=Tjdmy0VSCVtRIpb7yvRClw==&ADC=hTrBGFJHfvWejme+Z80Bdw==&EXP=FALSE
.winloot.com/	1970-01-19 17:35:34	Name: _uetvid Value: c30b83d0918811eb954377a8d4ea0497
www.winloot.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: k514upnmxwuoxbqrk0t1hurg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-code.liadm.com
bat.bing.com
contributor.google.com
email.mg.winloot.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
p.d.2enm.com
platform.twitter.com
rp.liadm.com
rp4.liadm.com
secure.adnxs.com
static.winloot.com
stats.g.doubleclick.net
syndication.twitter.com
tag.perfectaudience.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.winloot.com
104.244.42.8
142.250.185.130
151.101.114.217
185.33.221.52
2600:1f18:730:b120:1f6b:b8df:cda6:ffc4
2600:9000:206f:dc00:2:268:2600:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6812:bcf
2620:1ec:c11::200
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2004
2a00:1450:4001:812::200e
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:400c:c00::9c
2a02:26f0:6c00::210:badb
44.238.83.190
52.21.228.160
52.86.196.188
03e3bf4f71ad94cdb180db4a58d470bf73a46efe6715c1173b0fd447d04cb3d1
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0efc85e6eebfe6b9aa34601a041df17b4a2a9febec1a76a3b9605f48c244c426
10904a9d382f20058701975c1509b10f7e4deb0f1f00494b9d34d029f9b1aa5c
1136f84db7704df75126ab728df0925bed6918dce51271484f6a8bae29918ea2
1295982ebdf7bd253fdefb02820b149e4ecb6fbf70106dae9c0cd9abe1d15ddb
1a6e059e6586d56c40e2904a0fbbf14a5c00cd396423c1663ceba6ad66c965b7
1ae378cc0e18efafcf095c3e9e563635537e7bd409133a2c08897fa1bc5e91c3
1c950e7e505a7fd2b94945025460ca25bfe4ee1504b77ff0ba8968b298434156
2675d2d890cf6e372afec413374a542617f9a79f5b1a084aa238bc2116ea2816
26f9d499c579b450814f2511d338fd1ee9bd20494b2f5b48ef6a1e10781c9336
28a71436ac0dc932da5f3bee332164e898ac890aba1e4ed9b6b7225e711fdd9d
2ea1836b9da6aa185e935fabb060935699829575363fdc593c97fbfe5ef7047f
33d4c7601998bd383738dcb9de16fe2a0d71ee0f7378ce936ab8955d543cb822
345741f4b4cf571a306feeb77dfad0098f7eaabfdfad65208aa47de3d443b721
36a326c783a12f72498d41fb32371da87fe0cbd1595248f3f154fd939f07f10c
3d5c0f99d3a1f778f4ece14cb7d99587aafcf3ac1714372ca05048536e6520e3
405e618189c1a394f045af79810a88c815a5df4e5e28c338f97aab689ed426fe
40cb29c6823e44efb83a3f11ea4d5f63f6ba7d029afa2058205dbecfa7d9ca30
4146d13492c51ed8cdea0b7e704f2dc839d486c0a5895f74cab37d0470015fc1
4474687825f542de33a36888d58a94a687492e372bd583718ac733c8d76d8497
44e3a23e117969db2533d2e0d7e1bd13a6c87a0fbb6e42868929ce738682fff4
499ed2eab31b86945ef30eecfab69f26b3be867fc3d51ec16b8eaf0d6e0038f2
4ba0f48573cc9e7e9c073582fa327ed9682680e5e00a667c138881cc5709739d
4e1e3e78fa030608fda94f8cbd8fa69bff2b7300febf9243d4ba664c307ec4fe
50f178316c34e1058d082379f13579d6343e09858ba9fea1c2b8c8e537198421
52e63816d8b679f42d993be492bb99c713067c028df87032d8fd54b4dde74e3f
55949df83494fbcb2fe71fabaaae0108dbeac98c8d8c0ff22f5b5f8247fdf389
55c6098fa90bd7ef1b43434546ff045a2f0ace1fa68dcdebca761975a14383b5
59b433cefe6bb1115502408961048b94168decd7fccc72d3d3a6d0009d93ddec
5ac68b973b51de63b2861b532d0819385850ec5833f50a4dcd3c13a315d0204b
5ada7a18d5286a65bcc65f8c5d7a674202b0079125e6141b1c9fb3bb271592c0
5dd6a40185a39fae132f9248c83b64e43171d787863cf73340c06de7a62219da
5e97275bb9aa10c30a2cd2b9978c3f3a85ecb8a3c17ace9fae33aa696e417843
5fb2937d4f136eba20499dea2ee71531d046da180f39d16cc2a1fb904f8aa898
62b756566e6915a3b88cbb124c14d63ce14afb3d477591008726be6a28a7b30f
7259a9af450bf7c672ba2b3f4c1c1bce9bf9e91c4820ae032ac989065a1ed8cb
7350a3e25156cef3c4fbc4b5f0686a6e524ed15ec63cba58c75612dc642068de
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d9c3aadac62869858af794adf28abf1720c88ec80ceb960152e973a2d936ed6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ef3e9712d1db9defde9af98521c439379a103bbf9b78679b2ff93631480af6
887ad483dbb92ca26aa2a7030643c545fe34e525c152db9d8927a8d14c133a82
8bbd8d5bc34a8f137d94ab2487e8287000b4aebb27d580ea76c3eb55892bf508
93f4dd3c5b2cef3ccc537de7e7285c420622626f72387ea06e7feb26dff5ec70
9469cb5999139af08a3d999ef5765edc26bf38b6a038411b290d9280e63cd170
9cd5d3ff4872d20f07c8443a5d1dff15e79ecf3c367dfae064dea93ed5d10053
a41365d13451d89138410c0e0d4efd163bf1d240b721d92930df44a775059bc0
a6ce9a009f60fee30bd85144ffcb3fbbb5c9ed030aa5a73878d0195c1e7dcf7e
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
b0e0af57cc9e25cd25e89c3bb7f884cba9592fc6521616f4b13b467374632587
b27ec2595ea128259b968383c3f6e5e3b4d0a3e2c7e70399c68c01254d43bff4
bb020fbd63f7f52804c123600d2e995ea0bdebad66e932ca8db99329ba3f09da
bb64c81741e64df26169d95d60fec8d82aa21531563d3a2a51bb3dd77be3049b
bbff0182d1a1f1af97f7a7d94badc0a4df084f50c09a6213f59fa5305dc120d9
c2e0787633e616a414524e6e4e00a8eb18640dd67c2f566cadd8c6b0e6f7bdb2
c771655a26103a33c2ea0c36e4b79674f897d1a7847897acfd73925b3fd58344
cb09ab0572c6a6549a782e2843218c00285cb737ae50fe29a5061ca96aff0234
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d310ded44fa6d77c0f8a90454cb9979faf8b2fc8599efddcd13eae780ba29b66
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d0f614fe452ad780d549d8056b7143e3fdd4b98b4491988ad92ecd9458a0dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f90c1a8f3486ec5057b778dd8d1a60133abc73d77dfbf739590f7118809657ea
fb17446a0ae8a6fd8cc85f7615a74be77ac6aad208050164c8cbe337dc3bfc9c

www.winloot.com Open in urlscan Pro 52.21.228.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

100 %HTTPS

70 %IPv6

16 Domains

23 Subdomains

21 IPs

4 Countries

957 kBTransfer

2351 kBSize

10 Cookies

3 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.winloot.com Open in urlscan Pro
52.21.228.160 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

100 %
HTTPS

70 %
IPv6

16
Domains

23
Subdomains

21
IPs

4
Countries

957 kB
Transfer

2351 kB
Size

10
Cookies

80 HTTP transactions
0 data transactions